samplesavenue.com Open in urlscan Pro
54.158.44.46  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://ec2-54-202-43-228.us-west-2.compute.amazonaws.com/x/d?c=26444673&l=63baf9d1-4878-4453-b7bd-b3ecda061179&r=badb6c16-968e-47d4-bb04-3806b8ccf14c HTTP 302
   https://yotifiles.com/show.php?l=0&u=660350&id=48090&tracking_id= Page URL
   
2. https://f.estivaltodayz.com/click?pid=1211&offer_id=8334&sub1=1176347137&sub2=660350 HTTP 302
   https://tracking.tgmfraz.com/aff_c?offer_id=1963&aff_id=1286&source=sv&aff_sub=1211&aff_sub2=635ee2cc0ef90b0001052f03 HTTP 302
   https://samplesavenue.com/halloween-candies/?lastname={lastname}&firstname={firstname}&gender={gender}&email={email}&birthdate={birthdate}&phone={phone}&address={address}&postal_code={postal_code}&locality={locality}&administrative_area_level_1={state}&source=sv&aff_sub=1211&aff_sub2=635ee2cc0ef90b0001052f03&aff_sub3=&hoid=102855be76c77df5649aa206c77e63 HTTP 302
   https://samplesavenue.com/halloween-candies?source=sv&aff_sub=1211&aff_sub2=635ee2cc0ef90b0001052f03&hoid=102855be76c77df5649aa206c77e63 HTTP 302
   https://samplesavenue.com/halloween-candies/signup/1 Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

• http://ec2-54-202-43-228.us-west-2.compute.amazonaws.com/x/d?c=26444673&l=63baf9d1-4878-4453-b7bd-b3ecda061179&r=badb6c16-968e-47d4-bb04-3806b8ccf14c HTTP 302
• https://yotifiles.com/show.php?l=0&u=660350&id=48090&tracking_id=

Request Chain 23

• https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16671628307480.5576327961758478 HTTP 301
• https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16671628307480.5576327961758478

Request Chain 25

• https://www.google.com/pagead/landing?gcs=G111&gcd=G100&rnd=1306054353.1667162831&url=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&gtm=2wgaq0P645S3F&auid=2023522486.1667162831 HTTP 302
• https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1306054353.1667162831&url=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&gtm=2wgaq0P645S3F&auid=2023522486.1667162831

Request Chain 29

• https://js.sddan.com/GS.d?pa=26948&c=Ifv2D&cmp=0&u=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&r=https%3A%2F%2Fyotifiles.com%2F&rand=1667162830895&gdpr=0&gdpr_consent=&globalscope=false&cookieless_ignore=0&fb_consent=0&tbp=true HTTP 307
• https://js.sddan.com/GS.d?pa=26948&c=Ifv2D&cmp=0&u=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&r=https%3A%2F%2Fyotifiles.com%2F&rand=1667162830895&gdpr=0&gdpr_consent=&globalscope=false&cookieless_ignore=0&fb_consent=0&tbp=true&bounce=1

Request Chain 62

• https://ib.adnxs.com/getuid?https://sync-uid.leadplace.fr/sync-uid.php?part=sirapp&id=%24UID&gdpr=0 HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync-uid.leadplace.fr%2Fsync-uid.php%3Fpart%3Dsirapp%26id%3D%2524UID%26gdpr%3D0 HTTP 302
• https://sync-uid.leadplace.fr/sync-uid.php?part=sirapp&id=376667701495622201&gdpr=0

Request Chain 63

• https://cm.g.doubleclick.net/pixel?google_nid=temelio_dmp&google_sc&google_cm&gdpr=0 HTTP 302
• https://tag.leadplace.fr/wappdbm.php?gdpr=0&google_gid=CAESELKBDRuKA5Ify3haiLN6V3c&google_cver=1

Request Chain 64

• https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fsync-uid.leadplace.fr%2Fsync-uid.php%3Fpart%3Dsirwebo%26id%3D{WEBO_CID}&gdpr=0 HTTP 302
• https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fsync-uid.leadplace.fr%2Fsync-uid.php%3Fpart%3Dsirwebo%26id%3D%7BWEBO_CID%7D&gdpr=0&bounce=1&random=1852243035 HTTP 302
• https://sync-uid.leadplace.fr/sync-uid.php?part=sirwebo&id=hEBTZER2Q8wuUBsAP42qAO&gdpr=0

Request Chain 67

• https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dnexus%26gdpr%3D0%26mv%3D$UID HTTP 302
• https://map.sddan.com/MAP.d?pa=1000&mn=nexus&gdpr=0&mv=376667701495622201

Request Chain 68

• https://asset.easydmp.net/collect_v2.img.php?gdpr=0&dmp=sirdmp&sirid=ZDVlNmU2ZDI4MWM1ZWYyYWM4ZGI4ZWE50qCJitIobqcxfXFYeXbGGRzh10VTgHQEZqe0W4LtzDBA4fX5eWii775TBIG8rMHX5%2F6HYPoAssSt&redirect=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dsquadata%26gdpr%3D0%26mv%3D%3Cu%3E HTTP 302
• https://map.sddan.com/MAP.d?pa=1000&mn=squadata&gdpr=0&mv=166716283370621390

Request Chain 69

• https://ps.eyeota.net/pixel?pid=cb2cb9u&uid=018da00eca02986a5beff0b6e52c3a30&t=gif&gdpr=0 HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=cb2cb9u&uid=018da00eca02986a5beff0b6e52c3a30&t=gif&gdpr=0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnZhc2pTdExrSU1DeHhEaUZ6UlBSaUJNTVdmbFh1WW5tdmZlWDh1dUZJLVU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=cb2cb9u HTTP 302
• https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=cb2cb9u&google_gid=CAESEHcC6LuVUXvlp3BQRo1eiqk&google_cver=1

Request Chain 70

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=3hoytaj&ttd_tpi=1&gdpr=0 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=3hoytaj&ttd_tpi=1&gdpr=0 HTTP 302
• https://js.sddan.com/MAP.d?mn=ttd&mv=1cbf6f02-94f8-4c05-966f-72365673d253&gdpr_consent=%%GDPR_CONSENT%%

Request Chain 72

• https://dpm.demdex.net/ibs:dpid=184561&dpuuid=ZDVlNmU2ZDI4MWM1ZWYyYWM4ZGI4ZWE5HoGzDTfi8k%2BRlZEgnM3Ioy3ePMKzYj9JLejFVN%2FTTYKG66VDyUhrntq3LFtvRgFvM3tP42Gw0OgB&redir=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dadobe%26gdpr%3D0%26mv%3D%24%7BDD_UUID%7D&gdpr=0 HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=184561&dpuuid=ZDVlNmU2ZDI4MWM1ZWYyYWM4ZGI4ZWE5HoGzDTfi8k%2BRlZEgnM3Ioy3ePMKzYj9JLejFVN%2FTTYKG66VDyUhrntq3LFtvRgFvM3tP42Gw0OgB&redir=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dadobe%26gdpr%3D0%26mv%3D%24%7BDD_UUID%7D&gdpr=0 HTTP 302
• https://map.sddan.com/MAP.d?pa=1000&mn=adobe&gdpr=0&mv=74506071989844254010623480623926462510

Request Chain 73

• https://s.amazon-adsystem.com/dcm?pid=093bc165-6022-4c64-906d-9ad8ef70aec4&id=70641402615db8281cca245849dae3f8&gdpr=0 HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=093bc165-6022-4c64-906d-9ad8ef70aec4&id=70641402615db8281cca245849dae3f8&gdpr=0&dcc=t

Request Chain 75

• https://fr-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_684503&trb.partnerID=24234&trb.partnervisitorID=f3543e532b019e4b6ddf04205a869d17&src.rand=1667162832&gdpr=0 HTTP 302
• https://fr-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_989214&trb.partnerID=35514&trb.partnervisitorID=f3543e532b019e4b6ddf04205a869d17&src.rand=1667162832&gdpr=0&gdpr_consent=

Request Chain 76

• https://odr.mookie1.com/t/v2/sync?tagid=V2_623639&src.visitorId=ZDVlNmU2ZDI4MWM1ZWYyYWM4ZGI4ZWE5YnxgaSfcpLjBedL6bRSWhUbhQHVtSs4R5TkCp2HQv4Qc6FIZVZujHnoR0%2B%2FMIHXmU%2Fw26kN4435o&gdpr=0 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10597532877335112049&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_607875%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10597532877335112049&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_607875%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://odr.mookie1.com/t/v2?tagid=V2_607875&src.visitorid=ca7e6b49-adcd-44ba-be5b-925bdd262d51&gdpr=0&gdpr_consent=

Request Chain 77

• https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dweborama%26gdpr%3D0%26mv%3D{WEBO_CID}&gdpr=0 HTTP 302
• https://map.sddan.com/MAP.d?pa=1000&mn=weborama&gdpr=0&mv=hEBTZER2Q8wuUBsAP42qAO

Request Chain 79

• https://cm.g.doubleclick.net/pixel?google_nid=s1r_ddp&google_hm=NWFlMTVhMDU0NjViNTcyMTYzNWU3ZWEyMjVhOTM3YTk%3D&google_redir=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dgoogle%26gdpr%3D0%26mv%3DEXT%257C5ae15a05465b5721635e7ea225a937a9&gdpr=0 HTTP 302
• https://map.sddan.com/MAP.d?pa=1000&mn=google&gdpr=0&mv=EXT%7C5ae15a05465b5721635e7ea225a937a9&gdpr=0

Request Chain 81

• https://ads.stickyadstv.com/data-registering?dataProviderId=1361&redirectId=1729&gdpr=0 HTTP 302
• https://map.cookieless-data.com/MAP.d?mn=freewheel&pa=25997&mv=6e5fa92f4d71ee0123998904e9166f2&gdpr=0 HTTP 307
• https://map.sddan.com/MAP.d?mn=freewheel&pa=25997&mv=6e5fa92f4d71ee0123998904e9166f2&gdpr=0

Request Chain 82

• https://a.audrte.com/match?uid=eb7480ee5deb8acc9069127bd86311fc&p=M646759765&gdpr=0&redirect=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Daudiencerate%26gdpr%3D0%26mv%3Deb7480ee5deb8acc9069127bd86311fc HTTP 302
• https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9tYXAuc2RkYW4uY29tL01BUC5kP21uXHUwMDNkYXVkaWVuY2VyYXRlXHUwMDI2bXZcdTAwM2RnbTc0blkxandsa1E4cTZVaExEU1U5azVnXHUwMDI2Z2Rwclx1MDAzZDBcdTAwMjZnZHByX2NvbnNlbnRcdTAwM2QiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
• https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&r=eyJ1IjoiaHR0cHM6Ly9tYXAuc2RkYW4uY29tL01BUC5kP21uXHUwMDNkYXVkaWVuY2VyYXRlXHUwMDI2bXZcdTAwM2RnbTc0blkxandsa1E4cTZVaExEU1U5azVnXHUwMDI2Z2Rwclx1MDAzZDBcdTAwMjZnZHByX2NvbnNlbnRcdTAwM2QiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
• https://a.audrte.com/a?adform_uid=6214495667242069173&r=eyJ1IjoiaHR0cHM6Ly9tYXAuc2RkYW4uY29tL01BUC5kP21uXHUwMDNkYXVkaWVuY2VyYXRlXHUwMDI2bXZcdTAwM2RnbTc0blkxandsa1E4cTZVaExEU1U5azVnXHUwMDI2Z2Rwclx1MDAzZDBcdTAwMjZnZHByX2NvbnNlbnRcdTAwM2QiLCJkIjpbXX0%3D HTTP 302
• https://map.sddan.com/MAP.d?mn=audiencerate&mv=gm74nY1jwlkQ8q6UhLDSU9k5g&gdpr=0&gdpr_consent=

Request Chain 83

• https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dpubmatic%26gdpr%3D0%26mv%3D%23PM_USER_ID HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dpubmatic%26gdpr%3D0%26mv%3D%23PM_USER_ID&rdf=1 HTTP 302
• https://map.sddan.com/MAP.d?pa=1000&mn=pubmatic&gdpr=0&mv=64C0D907-1C7F-4357-B35C-4E3AAB562989

Request Chain 84

• https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dsmart%26gdpr%3D0%26mv%3D%5Bsas_uid%5D HTTP 302
• https://sync.smartadserver.com/getuid?gdpr=0&url=https://map.sddan.com/MAP.d?pa=1000&mn=smart&gdpr=0&mv=[sas_uid]&cklb=1

Request Chain 85

• https://cms.analytics.yahoo.com/cms?partner_id=SIRTA&gdpr=false HTTP 302
• https://map.sddan.com/MAP.d?mn=yahoo&mv=y-z9r91HJE2oNFuynn.fd2y5.xKXLJOgDkhsk-~A

Request Chain 86

• https://loadeu.exelator.com/load/?p=396&g=001&j=0&gdpr=0 HTTP 302
• https://loadeu.exelator.com/load/?p=396&g=001&j=0&gdpr=0&xl8blockcheck=1 HTTP 302
• https://map.sddan.com/MAP.d?mn=exelate&mv=4168142a740c375772749fdb4532543d&gdpr=&gdpr_consent=

Request Chain 87

• https://sync.crwdcntrl.net/map/c=4136/tp=SIRD/?gdpr=0&https://map.sddan.com/MAP.d?pa=1000&mn=lot&gdpr=0&mv=${profile_id} HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=4136/tp=SIRD/?gdpr=0&https://map.sddan.com/MAP.d?pa=1000&mn=lot&gdpr=0&mv=${profile_id}

