www4.thy.com Open in urlscan Pro
46.31.112.112 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www4.thy.com/baggage/?lang=en
Submission: On October 03 via manual (October 3rd 2023, 8:39:59 pm UTC) from US — Scanned from US

Summary HTTP 109 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 47 IPs in 9 countries across 57 domains to perform 109 HTTP transactions. The main IP is 46.31.112.112, located in Istanbul, Turkey and belongs to THY-AS, TR. The main domain is www4.thy.com. The Cisco Umbrella rank of the primary domain is 565681.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on October 24th 2022. Valid for: a year.

This is the only time www4.thy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	46.31.112.112 46.31.112.112	51625 (THY-AS) (THY-AS)
1	2607:f8b0:402... 2607:f8b0:4020:804::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
1 2	172.217.13.134 172.217.13.134	15169 (GOOGLE) (GOOGLE)
1	172.217.13.166 172.217.13.166	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 4	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	185.167.164.47 185.167.164.47	198622 (ADFORM) (ADFORM)
2	2607:f8b0:402... 2607:f8b0:4020:807::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::9c	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1 16	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
1	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 3	52.71.246.190 52.71.246.190	14618 (AMAZON-AES) (AMAZON-AES)
1	23.41.169.75 23.41.169.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.197.180.240 18.197.180.240	16509 (AMAZON-02) (AMAZON-02)
1 1	23.105.12.173 23.105.12.173	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 2	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1	63.251.28.234 63.251.28.234	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 3	199.127.204.171 199.127.204.171	26120 (RHYTHMONE) (RHYTHMONE)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 2	18.214.54.215 18.214.54.215	14618 (AMAZON-AES) (AMAZON-AES)
1	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	34.233.138.61 34.233.138.61	14618 (AMAZON-AES) (AMAZON-AES)
2	96.17.64.208 96.17.64.208	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.246.44.190 34.246.44.190	16509 (AMAZON-02) (AMAZON-02)
1	52.218.101.219 52.218.101.219	16509 (AMAZON-02) (AMAZON-02)
1 1	141.94.170.77 141.94.170.77	16276 (OVH) (OVH)
3 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	100.24.189.89 100.24.189.89	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
3 4	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.238.55.57 18.238.55.57	16509 (AMAZON-02) (AMAZON-02)
2 3	52.203.124.67 52.203.124.67	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.206.20.105 52.206.20.105	14618 (AMAZON-AES) (AMAZON-AES)
1 1	13.224.214.125 13.224.214.125	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	23.41.168.211 23.41.168.211	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.7.24.177 52.7.24.177	14618 (AMAZON-AES) (AMAZON-AES)
1	69.169.85.6 69.169.85.6	29838 (AMC) (AMC)
3 4	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	23.195.93.95 23.195.93.95	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:9000:220... 2600:9000:2209:b200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	34.238.22.106 34.238.22.106	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1	34.235.210.13 34.235.210.13	14618 (AMAZON-AES) (AMAZON-AES)
1	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
109	47

41 46.31.112.112 (Istanbul, Turkey)

ASN51625 (THY-AS, TR)

www4.thy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:804::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f6.1e100.net

4357925.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.166 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.20 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.47 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:807::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.167.164.39 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.71.246.190 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-246-190.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.41.169.75 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-169-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.180.240 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-180-240.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.173 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.218.10 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.234 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.127.204.171 (United States) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.54.215 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-54-215.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.233.138.61 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-138-61.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.17.64.208 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-64-208.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.44.190 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-44-190.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.101.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.170.77 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.189.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-189-89.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.66 (Old Bridge, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.186 (New York, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.55.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-57.jfk52.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.203.124.67 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-124-67.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.206.20.105 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-20-105.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.125 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-125.phl50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.41.168.211 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-211.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.24.177 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-24-177.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.85.6 (United States)