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	show.php yotifiles.com/ Redirect Chain http://ec2-54-202-43-228.us-west-2.compute.amazonaws.com/x/d?c=26444673&l=63baf9d1-4878-4453-b7bd-b3ecda061179&r=badb6c16-968e-47d4-bb04-3806b8ccf14c https://yotifiles.com/show.php?l=0&u=660350&id=48090&tracking_id=	630 B 751 B	462ms 393ms	Document text/html	2606:4700:3034::ac43:a3ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yotifiles.com/show.php?l=0&u=660350&id=48090&tracking_id= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a3ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 762701197d6f189d-EWR content-encoding br content-type text/html; charset=UTF-8 date Sun, 30 Oct 2022 20:47:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RU8IofAZ6sdl2eDzbaipK5N8mQAfwJzBVr6UqktOIT%2BD2QSncc%2FzkRofVQk%2FUwZFrG%2BtLcNrj7LNDGoe%2BiQ1%2FUgMPf3ws9Ig3u2lyJn1wqEXfFjIbNupo34i2OyogI5gTN8zEK8%2BpsYRtUoK"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers Content-Type Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Access-Control-Allow-Origin * Cache-Control private Content-Length 194 Content-Type text/html; charset=utf-8 Date Sun, 30 Oct 2022 20:47:04 GMT Location https://yotifiles.com/show.php?l=0&u=660350&id=48090&tracking_id= Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-AspNetMvc-Version 5.2 X-Powered-By ASP.NET
GET H2	200	Primary Request 1 Show response samplesavenue.com/halloween-candies/signup/ Redirect Chain https://f.estivaltodayz.com/click?pid=1211&offer_id=8334&sub1=1176347137&sub2=660350 https://tracking.tgmfraz.com/aff_c?offer_id=1963&aff_id=1286&source=sv&aff_sub=1211&aff_sub2=635ee2cc0ef90b0001052f03 https://samplesavenue.com/halloween-candies/?lastname={lastname}&firstname={firstname}&gender={gender}&email={email}&birthdate={birthdate}&phone={phone}&address={address}&postal_code={postal_code}&... https://samplesavenue.com/halloween-candies?source=sv&aff_sub=1211&aff_sub2=635ee2cc0ef90b0001052f03&hoid=102855be76c77df5649aa206c77e63 https://samplesavenue.com/halloween-candies/signup/1	28 KB 8 KB	70ms 63ms	Document text/html	54.158.44.46 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://samplesavenue.com/halloween-candies/signup/1 Requested by Host: yotifiles.com URL: https://yotifiles.com/show.php?l=0&u=660350&id=48090&tracking_id= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.158.44.46 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-158-44-46.compute-1.amazonaws.com Software / Resource Hash 8a3570c2784ffb6b022d44ea6e87313532bec4c8f2555118b8a5725ddc1bd575 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://yotifiles.com/show.php?l=0&u=660350&id=48090&tracking_id= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 30 Oct 2022 20:47:09 GMT strict-transport-security max-age=31536000; includeSubDomains Redirect headers cache-control no-cache, private content-type text/html; charset=UTF-8 date Sun, 30 Oct 2022 20:47:09 GMT location https://samplesavenue.com/halloween-candies/signup/1 strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	app.js Show response samplesavenue.com/js/	942 KB 944 KB	144ms 94ms	Script application/javascript	54.158.44.46 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://samplesavenue.com/js/app.js?id=21f7d4e6c1d5af1453e3 Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.158.44.46 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-158-44-46.compute-1.amazonaws.com Software / Resource Hash 41fe377470ae6b7aa770241ed2674f7905dd0b78689754b4384f142166f8af2c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/halloween-candies/signup/1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:09 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Sun, 30 Oct 2022 19:13:32 GMT accept-ranges bytes etag "635eccdc-eb9db" content-length 965083 content-type application/javascript
GET H2	200	app.css samplesavenue.com/css/	239 KB 240 KB	90ms 40ms	Stylesheet text/css	54.158.44.46 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://samplesavenue.com/css/app.css?id=b245adff1dd0b543463a Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.158.44.46 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-158-44-46.compute-1.amazonaws.com Software / Resource Hash ac2a143aaac80b0b8dba1432b95b7faf5ba244b726e29b5ca63540182a9707e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/halloween-candies/signup/1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:09 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Sun, 30 Oct 2022 19:13:32 GMT accept-ranges bytes etag "635eccdc-3bd22" content-length 245026 content-type text/css
GET H2	200	snapchat.css samplesavenue.com/css/themes/	11 KB 12 KB	119ms 92ms	Stylesheet text/css	54.158.44.46 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://samplesavenue.com/css/themes/snapchat.css?id=83ba65fc3e723f128bf6 Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.158.44.46 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-158-44-46.compute-1.amazonaws.com Software / Resource Hash bd7d3a95116fa77e0bd059153cc57cb2a884be4ab5c85fe38f5316bdd1f89db3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/halloween-candies/signup/1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:09 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Sun, 30 Oct 2022 19:13:32 GMT accept-ranges bytes etag "635eccdc-2d03" content-length 11523 content-type text/css
GET H2	200	js Show response www.googletagmanager.com/gtag/	93 KB 37 KB	118ms 35ms	Script application/javascript	2607:f8b0:4006:816::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id= Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 45879ae384301f763250b8c0e72c893c4092e4adb26337f5d7db636b9cc04a43 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37406 x-xss-protection 0 last-modified Sun, 30 Oct 2022 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 30 Oct 2022 20:47:09 GMT
GET H2	200	stub Show response cache.consentframework.com/js/pa/26948/c/Ifv2D/	2 KB 1 KB	170ms 15ms	Script text/javascript	2606:4700:20::ac43:4a69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cache.consentframework.com/js/pa/26948/c/Ifv2D/stub Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cca541a23d05f6de413291b10373940c7d7731bcd014006c87bec4dfeb58bce0 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/halloween-candies/signup/1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:09 GMT strict-transport-security max-age=15724800; includeSubDomains; preload content-encoding br cf-cache-status HIT last-modified Sun, 30 Oct 2022 20:04:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2568 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yEwJ%2FXMcqFjhcFUvtuaVPXQLia1spb%2FLl2mptlxFJfOsPJFIPRGT3Hu8bKRvYtctPVwmlwR%2BPs71vwlsLXlVdmoZdO1w076UV12y5Kno0yMY%2BxGMSuWRBYFDqp3vpjAnxYRKnQQZ2tPHfYpN1C9S7kLD8AnA1L6"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 cache-control max-age=3600 cf-ray 76270124e9be179d-EWR
GET H/1.1	200 OK	cmp Show response choices.consentframework.com/js/pa/26948/c/Ifv2D/	817 KB 208 KB	416ms 131ms	Script text/javascript	212.129.3.113 Online SAS
General Check archive.org Show headers Download Go to Full URL https://choices.consentframework.com/js/pa/26948/c/Ifv2D/cmp Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.129.3.113 Saint-Andre-d'Olerargues, France, ASN12876 (Online SAS, FR), Reverse DNS 212-129-3-113.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash 4d83325498b00d1708a81c6c78969313a4e5024827368ee05fb749c916aadc78 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/halloween-candies/signup/1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sun, 30 Oct 2022 20:47:10 GMT Content-Encoding gzip Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Transfer-Encoding chunked Content-Type text/javascript; charset=UTF-8 Cache-Control private, max-age=3600 Connection keep-alive
GET H2	200	450x70-2089.svg imgs.tagadamedia.com/media/us/20/	27 KB 10 KB	233ms 73ms	Image image/svg+xml	185.93.1.244 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://imgs.tagadamedia.com/media/us/20/450x70-2089.svg Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.93.1.244 Chicago, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-185-93-1-244.datapacket.com Software BunnyCDN-IL-845 / Resource Hash 861e6d86e2e7926a655dd7f060d4cb42fbc1d1ff42f93e4c1cdcd5a78d1a8023 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:10 GMT content-encoding gzip cdn-edgestorageid 941 x-amz-request-id 8YHHFB0W5PY6CX7J cdn-cachedat 08/03/2022 13:25:19 cdn-pullzone 61945 x-amz-id-2 fJmDSTX+s/qR+M+mQU2yoi2YqYRGmN70aGjirKThvtHsawpNa06/Ujdb2pDr0yB1J1uA724UA84= last-modified Mon, 24 Jan 2022 11:11:38 GMT server BunnyCDN-IL-845 cdn-proxyver 1.02 cdn-requestpullcode 206 vary Accept-Encoding content-type image/svg+xml cdn-cache HIT cdn-uid 5d127034-96a6-45e8-a482-4f40615f18db cache-control public, max-age=2592000 cdn-requestid d35bc8a1ba3c6b19ef94e729c8b18554 cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET H2	200	1680x870-copieus-1837.jpg imgs.tagadamedia.com/media/us/18/	2 MB 2 MB	215ms 72ms	Image image/jpeg	185.93.1.244 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://imgs.tagadamedia.com/media/us/18/1680x870-copieus-1837.jpg Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.93.1.244 Chicago, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-185-93-1-244.datapacket.com Software BunnyCDN-IL-845 / Resource Hash 37f2159d5df8678c74d7acd49563c1edabbfe73114c29cf350043d66f72d0e76 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:10 GMT cdn-edgestorageid 894 x-amz-request-id G1SY6NS81H3FB113 cdn-cachedat 10/25/2022 01:44:07 cdn-pullzone 61945 content-length 2046167 x-amz-id-2 4wbWSMx6t0endCOu84YK56bZZOQndTIdBzQrnqLzqkKFAi7kqlNKRp8oq2tbiM0M79g3mVPJO5A= last-modified Wed, 13 Oct 2021 09:35:36 GMT server BunnyCDN-IL-845 cdn-proxyver 1.03 cdn-requestpullcode 206 content-type image/jpeg cdn-cache HIT cdn-uid 5d127034-96a6-45e8-a482-4f40615f18db cache-control public, max-age=2592000 cdn-requestid d81577579414c35d3bef6df162d6b430 accept-ranges bytes cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET H2	200	750x350-copieus-1836.jpg imgs.tagadamedia.com/media/us/18/	2 MB 2 MB	181ms 39ms	Image image/jpeg	185.93.1.244 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://imgs.tagadamedia.com/media/us/18/750x350-copieus-1836.jpg Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.93.1.244 Chicago, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-185-93-1-244.datapacket.com Software BunnyCDN-IL-845 / Resource Hash 7b33b6db09b5cedb71be0abb3fea454f98a2425a1d7dcc3166749e7cc9eb0b93 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:10 GMT cdn-edgestorageid 718 x-amz-request-id G1SJMRJM2QZQBTAZ cdn-cachedat 10/25/2022 01:44:07 cdn-pullzone 61945 content-length 1680103 x-amz-id-2 /xRPSF8gstT4i+bJAQhkla/GsUtO1mHh2MWHVkGBYWZqn8X0BWCrVDeeBXS0CGa54a4RcVI9xpE= last-modified Wed, 13 Oct 2021 09:35:36 GMT server BunnyCDN-IL-845 cdn-proxyver 1.02 cdn-requestpullcode 206 content-type image/jpeg cdn-cache HIT cdn-uid 5d127034-96a6-45e8-a482-4f40615f18db cache-control public, max-age=2592000 cdn-requestid 9d637201b094561d6f8a4d22a00ec11f accept-ranges bytes cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ehawktalon.js Show response samplesavenue.com/	43 KB 43 KB	77ms 49ms	Script application/javascript	54.158.44.46 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://samplesavenue.com/ehawktalon.js Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.158.44.46 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-158-44-46.compute-1.amazonaws.com Software / Resource Hash 6168d2efb0d3eb49178246a7e68b1d3dc71e0314c46876aa10eb258bb61f6171 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/halloween-candies/signup/1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:09 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 02 Aug 2022 09:45:52 GMT accept-ranges bytes etag "62e8f250-ab47" content-length 43847 content-type application/javascript
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	125ms 54ms	Stylesheet text/css	2607:f8b0:4006:816::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:500,800 Requested by Host: samplesavenue.com URL: https://samplesavenue.com/css/themes/snapchat.css?id=83ba65fc3e723f128bf6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7462fcf5052aaaf98b613f35145a459ca1251ad3c123259acf617e1aefd64d42 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 30 Oct 2022 20:47:10 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 30 Oct 2022 20:47:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 30 Oct 2022 20:47:10 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	251 KB 71 KB	65ms 53ms	Script application/javascript	2607:f8b0:4006:816::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P645S3F Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7900c0e875cbee123e4e86763edac9a2cbf1327867025782ecc61ea52ca5eab6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 72608 x-xss-protection 0 last-modified Sun, 30 Oct 2022 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 30 Oct 2022 20:47:10 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v25/	30 KB 31 KB	100ms 30ms	Font font/woff2	2607:f8b0:4006:816::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:500,800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://samplesavenue.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 28 Oct 2022 10:24:41 GMT x-content-type-options nosniff age 210149 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 28 Oct 2023 10:24:41 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	77ms 76ms	Script application/javascript	2607:f8b0:4006:816::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-61353733-5&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 207bb1f02ddc487b6f39c34c765fdd4dcfd840536e810b31d87a0dfd8b630954 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43654 x-xss-protection 0 last-modified Sun, 30 Oct 2022 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 30 Oct 2022 20:47:10 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	213 KB 75 KB	94ms 93ms	Script application/javascript	2607:f8b0:4006:816::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-7NEF16H3WB&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d3737f009c556b58e3ed94ae3cad65cd410f114205bc8e415a6c653e8ce8ca52 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76295 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sun, 30 Oct 2022 20:47:10 GMT
POST H2	200	sponso Show response samplesavenue.com/halloween-candies/	89 KB 4 KB	141ms 125ms	XHR text/html	54.158.44.46 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://samplesavenue.com/halloween-candies/sponso Requested by Host: samplesavenue.com URL: https://samplesavenue.com/js/app.js?id=21f7d4e6c1d5af1453e3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.158.44.46 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-158-44-46.compute-1.amazonaws.com Software / Resource Hash 05649ac2f77deacd777a1b0ffccbbb0b78f14401592965f6889142acc9192515 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Referer https://samplesavenue.com/halloween-candies/signup/1 X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:10 GMT cache-control no-cache, private content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains content-type text/html; charset=UTF-8
GET H2	200	arrow.png samplesavenue.com/images/	520 B 1 KB	49ms 32ms	Image image/png	54.158.44.46 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://samplesavenue.com/images/arrow.png?7f2569fbaa873919c1f0c3d4904688e9 Requested by Host: samplesavenue.com URL: https://samplesavenue.com/css/themes/snapchat.css?id=83ba65fc3e723f128bf6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.158.44.46 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-158-44-46.compute-1.amazonaws.com Software / Resource Hash a559b0b063bf93ec5697e973d579dc0f943b912307d5793f29413311494d120d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/css/themes/snapchat.css?id=83ba65fc3e723f128bf6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:10 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Sun, 30 Oct 2022 19:13:32 GMT accept-ranges bytes etag "635eccdc-208" content-length 520 content-type image/png
GET H2	200	hotjar-892525.js Show response static.hotjar.com/c/	4 KB 2 KB	197ms 114ms	Script application/javascript	18.161.34.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-892525.js?sv=6 Requested by Host: yotifiles.com URL: https://yotifiles.com/show.php?l=0&u=660350&id=48090&tracking_id= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.161.34.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-161-34-23.bos50.r.cloudfront.net Software / Resource Hash 66028d6065f0b4574acc448d8f454b326208b5dfc4d69245e2ba857421b009a5 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:10 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 dc2c9775397edd7b6dcd6264e93076ba.cloudfront.net (CloudFront) x-amz-cf-pop BOS50-P2 etag W/69f4d823a92dd251fbd80ed43b874e27 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id bLk_IiEsIcUxeghxiKNrDW8vSTQGSQj_ojJq3sKC7uVQzIxxTEAy9A==
GET H2	200	5cc0bb93e04a8c20b5240228 Show response api.pushnami.com/scripts/v1/pushnami-adv/	91 KB 19 KB	114ms 35ms	Script application/javascript	18.161.21.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.pushnami.com/scripts/v1/pushnami-adv/5cc0bb93e04a8c20b5240228 Requested by Host: yotifiles.com URL: https://yotifiles.com/show.php?l=0&u=660350&id=48090&tracking_id= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.161.21.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-161-21-58.bos50.r.cloudfront.net Software / Resource Hash 8477e6339dacb74ac6933690c23ef85d71403373a5ffab1bcfa2de9cddfe3d3c Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:39:09 GMT content-encoding gzip via 1.1 521101b4b5baafcfa7548a73a3442cea.cloudfront.net (CloudFront) x-amz-cf-pop BOS50-P1 age 481 vary accept-encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control no-cache x-amz-cf-id N-GQPIIxnFGPPQGrit9_9pzSdGZy1WrSDmqNrT1RJ63aPCf1rRWm9w==
GET H2	200	sdk.js Show response analytics.tiktok.com/i18n/pixel/	125 KB 38 KB	218ms 41ms	Script application/javascript	23.36.1.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BRK97NBJ857475I0MEDG Requested by Host: yotifiles.com URL: https://yotifiles.com/show.php?l=0&u=660350&id=48090&tracking_id= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.1.11 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-1-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 73627275c174b7946177a0777a45ac3f8d43aecc8981ad2a9b270d3610fad3b4 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:10 GMT content-encoding gzip x-akamai-request-id 1f50401d x-tt-trace-tag id=16;cdn-cache=miss;type=dyn server nginx x-tt-logid 2022103020471090B7037449F0A05C3EF0 vary Accept-Encoding x-cache TCP_MISS from a23-36-1-7.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-) content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 16,23.36.1.7 x-tt-trace-host 01d035e8b11131fb292575ae5c23a06c3feae7740205a038ec43dd674f7910509bc0d3386417b6f9d34d81322b3b992daf4bbaf6c72e5caf47bea43f097906d82ee3675e4d16795d1e53f60e5ddeea786b server-timing inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=16 expires Sun, 30 Oct 2022 20:47:10 GMT
GET H2	200	ytc.js Show response s.yimg.com/wi/	16 KB 6 KB	101ms 31ms	Script application/javascript	2001:4998:14:800::1000 YAHOO
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wi/ytc.js Requested by Host: yotifiles.com URL: https://yotifiles.com/show.php?l=0&u=660350&id=48090&tracking_id= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US), Reverse DNS Software ATS / Resource Hash 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:46:55 GMT x-amz-version-id .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C content-encoding gzip strict-transport-security max-age=15552000 x-content-type-options nosniff x-amz-request-id AJ83H0V8BFSW5PTN age 16 x-amz-server-side-encryption AES256 x-amz-id-2 Kt7CM9L3EjCgGqSWbtCkPue41QF0lfvCFRyFGNVeRoau1Ol+/Tymdl03ItAbWoxias7mXzkqR7A= x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade x-amz-expiration expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle" last-modified Tue, 14 Jun 2022 12:21:31 GMT server ATS etag "6a624022b5d271dcefb070b0b6670abc-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Accept-Encoding content-type application/javascript cache-control public,max-age=3600 accept-ranges bytes
GET H/1.1	200 OK	tag.js Show response data.perfmaker.net/website/614210c6324d8/	4 KB 2 KB	596ms 108ms	Script application/javascript	212.83.189.65 Online SAS
General Check archive.org Show headers Download Go to Full URL https://data.perfmaker.net/website/614210c6324d8/tag.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P645S3F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.83.189.65 Asnieres-les-Dijon, France, ASN12876 (Online SAS, FR), Reverse DNS 212-83-189-65.rev.poneytelecom.eu Software / Express Resource Hash 2967abced6ab11ac76c88d47e4e065ebcb08073100cc819dbe19c59144d66991 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:11 GMT content-encoding gzip x-powered-by Express etag W/"fac-BYdJ4jA6vC3Vk6Yv6yhwQ8HkLiY" vary Origin, Accept-Encoding transfer-encoding chunked content-type application/javascript; charset=utf-8 cache-control private access-control-allow-credentials true keep-alive timeout=5
GET H2	200	bootstrap.js Show response cdn.trustedform.com/ Redirect Chain https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16671628307480.5576327961758478 https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16671628307480.5576327961758478	8 KB 4 KB	195ms 115ms	Script application/javascript	2600:9000:24eb:d000:1c:7f1a:6680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16671628307480.5576327961758478 Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol H2 Server 2600:9000:24eb:d000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 00b38ca12e230a61d08701d7fe2da4b7ec41b510d6af7712cc41b34e8b971de8 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:12 GMT x-amz-version-id zf4ijuzvSsU0Tal.ZZJLDHqE7VqwjEi9 content-encoding gzip last-modified Mon, 24 Oct 2022 17:48:28 GMT server AmazonS3 via 1.1 8f50ae604f3eeac2baebf2a9b8332a82.cloudfront.net (CloudFront) x-amz-cf-pop BOS50-P1 etag W/"647d5353b63df3b4ed201da87c98cc2d" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id wwy8DNltDB7CszHH9NDG8cWk-YUvgFOhL7wUydSfA0Y8AnOp5TPkbA== Redirect headers location https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16671628307480.5576327961758478 date Sun, 30 Oct 2022 20:47:10 GMT server awselb/2.0 content-length 134 content-type text/html
GET H2	200	beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js Show response create.lidstatic.com/campaign/	123 KB 39 KB	112ms 31ms	Script text/javascript	2606:4700:10::6816:27b6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://create.lidstatic.com/campaign/beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js?snippet_version=2 Requested by Host: yotifiles.com URL: https://yotifiles.com/show.php?l=0&u=660350&id=48090&tracking_id= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09c1fadba039794bdbc4d5601b28c4f552028d5a49209b5aa8316483634f80e6 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:10 GMT x-amz-version-id C0ArZgU5VyyGfHMzwlfuO_22EOgyVHi9 content-encoding gzip cf-cache-status HIT last-modified Fri, 12 Nov 2021 01:06:02 GMT server cloudflare x-amz-request-id 5FTX74MESRZ80Z7F age 1130 etag W/"a26a2a7efa03d037874965870726da4a" vary Accept-Encoding content-type text/javascript cache-control max-age=1800 x-amz-replication-status COMPLETED cf-ray 7627012cbed29e17-EWR x-amz-id-2 KWXCuhEOVBm99IPc/TIsLxbusu/MGRBF75Btk1IiX0FkHdYWm9qVI9XrdiLnd6sKzrduxTBbvGM=
GET H3	200	landing googleads.g.doubleclick.net/pagead/ Redirect Chain https://www.google.com/pagead/landing?gcs=G111&gcd=G100&rnd=1306054353.1667162831&url=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&gtm=2wgaq0P645S3F&auid=2023522486.1667162831 https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1306054353.1667162831&url=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&gtm=2wgaq0P645S3F&auid=2023522486...	42 B 66 B	84ms 36ms	Ping image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1306054353.1667162831&url=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&gtm=2wgaq0P645S3F&auid=2023522486.1667162831 Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol H3 Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:11 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 30 Oct 2022 20:47:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1306054353.1667162831&url=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&gtm=2wgaq0P645S3F&auid=2023522486.1667162831 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/973571488/	2 KB 2 KB	108ms 43ms	Script text/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973571488/?random=1667162830739&cv=11&fst=1667162830739&bg=ffffff&guid=ON&async=1&gtm=2wgaq0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&ref=https%3A%2F%2Fyotifiles.com%2F&tiba=Samples%20Avenue%20%3A%20Halloween%20Candies&auid=2023522486.1667162831&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P645S3F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7ebc8c6a145a784f00dbcc72e564d980aa501b51112727ea80957d5538be9cee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:10 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 959 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect www.google-analytics.com/g/	0 172 B	95ms 37ms	Ping text/plain	2607:f8b0:4006:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-7NEF16H3WB&gtm=2oeaq0&_p=1023212067&gcs=G111&cid=1624694186.1667162831&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667162830&sct=1&seg=0&dl=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&dr=https%3A%2F%2Fyotifiles.com%2F&dt=Samples%20Avenue%20%3A%20Halloween%20Candies&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-7NEF16H3WB&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://samplesavenue.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	75ms 20ms	Script text/javascript	2607:f8b0:4006:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-61353733-5&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 30 Oct 2022 19:53:39 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 3211 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Sun, 30 Oct 2022 21:53:39 GMT
GET H/1.1	200 OK	GS.d Show response js.sddan.com/ Redirect Chain https://js.sddan.com/GS.d?pa=26948&c=Ifv2D&cmp=0&u=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&r=https%3A%2F%2Fyotifiles.com%2F&rand=1667162830895&gdpr=0&gdpr_consent=&globalsc... https://js.sddan.com/GS.d?pa=26948&c=Ifv2D&cmp=0&u=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&r=https%3A%2F%2Fyotifiles.com%2F&rand=1667162830895&gdpr=0&gdpr_consent=&globalsc...	11 KB 6 KB	124ms 124ms	Script text/javascript	212.83.160.162 Online SAS
General Check archive.org Show headers Download Go to Full URL https://js.sddan.com/GS.d?pa=26948&c=Ifv2D&cmp=0&u=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&r=https%3A%2F%2Fyotifiles.com%2F&rand=1667162830895&gdpr=0&gdpr_consent=&globalscope=false&cookieless_ignore=0&fb_consent=0&tbp=true&bounce=1 Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol HTTP/1.1 Server 212.83.160.162 Mairieux, France, ASN12876 (Online SAS, FR), Reverse DNS 212-83-160-162.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash 1f1b6a8797d029ff2fb4f712ae71c4adae5ebb08cac970563d90382af14dbbdd Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/halloween-candies/signup/1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:11 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Content-Encoding gzip Server nginx/1.20.2 Transfer-Encoding chunked Content-Type text/javascript Access-Control-Allow-Origin * P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:11 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Location https://js.sddan.com/GS.d?pa=26948&c=Ifv2D&cmp=0&u=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&r=https%3A%2F%2Fyotifiles.com%2F&rand=1667162830895&gdpr=0&gdpr_consent=&globalscope=false&cookieless_ignore=0&fb_consent=0&tbp=true&bounce=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 0 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT
POST H/1.1	200 OK	user-action Show response choices.consentframework.com/api/v1/public/	0 270 B	104ms 104ms	Fetch	212.129.3.113 Online SAS
General Check archive.org Show headers Download Go to Full URL https://choices.consentframework.com/api/v1/public/user-action Requested by Host: choices.consentframework.com URL: https://choices.consentframework.com/js/pa/26948/c/Ifv2D/cmp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.129.3.113 Saint-Andre-d'Olerargues, France, ASN12876 (Online SAS, FR), Reverse DNS 212-129-3-113.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Accept application/json Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type application/json Response headers Access-Control-Allow-Origin * Date Sun, 30 Oct 2022 20:47:11 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Connection keep-alive Access-Control-Allow-Headers content-type Content-Length 0
OPTIONS H/1.1	200 OK	user-action choices.consentframework.com/api/v1/public/ Frame	0 0	305ms 103ms	Preflight	212.129.3.113 Online SAS
General Check archive.org Show headers Download Go to Full URL https://choices.consentframework.com/api/v1/public/user-action Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.129.3.113 Saint-Andre-d'Olerargues, France, ASN12876 (Online SAS, FR), Reverse DNS 212-129-3-113.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://samplesavenue.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Access-Control-Allow-Headers content-type Access-Control-Allow-Origin * Connection keep-alive Content-Length 0 Date Sun, 30 Oct 2022 20:47:11 GMT Server nginx/1.20.2 Strict-Transport-Security max-age=15724800; includeSubDomains; preload
GET H2	200	modules.5a17f10e21dd3fd3b841.js Show response script.hotjar.com/	254 KB 65 KB	109ms 34ms	Script application/javascript	18.161.21.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.5a17f10e21dd3fd3b841.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-892525.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.161.21.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-161-21-10.bos50.r.cloudfront.net Software / Resource Hash 6ff8873c5c7e5ddfdd65675936d186a8822ec5a7f51401eed3c06723166b43bd Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 26 Oct 2022 11:38:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 3a2d54938c927c873b7d286793504060.cloudfront.net (CloudFront) x-amz-cf-pop BOS50-P1 age 378544 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 66091 last-modified Wed, 26 Oct 2022 11:37:54 GMT etag "f784e2f70f455f7e613fcb9f757607c4" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id iaqinrnQwBqcxKaD3zm3XGpJXZ5RXXZQ2Mch58p8uwm1cb7GgFJyQw==
GET H3	200	/ www.google.com/pagead/1p-user-list/973571488/	42 B 64 B	89ms 41ms	Image image/gif	2607:f8b0:4006:81f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/973571488/?random=1667162830739&cv=11&fst=1667160000000&bg=ffffff&guid=ON&async=1&gtm=2wgaq0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&ref=https%3A%2F%2Fyotifiles.com%2F&tiba=Samples%20Avenue%20%3A%20Halloween%20Candies&fmt=3&is_vtc=1&random=47109728&rmt_tld=0&ipr=y Requested by Host: samplesavenue.com URL: https://samplesavenue.com/halloween-candies/signup/1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:11 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	83ms 34ms	XHR text/plain	2607:f8b0:4006:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1023212067&t=pageview&_s=1&dl=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&dr=https%3A%2F%2Fyotifiles.com%2F&ul=en-us&de=UTF-8&dt=Samples%20Avenue%20%3A%20Halloween%20Candies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1448040339&gjid=392429528&cid=1624694186.1667162831&tid=UA-61353733-5&_gid=775774572.1667162831&_r=1&gtm=2ouaq0&gcs=G111&z=134240851 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://samplesavenue.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	10015244.json Show response s.yimg.com/wi/config/	2 B 486 B	122ms 65ms	XHR application/json	2001:4998:14:800::1000 YAHOO