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.117 (Frankfurt am Main, Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.195.93.95 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-93-95.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:b200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

www.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.22.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-22-106.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.210.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-210-13.compute-1.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	thy.com www4.thy.com — Cisco Umbrella Rank: 565681	1 MB
21	adform.net 3 redirects track.adform.net — Cisco Umbrella Rank: 3716 s2.adform.net — Cisco Umbrella Rank: 8148 c1.adform.net — Cisco Umbrella Rank: 954 dmp.adform.net — Cisco Umbrella Rank: 4243	45 KB
8	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 4357925.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	6 KB
4	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 687	5 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 806 ib.adnxs.com — Cisco Umbrella Rank: 360	3 KB
4	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 637	1 KB
4	google.com www.google.com — Cisco Umbrella Rank: 11 adservice.google.com — Cisco Umbrella Rank: 182	1 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 802	1 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 3797	2 KB
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 1002 ice.360yield.com — Cisco Umbrella Rank: 2683	1 KB
3	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 668 www.google-analytics.com — Cisco Umbrella Rank: 96	38 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 713	720 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14107	629 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1562	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 319	2 KB
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 3562	492 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 1088	789 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1377	837 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 830	893 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 719	816 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1620	1 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 2139	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 933	998 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 614	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 509	490 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3400	694 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	87 KB
1	sojern.com pixel.sojern.com — Cisco Umbrella Rank: 9851	156 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2936	120 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 2888	109 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 42047	49 B
1	tumblr.com www.tumblr.com — Cisco Umbrella Rank: 9143	1 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 1092	527 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 2022	278 B
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 3145	72 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 2721	640 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 936	647 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 40280	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1265	474 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1035	339 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3680	417 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 49237	407 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 1298	634 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 2754	324 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128	452 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 919	638 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011	669 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 764	662 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4449	400 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 36027	467 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	96 KB
0	e-volution.ai Failed sync.e-volution.ai Failed
0	1dmp.io Failed sync.1dmp.io Failed
109	57

	Domain	Requested by
41	www4.thy.com	www4.thy.com
12	c1.adform.net	1 redirects track.adform.net c1.adform.net
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	match.adsrvr.org	3 redirects c1.adform.net
4	track.adform.net	2 redirects www4.thy.com
3	pixel.tapad.com	3 redirects
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	www.google.com	www4.thy.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	eu-u.openx.net	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	px.ads.linkedin.com	1 redirects c1.adform.net
2	idsync.rlcdn.com	2 redirects
2	ps.eyeota.net	1 redirects c1.adform.net
2	uipglob.semasio.net	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	sync.1rx.io	2 redirects
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www4.thy.com connect.facebook.net
2	4357925.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
1	pixel.sojern.com	c1.adform.net
1	e1.emxdgt.com	c1.adform.net
1	bpi.rtactivate.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	www.tumblr.com	c1.adform.net
1	s.ad.smaato.net	1 redirects
1	sync.teads.tv	c1.adform.net
1	ice.360yield.com	1 redirects
1	ib.adnxs.com	1 redirects
1	global.ib-ibi.com	c1.adform.net
1	pixel.mathtag.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	pixel.onaudience.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	pippio.com	1 redirects
1	loadm.exelator.com	c1.adform.net
1	sync.targeting.unrulymedia.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	1 redirects
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	www.facebook.com	www4.thy.com
1	server.seadform.net	www4.thy.com
1	adservice.google.com	4357925.fls.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	s2.adform.net	www4.thy.com
1	ad.doubleclick.net	www.googletagmanager.com
1	ssl.google-analytics.com	www4.thy.com
1	www.googletagmanager.com	www4.thy.com
0	sync.e-volution.ai Failed	c1.adform.net
0	sync.1dmp.io Failed	c1.adform.net
109	68

This site contains links to these domains. Also see Links.