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wi/config/10015244.json Requested by Host: s.yimg.com URL: https://s.yimg.com/wi/ytc.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US), Reverse DNS Software ATS / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:10 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000 x-amz-request-id ZQAYB2VCR7XGK9QF age 1 content-length 22 x-amz-id-2 GmOFmsM7F5tlm2SSyYKnCgAdjN9xOazJ8m6paz1XZZIsH1Tpd+LRWECbGg2VNPcYFRSUaj4T0DQ= x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade server ATS expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control public,max-age=3600
GET H2	200	identify.js Show response analytics.tiktok.com/i18n/pixel/	114 KB 31 KB	58ms 55ms	Script application/javascript	23.36.1.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/identify.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BRK97NBJ857475I0MEDG Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.1.11 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-1-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:11 GMT content-encoding gzip x-akamai-request-id 1f50433c x-tt-trace-tag id=16;cdn-cache=miss;type=dyn server nginx x-tt-logid 20221030204711F48E918394C3E01FB192 vary Accept-Encoding x-cache TCP_MISS from a23-36-1-7.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-) content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 21,23.36.1.7 x-tt-trace-host 01d035e8b11131fb292575ae5c23a06c3f20196a458e76491397569c27507ab357e7cd61a53b432412392ea6b547c8ccbc64d6ba0ad88f6fbfb7008883dc62bb52dcb4ec08b7386bdb203c794a1afa82e2 server-timing inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=20 expires Sun, 30 Oct 2022 20:47:11 GMT
GET H2	200	config.js Show response analytics.tiktok.com/i18n/pixel/	58 KB 20 KB	66ms 65ms	Script application/javascript	23.36.1.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BRK97NBJ857475I0MEDG&hostname=samplesavenue.com Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BRK97NBJ857475I0MEDG Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.1.11 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-1-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash eb3a8348688565a4c0a7b551b10b482f0eca7e20be94125d29db5496ee825bfb Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:11 GMT content-encoding gzip x-akamai-request-id 1f5043b1 x-tt-trace-tag id=16;cdn-cache=miss;type=dyn server nginx x-tt-logid 202210302047115293FCEDA1BE8C5E72B2 vary Accept-Encoding x-cache TCP_MISS from a23-36-1-7.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-) content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 41,23.36.1.7 x-tt-trace-host 01d035e8b11131fb292575ae5c23a06c3f20196a458e76491397569c27507ab35785be730a1970d12570d5c05f232b15a65e311a68c41cecf62fc47891f041bff1ae11efc65e8c8f2736fa6d115fb7387d server-timing inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=41 expires Sun, 30 Oct 2022 20:47:11 GMT
POST H2	200	GenerateToken Show response create.leadid.com/2.11.9/	36 B 659 B	311ms 70ms	XHR text/plain	34.192.159.163 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=a6a98aaf-6be8-409b-8da2-61735362a7c2&_=5999173 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.159.163 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-192-159-163.compute-1.amazonaws.com Software nginx / Resource Hash aea172d8ee622f44126c847fffdf71656d392de6684c3027ed227d0609be356b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sun, 30 Oct 2022 20:47:11 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 440 B	280ms 42ms	XHR text/plain	2607:f8b0:4004:c1b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-61353733-5&cid=1624694186.1667162831&jid=1448040339&gjid=392429528&_gid=775774572.1667162831&_u=YADAAUAAAAAAACAAI~&z=1645586502 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 30 Oct 2022 20:47:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://samplesavenue.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	box-c1417f7b48595d0dbca01c86f95d6dbb.html Show response vars.hotjar.com/ Frame 2C88	2 KB 1 KB	267ms 39ms	Document text/html	18.161.34.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-892525.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.161.34.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-161-34-108.bos50.r.cloudfront.net Software / Resource Hash c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://samplesavenue.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 1078505 cache-control max-age=31536000 content-encoding br content-length 1035 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 18 Oct 2022 09:12:06 GMT etag "d2c298a660a1ee92f094a3d504e3e2e6" last-modified Tue, 18 Oct 2022 09:11:19 GMT strict-transport-security max-age=2592000; includeSubDomains vary Accept-Encoding via 1.1 d7e0e22403afe97d9e2ee7dc4d468198.cloudfront.net (CloudFront) x-amz-cf-id GC1MaUfiZP3uGr9m-5UmUy7M5T8AJ6ItdrQJryKLAHJns_iJI6WkvA== x-amz-cf-pop BOS50-P2 x-cache Hit from cloudfront x-robots-tag none
POST H2	200	track Show response trc.pushnami.com/api/push/	2 B 168 B	77ms 75ms	Fetch text/html	52.0.234.150 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trc.pushnami.com/api/push/track Requested by Host: api.pushnami.com URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5cc0bb93e04a8c20b5240228 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.0.234.150 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-0-234-150.compute-1.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept application/json, text/plain, */* Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 key 5cc0bb93e04a8c20b5240228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Sun, 30 Oct 2022 20:47:11 GMT access-control-expose-headers WWW-Authenticate,Server-Authorization cache-control no-cache content-length 2 content-type text/html; charset=utf-8
OPTIONS H2	204	track trc.pushnami.com/api/push/ Frame	0 0	254ms 26ms	Preflight	52.0.234.150 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trc.pushnami.com/api/push/track Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.0.234.150 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-0-234-150.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers key Access-Control-Request-Method POST Origin https://samplesavenue.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers access-control-allow-headers Accept,Authorization,Content-Type,If-None-Match,key access-control-allow-methods POST access-control-allow-origin * access-control-expose-headers WWW-Authenticate,Server-Authorization access-control-max-age 86400 cache-control no-cache date Sun, 30 Oct 2022 20:47:11 GMT
GET H2	200	perfmaker.2.js Show response tag.perfmaker.net/version/perfmaker-v1.59.2/	261 KB 76 KB	245ms 22ms	Script application/javascript	35.190.50.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tag.perfmaker.net/version/perfmaker-v1.59.2/perfmaker.2.js Requested by Host: data.perfmaker.net URL: https://data.perfmaker.net/website/614210c6324d8/tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.50.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.50.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash 998e2f2e3981741ed45c9d428fcb300127c8c46d3493e67ae729c575814e3999 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:33:22 GMT content-encoding gzip age 829 x-guploader-uploadid ADPycduhCLwXGoRyOfaLs8J_0H-q0aUd3ue29ql53xTg9Ne8sXhzOOXzEfhS3AZc0GtPTzKTwuG0ndvg12gqfAOpUHmJfcxxrbj7 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77099 last-modified Tue, 11 Oct 2022 13:47:31 GMT server UploadServer etag "0daed95fbbdebda2e345390a52689242" vary Accept-Encoding x-goog-generation 1665496051613499 x-goog-hash crc32c=K+F4MA==, md5=Da7ZX7vevaLjRTkKUmiSQg== content-type application/javascript; charset=utf-8 cache-control public,max-age=3600 x-goog-stored-content-length 77099 accept-ranges bytes
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 540 B	58ms 57ms	Ping application/octet-stream	23.36.1.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BRK97NBJ857475I0MEDG Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.1.11 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-1-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:11 GMT x-akamai-request-id 1f5044ba x-tt-trace-tag id=16;cdn-cache=miss;type=dyn server nginx x-tt-logid 2022103020471114508B78E32547628035 x-cache TCP_MISS from a23-36-1-7.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-) content-type application/octet-stream access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 26,23.36.1.7 x-tt-trace-host 01d035e8b11131fb292575ae5c23a06c3f20196a458e76491397569c27507ab357d2221e03e24e7e308be31fedd34111322fc23a392885d3327b12dbfa4282dc6845b163a0fd7b3be5772eef8afd89f883 server-timing inner; dur=12, cdn-cache; desc=MISS, edge; dur=5, origin; dur=26 content-length 0 expires Sun, 30 Oct 2022 20:47:11 GMT
GET H/1.1	200 OK	CT.d Show response ct.sddan.com/ Frame 5891	301 B 504 B	357ms 106ms	Document text/html	212.129.3.113 Online SAS
General Check archive.org Show headers Download Go to Full URL https://ct.sddan.com/CT.d?iframeUrl=https%3A%2F%2Fmap.sddan.com%2FSC.d%3Fmapnames%3Dnexus%2Csquadata%2Ceyeota%2Cttd%2Crubicon%2Cadobe%2Camazon%2Cgroupm%2Cweborama%2Cbluekai%2Cgoogle%2Cfreewheel%2Caudiencerate%2Cpubmatic%2Csmart%2Cyahoo%2Cexelate%2Clot%2Cgtm Requested by Host: js.sddan.com URL: https://js.sddan.com/GS.d?pa=26948&c=Ifv2D&cmp=0&u=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&r=https%3A%2F%2Fyotifiles.com%2F&rand=1667162830895&gdpr=0&gdpr_consent=&globalscope=false&cookieless_ignore=0&fb_consent=0&tbp=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.129.3.113 Saint-Andre-d'Olerargues, France, ASN12876 (Online SAS, FR), Reverse DNS 212-129-3-113.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash 3e1add47670f6949113e0667aa5f055aeca02866dabce8962af0cc0164e5fa7a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 30 Oct 2022 20:47:11 GMT Server nginx/1.20.2 Strict-Transport-Security max-age=15724800; includeSubDomains; preload Transfer-Encoding chunked
GET H/1.1	200 OK	CT.d Show response ct.sddan.com/ Frame EF30	249 B 470 B	367ms 117ms	Document text/html	212.129.3.113 Online SAS
General Check archive.org Show headers Download Go to Full URL https://ct.sddan.com/CT.d?imgUrl=https%3A%2F%2Fi.simpli.fi%2Fdpx%3Fcid%3D3427%26m%3D1%26sifi_tuid%3D71836%26url%3Dhttps%253A%252F%252Fsamplesavenue.com%252Fhalloween-candies%252Fsignup%252F1%26ref%3Dhttps%253A%252F%252Fsamplesavenue.com%252Fhalloween-candies%252Fsignup%252F1%26gdpr%3D0 Requested by Host: js.sddan.com URL: https://js.sddan.com/GS.d?pa=26948&c=Ifv2D&cmp=0&u=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&r=https%3A%2F%2Fyotifiles.com%2F&rand=1667162830895&gdpr=0&gdpr_consent=&globalscope=false&cookieless_ignore=0&fb_consent=0&tbp=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.129.3.113 Saint-Andre-d'Olerargues, France, ASN12876 (Online SAS, FR), Reverse DNS 212-129-3-113.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash 21850730a2a4c4c9e2cdbfec4b27c76a69629f9de19c74812eb77b4f053047cf Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Length 249 Content-Type text/html Date Sun, 30 Oct 2022 20:47:11 GMT Server nginx/1.20.2 Strict-Transport-Security max-age=15724800; includeSubDomains; preload
GET H/1.1	200 OK	CT.d Show response ct.sddan.com/ Frame 055C	151 B 372 B	366ms 117ms	Document text/html	212.129.3.113 Online SAS
General Check archive.org Show headers Download Go to Full URL https://ct.sddan.com/CT.d?imgUrl=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fsync-uid.leadplace.fr%2Fsync-uid.php%3Fpart%3Dsirapp%26id%3D%2524UID%26gdpr%3D0 Requested by Host: js.sddan.com URL: https://js.sddan.com/GS.d?pa=26948&c=Ifv2D&cmp=0&u=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&r=https%3A%2F%2Fyotifiles.com%2F&rand=1667162830895&gdpr=0&gdpr_consent=&globalscope=false&cookieless_ignore=0&fb_consent=0&tbp=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.129.3.113 Saint-Andre-d'Olerargues, France, ASN12876 (Online SAS, FR), Reverse DNS 212-129-3-113.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash bd0f43857468bd1c4f16e60e410f5349c0dbad2d3b04416e1036fedac8363d6d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Length 151 Content-Type text/html Date Sun, 30 Oct 2022 20:47:11 GMT Server nginx/1.20.2 Strict-Transport-Security max-age=15724800; includeSubDomains; preload
GET H/1.1	200 OK	CT.d Show response ct.sddan.com/ Frame 78A6	136 B 357 B	368ms 119ms	Document text/html	212.129.3.113 Online SAS
General Check archive.org Show headers Download Go to Full URL https://ct.sddan.com/CT.d?imgUrl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtemelio_dmp%26google_sc%26google_cm%26gdpr%3D0 Requested by Host: js.sddan.com URL: https://js.sddan.com/GS.d?pa=26948&c=Ifv2D&cmp=0&u=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&r=https%3A%2F%2Fyotifiles.com%2F&rand=1667162830895&gdpr=0&gdpr_consent=&globalscope=false&cookieless_ignore=0&fb_consent=0&tbp=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.129.3.113 Saint-Andre-d'Olerargues, France, ASN12876 (Online SAS, FR), Reverse DNS 212-129-3-113.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash 8947414104ab7074163fe845c3f4dc6129dd95608c98461c0feb012525bf7b20 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Length 136 Content-Type text/html Date Sun, 30 Oct 2022 20:47:11 GMT Server nginx/1.20.2 Strict-Transport-Security max-age=15724800; includeSubDomains; preload
GET H/1.1	200 OK	CT.d Show response ct.sddan.com/ Frame 1D1F	204 B 425 B	367ms 120ms	Document text/html	212.129.3.113 Online SAS
General Check archive.org Show headers Download Go to Full URL https://ct.sddan.com/CT.d?imgUrl=https%3A%2F%2Fredirect.frontend.weborama.fr%2Fredirect%2Fstandard%3Furl%3Dhttps%253A%252F%252Fsync-uid.leadplace.fr%252Fsync-uid.php%253Fpart%253Dsirwebo%2526id%253D%7BWEBO_CID%7D%26gdpr%3D0 Requested by Host: js.sddan.com URL: https://js.sddan.com/GS.d?pa=26948&c=Ifv2D&cmp=0&u=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&r=https%3A%2F%2Fyotifiles.com%2F&rand=1667162830895&gdpr=0&gdpr_consent=&globalscope=false&cookieless_ignore=0&fb_consent=0&tbp=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.129.3.113 Saint-Andre-d'Olerargues, France, ASN12876 (Online SAS, FR), Reverse DNS 212-129-3-113.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash a0a6bb1e3dd7476553fb0927f96a19c3da03dd3ab366044516c1ee2132b613b0 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Length 204 Content-Type text/html Date Sun, 30 Oct 2022 20:47:11 GMT Server nginx/1.20.2 Strict-Transport-Security max-age=15724800; includeSubDomains; preload
GET H/1.1	200 OK	iframe.html Show response d2m2wsoho8qq12.cloudfront.net/ Frame 0D2F	3 KB 2 KB	108ms 30ms	Document text/html	18.161.22.119 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7017E926-3747-D2C4-08D4-2A8AFF4DE9C2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BEB516A1-60ED-00CC-73EB-A6A318CFA8E9&lac=A223F9AF-E7A0-7D87-DD28-D0C442307BFE Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js?snippet_version=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.161.22.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-161-22-119.bos50.r.cloudfront.net Software nginx / Resource Hash e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Age 41440 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 30 Oct 2022 09:16:34 GMT ETag W/"63472048-dbb" Last-Modified Wed, 12 Oct 2022 20:15:04 GMT Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked Via 1.1 2d907912ff4747a90356584f2bd482f0.cloudfront.net (CloudFront) X-Amz-Cf-Id tX6y53RNwSUSUmnigcxA3fwpSa79FE6S7h_RaS7Q88kRuchnoNIH-w== X-Amz-Cf-Pop BOS50-P1 X-Cache Hit from cloudfront
POST H2	200	SaveDom Show response create.leadid.com/2.11.9/	0 621 B	31ms 30ms	XHR text/plain	34.192.159.163 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=a6a98aaf-6be8-409b-8da2-61735362a7c2&token=7017E926-3747-D2C4-08D4-2A8AFF4DE9C2&_=5999174 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.159.163 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-192-159-163.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sun, 30 Oct 2022 20:47:11 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	InitFormData Show response create.leadid.com/2.11.9/	0 622 B	87ms 41ms	XHR text/plain	34.192.159.163 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=a6a98aaf-6be8-409b-8da2-61735362a7c2&token=7017E926-3747-D2C4-08D4-2A8AFF4DE9C2&_=5999175 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.159.163 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-192-159-163.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sun, 30 Oct 2022 20:47:11 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
GET H3	200	perfmaker.2.css tag.perfmaker.net/version/perfmaker-v1.6.2/	748 B 261 B	116ms 36ms	Stylesheet text/css	35.190.50.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tag.perfmaker.net/version/perfmaker-v1.6.2/perfmaker.2.css Requested by Host: tag.perfmaker.net URL: https://tag.perfmaker.net/version/perfmaker-v1.59.2/perfmaker.2.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.50.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.50.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash 614fae09088b9d838320b142a94232d7f0069b632ac4eee159ed8024c66b5d14 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:11:57 GMT content-encoding gzip age 2114 x-guploader-uploadid ADPycdu1Gh_zEYU4qgTwJ02FbRUAXxsOBhcY77FEWbDGu0ecr39mMdvbUNYPGGdmq8bc5pxioqHtrzXKNoBsOEMZpcZwsA x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 233 last-modified Tue, 14 Sep 2021 08:35:50 GMT server UploadServer etag "ccb22feaa24d6fab7ab4930715f62bbc" vary Accept-Encoding x-goog-generation 1631608550345626 x-goog-hash crc32c=HA/ohg==, md5=zLIv6qJNb6t6tJMHFfYrvA== content-type text/css; charset=utf-8 cache-control public,max-age=3600 x-goog-stored-content-length 233 accept-ranges bytes
GET H3	200	index.html Show response tag.perfmaker.net/version/perfmaker-v1.59.2/sidebar.2/ Frame 3176	529 B 355 B	82ms 35ms	Document text/html	35.190.50.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tag.perfmaker.net/version/perfmaker-v1.59.2/sidebar.2/index.html Requested by Host: tag.perfmaker.net URL: https://tag.perfmaker.net/version/perfmaker-v1.59.2/perfmaker.2.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.50.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.50.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash 99ae3c83ef0f9161decc5ead2bcfd7350e4adca4a39969e68812d4a4260d05fd Request headers Referer https://samplesavenue.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 2120 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public,max-age=3600 content-encoding gzip content-length 327 content-type text/html; charset=utf-8 date Sun, 30 Oct 2022 20:11:51 GMT etag "dcd3ce88477f2e31679d29b867e2b10d" last-modified Tue, 11 Oct 2022 13:47:44 GMT server UploadServer vary Accept-Encoding x-goog-generation 1665496064029273 x-goog-hash crc32c=ZbtUaQ== md5=3NPOiEd/LjFnnSm4Z+KxDQ== x-goog-metageneration 2 x-goog-storage-class STANDARD x-goog-stored-content-encoding gzip x-goog-stored-content-length 327 x-guploader-uploadid ADPycdtoNEg-xNC6vcYiotPxapB40ayP8mVfTeP-sXbVtPXhFZC2tcCTNT6M9KIVhA-hfx-k8hDiH86Fa9IHTWR7ovBwyBNOitgt
GET H/1.1	200 OK	05cb6acbcba8d52b5055062a31e6191313384030 Show response data.perfmaker.net/data/website/614210c6324d8/settings/	21 KB 3 KB	349ms 113ms	Fetch application/json	212.83.189.65 Online SAS
General Check archive.org Show headers Download Go to Full URL https://data.perfmaker.net/data/website/614210c6324d8/settings/05cb6acbcba8d52b5055062a31e6191313384030 Requested by Host: tag.perfmaker.net URL: https://tag.perfmaker.net/version/perfmaker-v1.59.2/perfmaker.2.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.83.189.65 Asnieres-les-Dijon, France, ASN12876 (Online SAS, FR), Reverse DNS 212-83-189-65.rev.poneytelecom.eu Software / Express Resource Hash cfb39a2a6b50a0ddba191d30f253735afa01327bac0e8f1118edd90ba2949f70 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:12 GMT content-encoding gzip x-powered-by Express etag W/"522e-oc1+RWQAAq0f/OZXR7tAgOfyZEM" vary Origin, Accept-Encoding transfer-encoding chunked content-type application/json; charset=utf-8 access-control-allow-origin https://samplesavenue.com cache-control private access-control-allow-credentials true keep-alive timeout=5
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/892525/	147 B 322 B	444ms 117ms	XHR application/json	54.171.136.239 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/892525/visit-data?sv=6 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.5a17f10e21dd3fd3b841.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.171.136.239 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-171-136-239.eu-west-1.compute.amazonaws.com Software / Resource Hash 23084b00ffe368652957dcb8afc244c1c432069472e90048b07634fccd27440b Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Sun, 30 Oct 2022 20:47:12 GMT content-encoding br vary Accept-Encoding access-control-max-age 86400 content-type application/json access-control-allow-origin * cache-control no-cache, no-store access-control-allow-credentials true
GET H2	204	892525 Show response vc.hotjar.io/sessions/	0 258 B	420ms 94ms	XHR text/plain	18.161.21.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vc.hotjar.io/sessions/892525?s=0.25&r=0.11431640351789474 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.5a17f10e21dd3fd3b841.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.161.21.6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-161-21-6.bos50.r.cloudfront.net Software Python/3.7 aiohttp/3.5.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:12 GMT via 1.1 68794724cce9f2f9839810e506581c8c.cloudfront.net (CloudFront) server Python/3.7 aiohttp/3.5.4 x-amz-cf-pop BOS50-P1 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store x-amz-cf-id NlXB9OmcvWbzU4KJlugMp3fT0MENvQNx6c9z9DPTii2-iWFSAi6rlA==
GET H2	200	iframe.html Show response deviceid.trueleadid.com/ Frame 4B6A	4 KB 2 KB	344ms 29ms	Document text/html	52.73.153.179 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://deviceid.trueleadid.com/iframe.html?token=7017E926-3747-D2C4-08D4-2A8AFF4DE9C2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BEB516A1-60ED-00CC-73EB-A6A318CFA8E9&lac=A223F9AF-E7A0-7D87-DD28-D0C442307BFE Requested by Host: d2m2wsoho8qq12.cloudfront.net URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7017E926-3747-D2C4-08D4-2A8AFF4DE9C2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BEB516A1-60ED-00CC-73EB-A6A318CFA8E9&lac=A223F9AF-E7A0-7D87-DD28-D0C442307BFE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.73.153.179 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-73-153-179.compute-1.amazonaws.com Software nginx / Resource Hash 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a Request headers Referer https://d2m2wsoho8qq12.cloudfront.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control max-age=86400 public content-encoding gzip content-type text/html date Sun, 30 Oct 2022 20:47:12 GMT etag W/"632c7ff9-1049" expires Mon, 31 Oct 2022 20:47:12 GMT last-modified Thu, 22 Sep 2022 15:32:09 GMT p3p CP="NOI DSP COR NID CUR ADM DEV OUR BUS" server nginx
GET H3	200	main.2de7ba46.css tag.perfmaker.net/version/perfmaker-v1.59.2/sidebar.2/static/css/ Frame 3176	749 B 423 B	39ms 39ms	Stylesheet text/css	35.190.50.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tag.perfmaker.net/version/perfmaker-v1.59.2/sidebar.2/static/css/main.2de7ba46.css Requested by Host: tag.perfmaker.net URL: https://tag.perfmaker.net/version/perfmaker-v1.59.2/sidebar.2/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.50.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.50.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash 78a15aee5260713141a7f09ee59a9c95b89b4b5acd937b96d0d9f53ecc217d34 Request headers accept-language en-US,en;q=0.9 Referer https://tag.perfmaker.net/version/perfmaker-v1.59.2/sidebar.2/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:37:06 GMT content-encoding gzip age 605 x-guploader-uploadid ADPycdtoXYQ3wm0XEG9xKoE-0GtPrOVShfvKK7w96a40Q19aIVEKLcrgPo9O2y9R7-N_9U7q8owUSBvuAHoK4t7idbPJXz-NW-Lj x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 395 last-modified Tue, 11 Oct 2022 13:47:44 GMT server UploadServer etag "3a40169b39c308326673329fb4a60eb7" vary Accept-Encoding x-goog-generation 1665496064018032 x-goog-hash crc32c=woQfMQ==, md5=OkAWmznDCDJmczKftKYOtw== content-type text/css; charset=utf-8 cache-control public,max-age=3600 x-goog-stored-content-length 395 accept-ranges bytes
GET H3	200	main.7ddca0e4.js Show response tag.perfmaker.net/version/perfmaker-v1.59.2/sidebar.2/static/js/ Frame 3176	250 KB 79 KB	40ms 39ms	Script application/javascript	35.190.50.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tag.perfmaker.net/version/perfmaker-v1.59.2/sidebar.2/static/js/main.7ddca0e4.js Requested by Host: tag.perfmaker.net URL: https://tag.perfmaker.net/version/perfmaker-v1.59.2/sidebar.2/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.50.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.50.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash 405653cfa2527d053b3debbf62de7b7c813db8560b03ddb9506cd6228bf4200f Request headers accept-language en-US,en;q=0.9 Referer https://tag.perfmaker.net/version/perfmaker-v1.59.2/sidebar.2/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:37:06 GMT content-encoding gzip age 605 x-guploader-uploadid ADPycdt_WC8-66S28YHMng1Z-5REYB1YHUe4K1Yl3SJXYyLFCyXE3Nv5sjFTYbLBk2aTME5YQ2VsvSAHY1WaO4cr7nq7h73KMEOu x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80488 last-modified Tue, 11 Oct 2022 13:47:44 GMT server UploadServer etag "d769327a3df406c90a54c1b2317022e4" vary Accept-Encoding x-goog-generation 1665496064059359 x-goog-hash crc32c=F2dYLA==, md5=12kyej30BskKVMGyMXAi5A== content-type application/javascript; charset=utf-8 cache-control public,max-age=3600 x-goog-stored-content-length 80488 accept-ranges bytes
GET H2	200	dpx i.simpli.fi/ Frame EF30	95 B 887 B	129ms 45ms	Image image/png	169.45.237.40 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://i.simpli.fi/dpx?cid=3427&m=1&sifi_tuid=71836&url=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&ref=https%3A%2F%2Fsamplesavenue.com%2Fhalloween-candies%2Fsignup%2F1&gdpr=0 Requested by Host: ct.sddan.com URL: https://ct.sddan.com/CT.d?imgUrl=https%3A%2F%2Fi.simpli.fi%2Fdpx%3Fcid%3D3427%26m%3D1%26sifi_tuid%3D71836%26url%3Dhttps%253A%252F%252Fsamplesavenue.com%252Fhalloween-candies%252Fsignup%252F1%26ref%3Dhttps%253A%252F%252Fsamplesavenue.com%252Fhalloween-candies%252Fsignup%252F1%26gdpr%3D0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.45.237.40 Ashburn, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 28.ed.2da9.ip4.static.sl-reverse.com Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://ct.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache, no-cache date Sun, 30 Oct 2022 20:47:12 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS content-type image/png; charset=utf-8 access-control-allow-origin * cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 95 x-request-id FyLzw1GVz7vJarR-AlvB expires Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	sync-uid.php sync-uid.leadplace.fr/ Frame 055C Redirect Chain https://ib.adnxs.com/getuid?https://sync-uid.leadplace.fr/sync-uid.php?part=sirapp&id=%24UID&gdpr=0 https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync-uid.leadplace.fr%2Fsync-uid.php%3Fpart%3Dsirapp%26id%3D%2524UID%26gdpr%3D0 https://sync-uid.leadplace.fr/sync-uid.php?part=sirapp&id=376667701495622201&gdpr=0	35 B 419 B	453ms 116ms	Image image/gif	145.239.192.166 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://sync-uid.leadplace.fr/sync-uid.php?part=sirapp&id=376667701495622201&gdpr=0 Requested by Host: ct.sddan.com URL: https://ct.sddan.com/CT.d?imgUrl=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fsync-uid.leadplace.fr%2Fsync-uid.php%3Fpart%3Dsirapp%26id%3D%2524UID%26gdpr%3D0 Protocol HTTP/1.1 Server 145.239.192.166 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.1 / Resource Hash 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3 Request headers accept-language en-US,en;q=0.9 Referer https://ct.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sun, 30 Oct 2022 20:47:13 GMT Server nginx/1.20.1 X-IPLB-Request-ID 6009F925:EBD8_91EFC0A6:01BB_635EE2D0_1FB2D0D4:237B7 X-IPLB-Instance 30195 Transfer-Encoding chunked Content-Type image/gif Redirect headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:12 GMT AN-X-Request-Uuid 5e5a3c3a-2ae0-4d58-9461-1cfbbfd2294b Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Location https://sync-uid.leadplace.fr/sync-uid.php?part=sirapp&id=376667701495622201&gdpr=0 Connection keep-alive X-Proxy-Origin 96.9.249.37; 96.9.249.37; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	wappdbm.php tag.leadplace.fr/ Frame 78A6 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=temelio_dmp&google_sc&google_cm&gdpr=0 https://tag.leadplace.fr/wappdbm.php?gdpr=0&google_gid=CAESELKBDRuKA5Ify3haiLN6V3c&google_cver=1	35 B 273 B	691ms 112ms	Image image/gif	145.239.193.51 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://tag.leadplace.fr/wappdbm.php?gdpr=0&google_gid=CAESELKBDRuKA5Ify3haiLN6V3c&google_cver=1 Requested by Host: ct.sddan.com URL: https://ct.sddan.com/CT.d?imgUrl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtemelio_dmp%26google_sc%26google_cm%26gdpr%3D0 Protocol HTTP/1.1 Server 145.239.193.51 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.1 / Resource Hash 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3 Request headers accept-language en-US,en;q=0.9 Referer https://ct.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sun, 30 Oct 2022 20:47:13 GMT Server nginx/1.20.1 X-IPLB-Request-ID 6009F925:AC4E_91EFC133:01BB_635EE2D0_1FA42571:14264 X-IPLB-Instance 29922 Transfer-Encoding chunked Content-Type image/gif Redirect headers pragma no-cache date Sun, 30 Oct 2022 20:47:12 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://tag.leadplace.fr/wappdbm.php?gdpr=0&google_gid=CAESELKBDRuKA5Ify3haiLN6V3c&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 301 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	sync-uid.php sync-uid.leadplace.fr/ Frame 1D1F Redirect Chain https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fsync-uid.leadplace.fr%2Fsync-uid.php%3Fpart%3Dsirwebo%26id%3D{WEBO_CID}&gdpr=0 https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fsync-uid.leadplace.fr%2Fsync-uid.php%3Fpart%3Dsirwebo%26id%3D%7BWEBO_CID%7D&gdpr=0&bounce=1&random=1852243035 https://sync-uid.leadplace.fr/sync-uid.php?part=sirwebo&id=hEBTZER2Q8wuUBsAP42qAO&gdpr=0	35 B 418 B	486ms 114ms	Image image/gif	145.239.192.166 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://sync-uid.leadplace.fr/sync-uid.php?part=sirwebo&id=hEBTZER2Q8wuUBsAP42qAO&gdpr=0 Requested by Host: ct.sddan.com URL: https://ct.sddan.com/CT.d?imgUrl=https%3A%2F%2Fredirect.frontend.weborama.fr%2Fredirect%2Fstandard%3Furl%3Dhttps%253A%252F%252Fsync-uid.leadplace.fr%252Fsync-uid.php%253Fpart%253Dsirwebo%2526id%253D%7BWEBO_CID%7D%26gdpr%3D0 Protocol HTTP/1.1 Server 145.239.192.166 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.1 / Resource Hash 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3 Request headers accept-language en-US,en;q=0.9 Referer https://ct.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Sun, 30 Oct 2022 20:47:13 GMT Server nginx/1.20.1 X-IPLB-Request-ID 6009F925:EBD6_91EFC0A6:01BB_635EE2D0_1FB46E22:603E X-IPLB-Instance 30196 Transfer-Encoding chunked Content-Type image/gif Redirect headers pragma no-cache date Sun, 30 Oct 2022 20:47:11 GMT via 1.1 google last-modified Sun, 30 Oct 2022 20:47:12 GMT server Weborama Collect Frontend p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" location https://sync-uid.leadplace.fr/sync-uid.php?part=sirwebo&id=hEBTZER2Q8wuUBsAP42qAO&gdpr=0 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H/1.1	200 OK	SC.d Show response map.sddan.com/ Frame F0D3	4 KB 2 KB	703ms 100ms	Document text/html	51.15.145.116 Online SAS