Domain
www.turkishairlines.com

Subject Issuer	Validity	Valid
*.thy.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-10-24` - `2023-10-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-13` - `2023-10-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
*.ib-ibi.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-21` - `2024-04-02`	a year	crt.sh
teads.tv R3	`2023-09-13` - `2023-12-12`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2023-06-14` - `2024-06-14`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www4.thy.com/baggage/?lang=en
Frame ID: 18B6289F2AA9A239E0BB4FA2B9B25A96
Requests: 59 HTTP requests in this frame

Frame: https://4357925.fls.doubleclick.net/activityi;dc_pre=CIzy06Te2oEDFY29nwodHswIPA;src=4357925;type=counter;cat=Count-;ord=5648730838620;auiddc=1633019736.1696365593;u3=undefined;u2=undefined;u1=undefined;u5=undefined;u4=undefined;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den
Frame ID: 62360E79A5A93693DD8EF88B0A84FFB0
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Frame ID: 489D5ED99A2867754953C1680BFE43B1
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Turkish Airlines Baggage Services

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Bag

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

109
Requests

72 %
HTTPS

18 %
IPv6

57
Domains

68
Subdomains

47
IPs

9
Countries

1375 kB
Transfer

3523 kB
Size

102
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.turkishairlines.com/

Search URL Search Domain Scan URL

URL: https://www.turkishairlines.com/en-int/any-questions/lost-and-delayed-baggage/
Title: lost, damaged, missing, late delivered baggage

Search URL Search Domain Scan URL

URL: https://www.turkishairlines.com/en-tr/flights/lost-baggage/baggage-tracking/index.html
Title: here

Search URL Search Domain Scan URL

URL: https://www.turkishairlines.com/en-tr/legal-notice/privacy-policy/cookies/index.html
Title: More info

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://4357925.fls.doubleclick.net/activityi;src=4357925;type=counter;cat=Count-;ord=5648730838620;auiddc=1633019736.1696365593;u3=undefined;u2=undefined;u1=undefined;u5=undefined;u4=undefined;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den HTTP 302
https://4357925.fls.doubleclick.net/activityi;dc_pre=CIzy06Te2oEDFY29nwodHswIPA;src=4357925;type=counter;cat=Count-;ord=5648730838620;auiddc=1633019736.1696365593;u3=undefined;u2=undefined;u1=undefined;u5=undefined;u4=undefined;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den

Request Chain 47

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 56

https://track.adform.net/Serving/TrackPoint/?pm=876573&ADFdivider=%7C&ord=784562196763&ADFtpmode=2&loc=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=876573&ADFdivider=%7C&ord=784562196763&ADFtpmode=2&loc=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 62

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=3277599254868136037&Expiration=1697575194 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3277599254868136037&Expiration=1697575194

Request Chain 65

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3277599254868136037&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3277599254868136037&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=63d5c6657c284a4e884f6f774ed350d7 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=706be84434492e4883b0f206df03d25efa1c703c3aa51fb63981d093f36807ff

Request Chain 66

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=3277599254868136037&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=8207964416225097642

Request Chain 67

https://ups.analytics.yahoo.com/ups/55944/sync?uid=3277599254868136037&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=3277599254868136037&_origin=1&verify=true

Request Chain 69

https://x.bidswitch.net/sync?dsp_id=70&user_id=3277599254868136037 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=3277599254868136037 HTTP 302
https://sync.1rx.io/usersync/bidswitch/1bf8437b-f0ae-4028-91d7-e67d715b7724?gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.1rx.io/usersync/bidswitch/1bf8437b-f0ae-4028-91d7-e67d715b7724?zcc=1&cb=1696365594644 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5498b682-a1bd-4f0d-a4e7-4dd7eaa20fed-005

Request Chain 70

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3277599254868136037&expiration=1697575194 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3277599254868136037&expiration=1697575194&C=1

Request Chain 71

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=3277599254868136037&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=3277599254868136037&sInitiator=external

Request Chain 72

https://ps.eyeota.net/match?uid=3277599254868136037&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=3277599254868136037&bid=9gdtmu1