General Check archive.org Show headers Download Go to Full URL https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Requested by Host: ct.sddan.com URL: https://ct.sddan.com/CT.d?iframeUrl=https%3A%2F%2Fmap.sddan.com%2FSC.d%3Fmapnames%3Dnexus%2Csquadata%2Ceyeota%2Cttd%2Crubicon%2Cadobe%2Camazon%2Cgroupm%2Cweborama%2Cbluekai%2Cgoogle%2Cfreewheel%2Caudiencerate%2Cpubmatic%2Csmart%2Cyahoo%2Cexelate%2Clot%2Cgtm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.15.145.116 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 51-15-145-116.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash 5ad67c5f129159311989d1859aa80b6487005f338e14877c965735e3ab139fe1 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers Referer https://ct.sddan.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 Connection keep-alive Content-Encoding gzip Content-Type text/html Cross-Origin-Resource-Policy cross-origin Date Sun, 30 Oct 2022 20:47:12 GMT Expires Tue, 01 Jan 2000 00:00:00 GMT P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Pragma no-cache Server nginx/1.20.2 Strict-Transport-Security max-age=15724800; includeSubDomains; preload Transfer-Encoding chunked X-Xss-Protection 0
GET H2	200	SaveDeviceId.js Show response create.leadid.com/2.11.9/ Frame 4B6A	0 625 B	90ms 29ms	Script text/javascript	34.192.159.163 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=A223F9AF-E7A0-7D87-DD28-D0C442307BFE&lck=BEB516A1-60ED-00CC-73EB-A6A318CFA8E9&methods=48&token=7017E926-3747-D2C4-08D4-2A8AFF4DE9C2&uuid=cfad804ff0af4c67a139720ac5c61201 Requested by Host: deviceid.trueleadid.com URL: https://deviceid.trueleadid.com/iframe.html?token=7017E926-3747-D2C4-08D4-2A8AFF4DE9C2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BEB516A1-60ED-00CC-73EB-A6A318CFA8E9&lac=A223F9AF-E7A0-7D87-DD28-D0C442307BFE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.159.163 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-192-159-163.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://deviceid.trueleadid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	MAP.d map.sddan.com/ Frame F0D3 Redirect Chain https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dnexus%26gdpr%3D0%26mv%3D$UID https://map.sddan.com/MAP.d?pa=1000&mn=nexus&gdpr=0&mv=376667701495622201	42 B 884 B	137ms 99ms	Image image/gif	51.15.145.116 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://map.sddan.com/MAP.d?pa=1000&mn=nexus&gdpr=0&mv=376667701495622201 Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 51.15.145.116 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 51-15-145-116.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:13 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Content-Type image/gif Access-Control-Allow-Origin * P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 42 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:13 GMT AN-X-Request-Uuid 8ecfe672-613c-4434-b5c2-f768788ef8ac Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Location https://map.sddan.com/MAP.d?pa=1000&mn=nexus&gdpr=0&mv=376667701495622201 Connection keep-alive X-Proxy-Origin 96.9.249.37; 96.9.249.37; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	MAP.d map.sddan.com/ Frame F0D3 Redirect Chain https://asset.easydmp.net/collect_v2.img.php?gdpr=0&dmp=sirdmp&sirid=ZDVlNmU2ZDI4MWM1ZWYyYWM4ZGI4ZWE50qCJitIobqcxfXFYeXbGGRzh10VTgHQEZqe0W4LtzDBA4fX5eWii775TBIG8rMHX5%2F6HYPoAssSt&redirect=https%3A... https://map.sddan.com/MAP.d?pa=1000&mn=squadata&gdpr=0&mv=166716283370621390	42 B 887 B	111ms 109ms	Image image/gif	51.15.145.116 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://map.sddan.com/MAP.d?pa=1000&mn=squadata&gdpr=0&mv=166716283370621390 Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 51.15.145.116 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 51-15-145-116.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:13 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Content-Type image/gif Access-Control-Allow-Origin * P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 42 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT Redirect headers Date Sun, 30 Oct 2022 20:47:13 GMT Strict-Transport-Security max-age=31536000 X-IPLB-Request-ID 00000000:EAA2_00000000:01BB_635EE2D1_B7DD77:8D9B X-IPLB-Instance 24041 Transfer-Encoding chunked P3P CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI" Location https://map.sddan.com/MAP.d?pa=1000&mn=squadata&gdpr=0&mv=166716283370621390 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	match ps.eyeota.net/ Frame F0D3 Redirect Chain https://ps.eyeota.net/pixel?pid=cb2cb9u&uid=018da00eca02986a5beff0b6e52c3a30&t=gif&gdpr=0 https://ps.eyeota.net/pixel/bounce/?pid=cb2cb9u&uid=018da00eca02986a5beff0b6e52c3a30&t=gif&gdpr=0 https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnZhc2pTdExrSU1DeHhEaUZ6UlBSaUJNTVdmbFh1WW5tdmZlWDh1dUZJLVU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer... https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=cb2cb9u&google_gid=CAESEHcC6LuVUXvlp3BQRo1eiqk&google_cver=1	70 B 440 B	282ms 263ms	Image image/gif	3.234.8.37 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=cb2cb9u&google_gid=CAESEHcC6LuVUXvlp3BQRo1eiqk&google_cver=1 Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-234-8-37.compute-1.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type image/gif Date Sun, 30 Oct 2022 20:47:13 GMT Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers pragma no-cache date Sun, 30 Oct 2022 20:47:13 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=cb2cb9u&google_gid=CAESEHcC6LuVUXvlp3BQRo1eiqk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 375 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	MAP.d js.sddan.com/ Frame F0D3 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=3hoytaj&ttd_tpi=1&gdpr=0 https://match.adsrvr.org/track/cmb/generic?ttd_pid=3hoytaj&ttd_tpi=1&gdpr=0 https://js.sddan.com/MAP.d?mn=ttd&mv=1cbf6f02-94f8-4c05-966f-72365673d253&gdpr_consent=%%GDPR_CONSENT%%	42 B 900 B	119ms 119ms	Image image/gif	212.83.160.162 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://js.sddan.com/MAP.d?mn=ttd&mv=1cbf6f02-94f8-4c05-966f-72365673d253&gdpr_consent=%%GDPR_CONSENT%% Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 212.83.160.162 Mairieux, France, ASN12876 (Online SAS, FR), Reverse DNS 212-83-160-162.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:13 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Content-Type image/gif Access-Control-Allow-Origin * P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 42 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT Redirect headers pragma no-cache date Sun, 30 Oct 2022 20:47:13 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://js.sddan.com/MAP.d?mn=ttd&mv=1cbf6f02-94f8-4c05-966f-72365673d253&gdpr_consent=%%GDPR_CONSENT%% content-type text/html cache-control private,no-cache, must-revalidate content-length 237
GET H/1.1	204 No Content	token pixel.rubiconproject.com/ Frame F0D3	0 707 B	643ms 29ms	Image text/plain	8.43.72.98 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/token?pid=34458&extension=png&puid=291e43da9a4993b6d046bdbda230e3f6&gdpr=0 Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Expires 0 Pragma no-cache Cache-Control no-cache,no-store,must-revalidate X-RPHost 8f31d5fb12ac7ec11f837ad8263e0f6c P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	MAP.d map.sddan.com/ Frame F0D3 Redirect Chain https://dpm.demdex.net/ibs:dpid=184561&dpuuid=ZDVlNmU2ZDI4MWM1ZWYyYWM4ZGI4ZWE5HoGzDTfi8k%2BRlZEgnM3Ioy3ePMKzYj9JLejFVN%2FTTYKG66VDyUhrntq3LFtvRgFvM3tP42Gw0OgB&redir=https%3A%2F%2Fmap.sddan.com%2FMA... https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=184561&dpuuid=ZDVlNmU2ZDI4MWM1ZWYyYWM4ZGI4ZWE5HoGzDTfi8k%2BRlZEgnM3Ioy3ePMKzYj9JLejFVN%2FTTYKG66VDyUhrntq3LFtvRgFvM3tP42Gw0OgB&redir=https%3A%2... https://map.sddan.com/MAP.d?pa=1000&mn=adobe&gdpr=0&mv=74506071989844254010623480623926462510	42 B 904 B	101ms 100ms	Image image/gif	51.15.145.116 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://map.sddan.com/MAP.d?pa=1000&mn=adobe&gdpr=0&mv=74506071989844254010623480623926462510 Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 51.15.145.116 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 51-15-145-116.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:13 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Content-Type image/gif Access-Control-Allow-Origin * P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 42 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT Redirect headers DCS dcs-prod-va6-1-v044-073cfc3fa.edge-va6.demdex.com 3 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID 7HHfQWE2RiE= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://map.sddan.com/MAP.d?pa=1000&mn=adobe&gdpr=0&mv=74506071989844254010623480623926462510 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame F0D3 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=093bc165-6022-4c64-906d-9ad8ef70aec4&id=70641402615db8281cca245849dae3f8&gdpr=0 https://s.amazon-adsystem.com/dcm?pid=093bc165-6022-4c64-906d-9ad8ef70aec4&id=70641402615db8281cca245849dae3f8&gdpr=0&dcc=t	43 B 855 B	68ms 67ms	Image image/gif	52.46.155.104 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=093bc165-6022-4c64-906d-9ad8ef70aec4&id=70641402615db8281cca245849dae3f8&gdpr=0&dcc=t Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:13 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid ENNA7CE2CJQQ998JM3MS Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:13 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid CV2QB5TC35Y44PPE1P56 Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=093bc165-6022-4c64-906d-9ad8ef70aec4&id=70641402615db8281cca245849dae3f8&gdpr=0&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	MAP.d map.sddan.com/ Frame F0D3	42 B 899 B	127ms 114ms	Image image/gif	51.15.145.116 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://map.sddan.com/MAP.d?pa=1000&mn=amazon&gdpr=0&mv=70641402615db8281cca245849dae3f8 Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.15.145.116 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 51-15-145-116.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:13 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Content-Type image/gif Access-Control-Allow-Origin * P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 42 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT
GET H3	200	activity fr-gmtdmp.mookie1.com/t/v2/ Frame F0D3 Redirect Chain https://fr-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_684503&trb.partnerID=24234&trb.partnervisitorID=f3543e532b019e4b6ddf04205a869d17&src.rand=1667162832&gdpr=0 https://fr-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_989214&trb.partnerID=35514&trb.partnervisitorID=f3543e532b019e4b6ddf04205a869d17&src.rand=1667162832&gdpr=0&gdpr_consent=	43 B 64 B	130ms 100ms	Image image/gif	35.186.238.175 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fr-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_989214&trb.partnerID=35514&trb.partnervisitorID=f3543e532b019e4b6ddf04205a869d17&src.rand=1667162832&gdpr=0&gdpr_consent= Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol H3 Server 35.186.238.175 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 175.238.186.35.bc.googleusercontent.com Software Apache / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:13 GMT via 1.1 google server Apache content-type image/gif;charset=UTF-8 p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Sun, 30 Oct 2022 20:47:13 GMT via 1.1 google server Apache p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" location https://fr-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_989214&trb.partnerID=35514&trb.partnervisitorID=f3543e532b019e4b6ddf04205a869d17&src.rand=1667162832&gdpr=0&gdpr_consent= cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	v2 odr.mookie1.com/t/ Frame F0D3 Redirect Chain https://odr.mookie1.com/t/v2/sync?tagid=V2_623639&src.visitorId=ZDVlNmU2ZDI4MWM1ZWYyYWM4ZGI4ZWE5YnxgaSfcpLjBedL6bRSWhUbhQHVtSs4R5TkCp2HQv4Qc6FIZVZujHnoR0%2B%2FMIHXmU%2Fw26kN4435o&gdpr=0 https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10597532877335112049&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_607875%26src.vi... https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10597532877335112049&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_607875%26... https://odr.mookie1.com/t/v2?tagid=V2_607875&src.visitorid=ca7e6b49-adcd-44ba-be5b-925bdd262d51&gdpr=0&gdpr_consent=	43 B 65 B	69ms 42ms	Image image/gif	35.190.90.30 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://odr.mookie1.com/t/v2?tagid=V2_607875&src.visitorid=ca7e6b49-adcd-44ba-be5b-925bdd262d51&gdpr=0&gdpr_consent= Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol H3 Server 35.190.90.30 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 30.90.190.35.bc.googleusercontent.com Software Apache / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:13 GMT via 1.1 google server Apache content-type image/gif;charset=UTF-8 p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://odr.mookie1.com/t/v2?tagid=V2_607875&src.visitorid=ca7e6b49-adcd-44ba-be5b-925bdd262d51&gdpr=0&gdpr_consent= date Sun, 30 Oct 2022 20:47:13 GMT strict-transport-security max-age=31536000 via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H/1.1	200 OK	MAP.d map.sddan.com/ Frame F0D3 Redirect Chain https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dweborama%26gdpr%3D0%26mv%3D{WEBO_CID}&gdpr=0 https://map.sddan.com/MAP.d?pa=1000&mn=weborama&gdpr=0&mv=hEBTZER2Q8wuUBsAP42qAO	42 B 891 B	232ms 112ms	Image image/gif	51.15.145.116 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://map.sddan.com/MAP.d?pa=1000&mn=weborama&gdpr=0&mv=hEBTZER2Q8wuUBsAP42qAO Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 51.15.145.116 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 51-15-145-116.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:13 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Content-Type image/gif Access-Control-Allow-Origin * P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 42 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT Redirect headers pragma no-cache date Sun, 30 Oct 2022 20:47:12 GMT via 1.1 google last-modified Sun, 30 Oct 2022 20:47:13 GMT server Weborama Collect Frontend p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" location https://map.sddan.com/MAP.d?pa=1000&mn=weborama&gdpr=0&mv=hEBTZER2Q8wuUBsAP42qAO access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	57759 stags.bluekai.com/site/ Frame F0D3	62 B 633 B	783ms 319ms	Image image/gif	104.81.136.162 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stags.bluekai.com/site/57759?id=df21be329d743e3420405b91c0e184d7&limit=0&redir=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dbluekai%26gdpr%3D0%26mv%3D$_BK_UUID Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.81.136.162 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-81-136-162.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Sun, 30 Oct 2022 20:47:13 GMT content-length 62 bk-server 7d7f content-type image/gif
GET H/1.1	200 OK	MAP.d map.sddan.com/ Frame F0D3 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=s1r_ddp&google_hm=NWFlMTVhMDU0NjViNTcyMTYzNWU3ZWEyMjVhOTM3YTk%3D&google_redir=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dgoogle%26gdpr%3D0%... https://map.sddan.com/MAP.d?pa=1000&mn=google&gdpr=0&mv=EXT%7C5ae15a05465b5721635e7ea225a937a9&gdpr=0	42 B 903 B	221ms 105ms	Image image/gif	51.15.145.116 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://map.sddan.com/MAP.d?pa=1000&mn=google&gdpr=0&mv=EXT%7C5ae15a05465b5721635e7ea225a937a9&gdpr=0 Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 51.15.145.116 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 51-15-145-116.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:13 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Content-Type image/gif Access-Control-Allow-Origin * P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 42 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT Redirect headers pragma no-cache date Sun, 30 Oct 2022 20:47:13 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://map.sddan.com/MAP.d?pa=1000&mn=google&gdpr=0&mv=EXT%7C5ae15a05465b5721635e7ea225a937a9&gdpr=0 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 314 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame F0D3	170 B 188 B	94ms 38ms	Image image/png	142.251.41.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=proxistore&google_redir=none&google_hm=NWFlMTVhMDU0NjViNTcyMTYzNWU3ZWEyMjVhOTM3YTk%3D&gdpr=0 Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.41.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s40-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:13 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	MAP.d map.sddan.com/ Frame F0D3 Redirect Chain https://ads.stickyadstv.com/data-registering?dataProviderId=1361&redirectId=1729&gdpr=0 https://map.cookieless-data.com/MAP.d?mn=freewheel&pa=25997&mv=6e5fa92f4d71ee0123998904e9166f2&gdpr=0 https://map.sddan.com/MAP.d?mn=freewheel&pa=25997&mv=6e5fa92f4d71ee0123998904e9166f2&gdpr=0	42 B 901 B	107ms 105ms	Image image/gif	51.15.145.116 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://map.sddan.com/MAP.d?mn=freewheel&pa=25997&mv=6e5fa92f4d71ee0123998904e9166f2&gdpr=0 Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 51.15.145.116 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 51-15-145-116.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:14 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Content-Type image/gif Access-Control-Allow-Origin * P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 42 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:13 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Location https://map.sddan.com/MAP.d?mn=freewheel&pa=25997&mv=6e5fa92f4d71ee0123998904e9166f2&gdpr=0 Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 0 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	MAP.d map.sddan.com/ Frame F0D3 Redirect Chain https://a.audrte.com/match?uid=eb7480ee5deb8acc9069127bd86311fc&p=M646759765&gdpr=0&redirect=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Daudiencerate%26gdpr%3D0%26mv%3Deb7480ee5deb8acc90... https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9tYXAuc2RkYW4uY29tL01BUC5kP21uXHUwMDNkYXVkaWVuY2VyYXRlXHUwMDI2bXZcdTAwM2RnbTc0blkxandsa1E4cTZVaExEU1U5azVnXHUwMDI2Z2Rwclx... https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&r=eyJ1IjoiaHR0cHM6Ly9tYXAuc2RkYW4uY29tL01BUC5kP21uXHUwMDNkYXVkaWVuY2VyYXRlXHUwMDI2bXZcdTAwM2RnbTc0blkxandsa1E4cTZVaExEU1U5azVnXHUwMDI2Z2... https://a.audrte.com/a?adform_uid=6214495667242069173&r=eyJ1IjoiaHR0cHM6Ly9tYXAuc2RkYW4uY29tL01BUC5kP21uXHUwMDNkYXVkaWVuY2VyYXRlXHUwMDI2bXZcdTAwM2RnbTc0blkxandsa1E4cTZVaExEU1U5azVnXHUwMDI2Z2Rwclx1M... https://map.sddan.com/MAP.d?mn=audiencerate&mv=gm74nY1jwlkQ8q6UhLDSU9k5g&gdpr=0&gdpr_consent=	42 B 898 B	114ms 113ms	Image image/gif	51.15.145.116 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://map.sddan.com/MAP.d?mn=audiencerate&mv=gm74nY1jwlkQ8q6UhLDSU9k5g&gdpr=0&gdpr_consent= Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 51.15.145.116 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 51-15-145-116.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:14 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Content-Type image/gif Access-Control-Allow-Origin * P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 42 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT Redirect headers Date Sun, 30 Oct 2022 20:47:13 GMT Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Access-Control-Allow-Origin * Location https://map.sddan.com/MAP.d?mn=audiencerate&mv=gm74nY1jwlkQ8q6UhLDSU9k5g&gdpr=0&gdpr_consent= Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H/1.1	200 OK	MAP.d map.sddan.com/ Frame F0D3 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dpubmatic%26gdpr%3D0%26mv%3D%23PM_USER_ID https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dpubmatic%26gdpr%3D0%26mv%3D%23PM_USER_ID&rdf=1 https://map.sddan.com/MAP.d?pa=1000&mn=pubmatic&gdpr=0&mv=64C0D907-1C7F-4357-B35C-4E3AAB562989	42 B 905 B	100ms 99ms	Image image/gif	51.15.145.116 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://map.sddan.com/MAP.d?pa=1000&mn=pubmatic&gdpr=0&mv=64C0D907-1C7F-4357-B35C-4E3AAB562989 Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 51.15.145.116 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 51-15-145-116.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:13 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Content-Type image/gif Access-Control-Allow-Origin * P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 42 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT Redirect headers location https://map.sddan.com/MAP.d?pa=1000&mn=pubmatic&gdpr=0&mv=64C0D907-1C7F-4357-B35C-4E3AAB562989 date Sun, 30 Oct 2022 20:47:12 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H/1.1	200 OK	getuid sync.smartadserver.com/ Frame F0D3 Redirect Chain https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fmap.sddan.com%2FMAP.d%3Fpa%3D1000%26mn%3Dsmart%26gdpr%3D0%26mv%3D%5Bsas_uid%5D https://sync.smartadserver.com/getuid?gdpr=0&url=https://map.sddan.com/MAP.d?pa=1000&mn=smart&gdpr=0&mv=[sas_uid]&cklb=1	0 316 B	65ms 64ms	Image text/plain	199.187.193.192 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://sync.smartadserver.com/getuid?gdpr=0&url=https://map.sddan.com/MAP.d?pa=1000&mn=smart&gdpr=0&mv=[sas_uid]&cklb=1 Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:14 GMT cache-control no-cache,no-store content-length 0 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Redirect headers location https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://map.sddan.com/MAP.d?pa=1000&mn=smart&gdpr=0&mv=[sas_uid]&cklb=1 pragma no-cache date Sun, 30 Oct 2022 20:47:13 GMT cache-control no-cache,no-store content-length 0 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET H/1.1	200 OK	MAP.d map.sddan.com/ Frame F0D3 Redirect Chain https://cms.analytics.yahoo.com/cms?partner_id=SIRTA&gdpr=false https://map.sddan.com/MAP.d?mn=yahoo&mv=y-z9r91HJE2oNFuynn.fd2y5.xKXLJOgDkhsk-~A	42 B 906 B	106ms 105ms	Image image/gif	51.15.145.116 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://map.sddan.com/MAP.d?mn=yahoo&mv=y-z9r91HJE2oNFuynn.fd2y5.xKXLJOgDkhsk-~A Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 51.15.145.116 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 51-15-145-116.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:14 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Content-Type image/gif Access-Control-Allow-Origin * P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 42 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT Redirect headers date Sun, 30 Oct 2022 20:47:14 GMT strict-transport-security max-age=31536000 via http/1.1 spdc0108.pbp.bf1.yahoo.com (ApacheTrafficServer) server ATS age 0 content-type text/html;charset=utf-8 location https://map.sddan.com/MAP.d?mn=yahoo&mv=y-z9r91HJE2oNFuynn.fd2y5.xKXLJOgDkhsk-~A content-length 0
GET H/1.1	200 OK	MAP.d map.sddan.com/ Frame F0D3 Redirect Chain https://loadeu.exelator.com/load/?p=396&g=001&j=0&gdpr=0 https://loadeu.exelator.com/load/?p=396&g=001&j=0&gdpr=0&xl8blockcheck=1 https://map.sddan.com/MAP.d?mn=exelate&mv=4168142a740c375772749fdb4532543d&gdpr=&gdpr_consent=	42 B 900 B	118ms 115ms	Image image/gif	51.15.145.116 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://map.sddan.com/MAP.d?mn=exelate&mv=4168142a740c375772749fdb4532543d&gdpr=&gdpr_consent= Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol HTTP/1.1 Server 51.15.145.116 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 51-15-145-116.rev.poneytelecom.eu Software nginx/1.20.2 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains; preload X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Oct 2022 20:47:14 GMT Strict-Transport-Security max-age=15724800; includeSubDomains; preload Server nginx/1.20.2 Content-Type image/gif Access-Control-Allow-Origin * P3p CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 42 X-Xss-Protection 0 Expires Tue, 01 Jan 2000 00:00:00 GMT Redirect headers date Sun, 30 Oct 2022 20:47:14 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://map.sddan.com/MAP.d?mn=exelate&mv=4168142a740c375772749fdb4532543d&gdpr=&gdpr_consent= content-type image/gif cache-control no-cache access-control-allow-credentials true content-length 0
GET H2	200	/ sync.crwdcntrl.net/map/ct=y/c=4136/tp=SIRD/ Frame F0D3 Redirect Chain https://sync.crwdcntrl.net/map/c=4136/tp=SIRD/?gdpr=0&https://map.sddan.com/MAP.d?pa=1000&mn=lot&gdpr=0&mv=${profile_id} https://sync.crwdcntrl.net/map/ct=y/c=4136/tp=SIRD/?gdpr=0&https://map.sddan.com/MAP.d?pa=1000&mn=lot&gdpr=0&mv=${profile_id}	49 B 265 B	52ms 52ms	Image image/gif	34.203.125.199 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/ct=y/c=4136/tp=SIRD/?gdpr=0&https://map.sddan.com/MAP.d?pa=1000&mn=lot&gdpr=0&mv=${profile_id} Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol H2 Server 34.203.125.199 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-203-125-199.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:14 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.42.102 content-length 49 expires 0 Redirect headers pragma no-cache date Sun, 30 Oct 2022 20:47:14 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://sync.crwdcntrl.net/map/ct=y/c=4136/tp=SIRD/?gdpr=0&https://map.sddan.com/MAP.d?pa=1000&mn=lot&gdpr=0&mv=${profile_id} cache-control no-cache x-server 10.40.6.185 content-length 0 expires 0
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame F0D3	134 KB 52 KB	45ms 35ms	Script application/javascript	2607:f8b0:4006:816::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-10931346070 Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7a82491c5cd81c1e75e7e5b2ae4495a87a8b66d3e155ff08e459beb890a15619 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52821 x-xss-protection 0 last-modified Sun, 30 Oct 2022 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 30 Oct 2022 20:47:12 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/ Frame F0D3	41 KB 15 KB	325ms 55ms	Script text/javascript	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10931346070 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software cafe / Resource Hash bb14c226d4517c67148f8c5f2680ee3081e5fa0932e9e93092c09ae60fe54606 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:14 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15179 x-xss-protection 0 server cafe etag 15210647593759987154 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sun, 30 Oct 2022 20:47:14 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/10931346070/ Frame F0D3	2 KB 1 KB	75ms 72ms	Script text/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10931346070/?random=1667162834260&cv=9&fst=1667162834260&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaq0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fmap.sddan.com%2FSC.d%3Fmapnames%3Dnexus%2Csquadata%2Ceyeota%2Cttd%2Crubicon%2Cadobe%2Camazon%2Cgroupm%2Cweborama%2Cbluekai%2Cgoogle%2Cfreewheel%2Caudiencerate%2Cpubmatic%2Csmart%2Cyahoo%2Cexelate%2Clot%2Cgtm&ref=https%3A%2F%2Fct.sddan.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d489bd65c0f38f66655396ac242fe85c4c39779571eb66560123e6c9530594dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:14 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1108 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/10931346070/ Frame F0D3	2 KB 1 KB	75ms 74ms	Script text/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10931346070/?random=1667162834263&cv=9&fst=1667162834263&num=1&userId=ZDVlNmU2ZDI4MWM1ZWYyYWM4ZGI4ZWE5KFuIrYd%2BmC5VyLgSFEyRoXxOzb88mvhlnY5236fV5qgHMrRgSFX0wkZrGvO3bZUo7ZfqU1Nlq7km&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaq0&sendb=1&ig=1&data=event%3Dpage_view&frm=2&url=https%3A%2F%2Fmap.sddan.com%2FSC.d%3Fmapnames%3Dnexus%2Csquadata%2Ceyeota%2Cttd%2Crubicon%2Cadobe%2Camazon%2Cgroupm%2Cweborama%2Cbluekai%2Cgoogle%2Cfreewheel%2Caudiencerate%2Cpubmatic%2Csmart%2Cyahoo%2Cexelate%2Clot%2Cgtm&ref=https%3A%2F%2Fct.sddan.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 155a82ce402dc79e4aabc5f83930e8140192099d87f77e8e9d13f2dd6741aeba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:14 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1230 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/10931346070/ Frame F0D3	42 B 64 B	40ms 39ms	Image image/gif	2607:f8b0:4006:81f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/10931346070/?random=1667162834260&cv=9&fst=1667160000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fmap.sddan.com%2FSC.d%3Fmapnames%3Dnexus%2Csquadata%2Ceyeota%2Cttd%2Crubicon%2Cadobe%2Camazon%2Cgroupm%2Cweborama%2Cbluekai%2Cgoogle%2Cfreewheel%2Caudiencerate%2Cpubmatic%2Csmart%2Cyahoo%2Cexelate%2Clot%2Cgtm&ref=https%3A%2F%2Fct.sddan.com%2F&async=1&fmt=3&is_vtc=1&random=1391292608&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:14 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/10931346070/ Frame F0D3	42 B 64 B	40ms 40ms	Image image/gif	2607:f8b0:4006:81f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/10931346070/?random=1667162834263&cv=9&fst=1667160000000&num=1&userId=ZDVlNmU2ZDI4MWM1ZWYyYWM4ZGI4ZWE5KFuIrYd%2BmC5VyLgSFEyRoXxOzb88mvhlnY5236fV5qgHMrRgSFX0wkZrGvO3bZUo7ZfqU1Nlq7km&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaq0&sendb=1&data=event%3Dpage_view&frm=2&url=https%3A%2F%2Fmap.sddan.com%2FSC.d%3Fmapnames%3Dnexus%2Csquadata%2Ceyeota%2Cttd%2Crubicon%2Cadobe%2Camazon%2Cgroupm%2Cweborama%2Cbluekai%2Cgoogle%2Cfreewheel%2Caudiencerate%2Cpubmatic%2Csmart%2Cyahoo%2Cexelate%2Clot%2Cgtm&ref=https%3A%2F%2Fct.sddan.com%2F&async=1&fmt=3&is_vtc=1&random=361325549&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: map.sddan.com URL: https://map.sddan.com/SC.d?mapnames=nexus,squadata,eyeota,ttd,rubicon,adobe,amazon,groupm,weborama,bluekai,google,freewheel,audiencerate,pubmatic,smart,yahoo,exelate,lot,gtm Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://map.sddan.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:14 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	hub Show response api.pushnami.com/scripts/v1/ Frame 150A	2 KB 1 KB	31ms 30ms	Document text/html	18.161.21.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.pushnami.com/scripts/v1/hub Requested by Host: api.pushnami.com URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5cc0bb93e04a8c20b5240228 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.161.21.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-161-21-58.bos50.r.cloudfront.net Software / Resource Hash 2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4 Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' * X-Content-Security-Policy default-src 'unsafe-inline' * Request headers Referer https://samplesavenue.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-headers X-Requested-With access-control-allow-methods GET,PUT,POST,DELETE access-control-allow-origin * age 261 cache-control no-cache content-encoding gzip content-security-policy default-src 'unsafe-inline' * content-type text/html; charset=utf-8 date Sun, 30 Oct 2022 20:42:53 GMT vary accept-encoding via 1.1 521101b4b5baafcfa7548a73a3442cea.cloudfront.net (CloudFront) x-amz-cf-id gTAXkwKnQ4n_V8twZCSfhgFf7WtNN8TzZl-vkpjK9-eeZ40tyO6rvQ== x-amz-cf-pop BOS50-P1 x-cache Hit from cloudfront x-content-security-policy default-src 'unsafe-inline' * x-webkit-csp default-src 'unsafe-inline' *
POST H2	201	certs Show response api.trustedform.com/	475 B 686 B	92ms 33ms	XHR application/json	52.71.143.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs Requested by Host: api.trustedform.com URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16671628307480.5576327961758478 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-143-120.compute-1.amazonaws.com Software Cowboy / Resource Hash fd490e4d73c7e060d200c2b1265473ce86357642bd216d4b612f1d984bb69b4c Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers date Sun, 30 Oct 2022 20:47:14 GMT server Cowboy content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true content-length 475
GET H2	200	request.js Show response script.anura.io/	55 KB 20 KB	166ms 92ms	Script application/javascript	100.24.222.39 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/request.js?instance=3688597576&source=undefined&campaign=undefined&callback=Pushnami.anTrack&797120622271 Requested by Host: api.pushnami.com URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5cc0bb93e04a8c20b5240228 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 100.24.222.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-24-222-39.compute-1.amazonaws.com Software nginx / Resource Hash 925f7f082f05cafbfbab280d5145a33ed06d84ad8468b9921e743f31334ef9a2 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:14 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
GET H2	200	trustedform-1.8.30.js Show response cdn.trustedform.com/	99 KB 37 KB	27ms 27ms	Script application/javascript	2600:9000:24eb:d000:1c:7f1a:6680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.trustedform.com/trustedform-1.8.30.js Requested by Host: api.trustedform.com URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16671628307480.5576327961758478 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24eb:d000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6cdacbf051630f7d0e1f669c81e43a897165a3f7909adb2ec5b73ab0d8fa8863 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-amz-version-id rVI1SkmK2ZxLGKrob2HmeCgOkDyvNfEH content-encoding gzip via 1.1 8f50ae604f3eeac2baebf2a9b8332a82.cloudfront.net (CloudFront) date Sun, 30 Oct 2022 20:47:09 GMT last-modified Mon, 24 Oct 2022 17:48:00 GMT server AmazonS3 x-amz-cf-pop BOS50-P1 age 6 etag W/"a5b5dad6197e972a745a719bfccfb334" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id E7Q8xgQI_UsKzlOYEksFOOvzi0dnXb5o6ucb_5zNxIDrC5U09KRkwA==
POST H2	204	snapshot Show response api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/	0 159 B	170ms 168ms	XHR text/plain	52.71.143.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/snapshot Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.8.30.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-143-120.compute-1.amazonaws.com Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 30 Oct 2022 20:47:14 GMT access-control-expose-headers access-control-allow-credentials true cache-control max-age=0, private, must-revalidate server Cowboy
POST H2	204	fingerprints Show response api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/	0 159 B	140ms 138ms	XHR text/plain	52.71.143.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/fingerprints Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.8.30.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-143-120.compute-1.amazonaws.com Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 30 Oct 2022 20:47:14 GMT access-control-expose-headers access-control-allow-credentials true cache-control max-age=0, private, must-revalidate server Cowboy
GET H2	200	450x70-2089.svg imgs.tagadamedia.com/media/us/20/	27 KB 10 KB	35ms 33ms	Image image/svg+xml	185.93.1.244 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://imgs.tagadamedia.com/media/us/20/450x70-2089.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.93.1.244 Chicago, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-185-93-1-244.datapacket.com Software BunnyCDN-IL-845 / Resource Hash 861e6d86e2e7926a655dd7f060d4cb42fbc1d1ff42f93e4c1cdcd5a78d1a8023 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:14 GMT content-encoding gzip cdn-edgestorageid 941 x-amz-request-id 8YHHFB0W5PY6CX7J cdn-cachedat 08/03/2022 13:25:19 cdn-pullzone 61945 x-amz-id-2 fJmDSTX+s/qR+M+mQU2yoi2YqYRGmN70aGjirKThvtHsawpNa06/Ujdb2pDr0yB1J1uA724UA84= last-modified Mon, 24 Jan 2022 11:11:38 GMT server BunnyCDN-IL-845 cdn-proxyver 1.02 cdn-requestpullcode 206 vary Accept-Encoding content-type image/svg+xml cdn-cache HIT cdn-uid 5d127034-96a6-45e8-a482-4f40615f18db cache-control public, max-age=2592000 cdn-requestid fdf1c0635860f8a28db8385546db7e46 cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET H2	200	1680x870-copieus-1837.jpg imgs.tagadamedia.com/media/us/18/	2 MB 2 MB	34ms 32ms	Image image/jpeg	185.93.1.244 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://imgs.tagadamedia.com/media/us/18/1680x870-copieus-1837.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.93.1.244 Chicago, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-185-93-1-244.datapacket.com Software BunnyCDN-IL-845 / Resource Hash 37f2159d5df8678c74d7acd49563c1edabbfe73114c29cf350043d66f72d0e76 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:14 GMT cdn-edgestorageid 894 x-amz-request-id G1SY6NS81H3FB113 cdn-cachedat 10/25/2022 01:44:07 cdn-pullzone 61945 content-length 2046167 x-amz-id-2 4wbWSMx6t0endCOu84YK56bZZOQndTIdBzQrnqLzqkKFAi7kqlNKRp8oq2tbiM0M79g3mVPJO5A= last-modified Wed, 13 Oct 2021 09:35:36 GMT server BunnyCDN-IL-845 cdn-proxyver 1.03 cdn-requestpullcode 206 content-type image/jpeg cdn-cache HIT cdn-uid 5d127034-96a6-45e8-a482-4f40615f18db cache-control public, max-age=2592000 cdn-requestid 9183e2947459e9d2f9204c68109367b2 accept-ranges bytes cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET H2	200	750x350-copieus-1836.jpg imgs.tagadamedia.com/media/us/18/	2 MB 2 MB	25ms 24ms	Image image/jpeg	185.93.1.244 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://imgs.tagadamedia.com/media/us/18/750x350-copieus-1836.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.93.1.244 Chicago, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-185-93-1-244.datapacket.com Software BunnyCDN-IL-845 / Resource Hash 7b33b6db09b5cedb71be0abb3fea454f98a2425a1d7dcc3166749e7cc9eb0b93 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 20:47:14 GMT cdn-edgestorageid 718 x-amz-request-id G1SJMRJM2QZQBTAZ cdn-cachedat 10/25/2022 01:44:07 cdn-pullzone 61945 content-length 1680103 x-amz-id-2 /xRPSF8gstT4i+bJAQhkla/GsUtO1mHh2MWHVkGBYWZqn8X0BWCrVDeeBXS0CGa54a4RcVI9xpE= last-modified Wed, 13 Oct 2021 09:35:36 GMT server BunnyCDN-IL-845 cdn-proxyver 1.02 cdn-requestpullcode 206 content-type image/jpeg cdn-cache HIT cdn-uid 5d127034-96a6-45e8-a482-4f40615f18db cache-control public, max-age=2592000 cdn-requestid 989ede96766bee9c3e2d28f0154e92bb accept-ranges bytes cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET DATA	200 OK	truncated /	10 KB 10 KB		Other text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type text/javascript
GET H2	200	showads.js Show response ads.anura.io/	0 352 B	120ms 27ms	XHR application/javascript	18.161.34.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.anura.io/showads.js?454990711398 Requested by Host: script.anura.io URL: https://script.anura.io/request.js?instance=3688597576&source=undefined&campaign=undefined&callback=Pushnami.anTrack&797120622271 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.161.34.84 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-161-34-84.bos50.r.cloudfront.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://samplesavenue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sun, 30 Oct 2022 10:58:47 GMT content-encoding gzip via 1.1 dc2c9775397edd7b6dcd6264e93076ba.cloudfront.net (CloudFront) server nginx x-amz-cf-pop BOS50-P2 age 35308 vary Accept-Encoding x-cache Hit from cloudfront access-control-allow-methods GET access-control-allow-origin * content-type application/javascript; charset=utf-8 x-amz-cf-id I2-CVkc7r7y04JHiLgUWmegNt5KwneHR9o-mMBM7elQ18hCjTaNXXw==
POST H2	200	InitFormData Show response create.leadid.com/2.11.9/	0 623 B	45ms 44ms	XHR text/plain	34.192.159.163 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.9/InitFormData?msn=4&pid=a6a98aaf-6be8-409b-8da2-61735362a7c2&token=7017E926-3747-D2C4-08D4-2A8AFF4DE9C2&_=5999176 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.159.163 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-192-159-163.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sun, 30 Oct 2022 20:47:15 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	response.json Show response script.anura.io/	52 B 404 B	202ms 145ms	XHR application/json	100.24.222.39 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/response.json Requested by Host: script.anura.io URL: https://script.anura.io/request.js?instance=3688597576&source=undefined&campaign=undefined&callback=Pushnami.anTrack&797120622271 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 100.24.222.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-24-222-39.compute-1.amazonaws.com Software nginx / Resource Hash 6a400e64785b5eddd2bab83d9b4860ed7c442b5265246b33195b2a93f278b3da Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Sun, 30 Oct 2022 20:47:15 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding access-control-allow-methods POST content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
POST H2	200	psp Show response psp.pushnami.com/api/	2 B 224 B	98ms 97ms	Fetch text/html	52.44.222.245 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://psp.pushnami.com/api/psp Requested by Host: api.pushnami.com URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5cc0bb93e04a8c20b5240228 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.44.222.245 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-44-222-245.compute-1.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept application/json, text/plain, */* Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 key 5cc0bb93e04a8c20b5240228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type application/x-www-form-urlencoded Response headers access-control-allow-origin https://samplesavenue.com date Sun, 30 Oct 2022 20:47:16 GMT cache-control no-cache access-control-allow-credentials true content-encoding gzip vary accept-encoding content-type text/html; charset=utf-8
OPTIONS H2	200	psp psp.pushnami.com/api/ Frame	0 0	115ms 30ms	Preflight application/json	52.44.222.245 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://psp.pushnami.com/api/psp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.44.222.245 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-44-222-245.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers key Access-Control-Request-Method POST Origin https://samplesavenue.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers key access-control-allow-methods POST access-control-allow-origin https://samplesavenue.com access-control-expose-headers content-type, content-length, etag access-control-max-age 600 cache-control no-cache content-encoding gzip content-type application/json; charset=utf-8 date Sun, 30 Oct 2022 20:47:16 GMT vary accept-encoding
POST H2	204	events Show response api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/	0 159 B	28ms 27ms	XHR text/plain	52.71.143.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/events Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.8.30.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-143-120.compute-1.amazonaws.com Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 30 Oct 2022 20:47:16 GMT access-control-expose-headers access-control-allow-credentials true cache-control max-age=0, private, must-revalidate server Cowboy
POST H2	204	events api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/	0 159 B	28ms 28ms	Ping text/plain	52.71.143.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/events Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.8.30.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-143-120.compute-1.amazonaws.com Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 30 Oct 2022 20:47:17 GMT access-control-expose-headers access-control-allow-credentials true cache-control max-age=0, private, must-revalidate server Cowboy
POST H2	204	events Show response api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/	0 159 B	34ms 34ms	XHR text/plain	52.71.143.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/events Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.8.30.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-143-120.compute-1.amazonaws.com Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 30 Oct 2022 20:47:17 GMT access-control-expose-headers access-control-allow-credentials true cache-control max-age=0, private, must-revalidate server Cowboy
POST H2	200	Snap Show response create.leadid.com/2.11.9/	0 623 B	142ms 62ms	XHR text/plain	34.192.159.163 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.9/Snap?msn=5&pid=a6a98aaf-6be8-409b-8da2-61735362a7c2&token=7017E926-3747-D2C4-08D4-2A8AFF4DE9C2&_=5999177 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.159.163 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-192-159-163.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sun, 30 Oct 2022 20:47:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	Snap Show response create.leadid.com/2.11.9/	0 623 B	90ms 61ms	XHR text/plain	34.192.159.163 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.9/Snap?msn=6&pid=a6a98aaf-6be8-409b-8da2-61735362a7c2&token=7017E926-3747-D2C4-08D4-2A8AFF4DE9C2&_=5999178 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.159.163 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-192-159-163.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sun, 30 Oct 2022 20:47:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	Snap Show response create.leadid.com/2.11.9/	0 622 B	84ms 58ms	XHR text/plain	34.192.159.163 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.9/Snap?msn=7&pid=a6a98aaf-6be8-409b-8da2-61735362a7c2&token=7017E926-3747-D2C4-08D4-2A8AFF4DE9C2&_=5999179 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.159.163 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-192-159-163.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sun, 30 Oct 2022 20:47:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	Snap Show response create.leadid.com/2.11.9/	0 623 B	103ms 59ms	XHR text/plain	34.192.159.163 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.9/Snap?msn=8&pid=a6a98aaf-6be8-409b-8da2-61735362a7c2&token=7017E926-3747-D2C4-08D4-2A8AFF4DE9C2&_=5999180 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.159.163 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-192-159-163.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sun, 30 Oct 2022 20:47:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	204	events Show response api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/	0 159 B	30ms 30ms	XHR text/plain	52.71.143.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/events Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.8.30.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-143-120.compute-1.amazonaws.com Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 30 Oct 2022 20:47:18 GMT access-control-expose-headers access-control-allow-credentials true cache-control max-age=0, private, must-revalidate server Cowboy
POST H2	204	events Show response api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/	0 159 B	28ms 27ms	XHR text/plain	52.71.143.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/events Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.8.30.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-143-120.compute-1.amazonaws.com Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 30 Oct 2022 20:47:19 GMT access-control-expose-headers access-control-allow-credentials true cache-control max-age=0, private, must-revalidate server Cowboy
POST H2	204	events Show response api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/	0 159 B	29ms 28ms	XHR text/plain	52.71.143.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/events Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.8.30.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-143-120.compute-1.amazonaws.com Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 30 Oct 2022 20:47:20 GMT access-control-expose-headers access-control-allow-credentials true cache-control max-age=0, private, must-revalidate server Cowboy
POST H2	204	events Show response api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/	0 159 B	28ms 27ms	XHR text/plain	52.71.143.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/events Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.8.30.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-143-120.compute-1.amazonaws.com Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 30 Oct 2022 20:47:21 GMT access-control-expose-headers access-control-allow-credentials true cache-control max-age=0, private, must-revalidate server Cowboy
POST H2	204	events Show response api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/	0 159 B	28ms 28ms	XHR text/plain	52.71.143.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/436c81e57e25372e0914762dfe5726d4d7334854/events Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.8.30.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-143-120.compute-1.amazonaws.com Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://samplesavenue.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 30 Oct 2022 20:47:22 GMT access-control-expose-headers access-control-allow-credentials true cache-control max-age=0, private, must-revalidate server Cowboy