Request Chain 74

https://idsync.rlcdn.com/398366.gif?partner_uid=3277599254868136037 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMzI3NzU5OTI1NDg2ODEzNjAzNxAAGg0ImvjxqAYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=33ec1b4cac3ab9364e8c63213fd53d3d685c6676df80ddea25686b4fae1eb13c791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=33ec1b4cac3ab9364e8c63213fd53d3d685c6676df80ddea25686b4fae1eb13c791426b5417dce21&rand=04444969 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=33ec1b4cac3ab9364e8c63213fd53d3d685c6676df80ddea25686b4fae1eb13c791426b5417dce21&rand=04444969&expected_cookie=e00d4332-0187-41f6-97af-18f62ac6fab4

Request Chain 75

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3277599254868136037/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3277599254868136037/gdpr=/gdpr_consent=

Request Chain 77

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3277599254868136037 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3277599254868136037

Request Chain 78

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 79

https://pixel.onaudience.com/?mapped=3277599254868136037&partner=68 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzI3NzU5OTI1NDg2ODEzNjAzNw HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKkN3XmBjv9St4YG3K6u7vY&google_cver=1&google_ula=1641347,0

Request Chain 82

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=3903918804796204261&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=3277599254868136037

Request Chain 86

https://a.audrte.com/a?adform_uid=3277599254868136037 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Z2k1NlZQZnl5MmxUMHlRM25UVVZid0RKdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 87

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=3277599254868136037&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=3277599254868136037&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=13161145987194093203380824435437906267&noredirect=1

Request Chain 88

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=3277599254868136037 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213520604658011908699

Request Chain 89

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7285834752588511375

Request Chain 91

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=5b98651c-7c1b-4c00-bdd9-282ab8dd5666

Request Chain 92

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=oUUZR5aE1QNMbp5

Request Chain 93

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=7bc5aed4-103c-4073-b0c6-7956b9a40064

Request Chain 95

https://id5-sync.com/s/10/0.gif?puid=3277599254868136037 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=3277599254868136037&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/10/2/1/2.gif?puid=3903918804796204261&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-a37aND2npgr1uyRF4ZAR1CWvWCoHMlZ9IPfwSkhCFA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/0/3.gif?puid=f1b88cb5-d3ab-4b5c-8eb3-c02c2ee4827e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Request Chain 96

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=66789086 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=oMkteUPPIqFTW.G8FSRnI.

Request Chain 99

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=3277599254868136037 HTTP 302
https://www.tumblr.com/ads-user-sync?partner=smaato&uid=612f48c32b&gdpr=0&gdpr_consent=

Request Chain 100

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=3277599254868136037&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=3277599254868136037&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c4e6ad96-f213-4d64-8fd4-83a9f3ab9dd4%252Chttps%25253A%25252F%25252Fc1.adform.net%25252Fserving%25252Fcookie%25252Fmatch%25253Fparty%25253D2007%252526cid%25253Dc4e6ad96-f213-4d64-8fd4-83a9f3ab9dd4%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7bc5aed4-103c-4073-b0c6-7956b9a40064&ttd_puid=c4e6ad96-f213-4d64-8fd4-83a9f3ab9dd4%2Chttps%253A%252F%252Fc1.adform.net%252Fserving%252Fcookie%252Fmatch%253Fparty%253D2007%2526cid%253Dc4e6ad96-f213-4d64-8fd4-83a9f3ab9dd4%2C HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=c4e6ad96-f213-4d64-8fd4-83a9f3ab9dd4

Request Chain 103

https://eb2.3lift.com/xuid?mid=7354&xuid=3277599254868136037&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=3277599254868136037&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

109 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www4.thy.com/baggage/ 15 KB
7 KB 939ms
341ms Document
text/html 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 18c026044856f8e388c8771e3975b5802682661aba87f37bc7814bb082e59ef6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 03 Oct 2023 20:39:50 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1560757750"
Transfer-Encoding: chunked
X-OneAgent-JS-Injection: true
elapsedResponseTime: 66

GET
H/1.1 200
OK ruxitagentjs_ICA2NVfqru_10273230920145353.js Show response
www4.thy.com/baggage/ 183 KB
96 KB 963ms
273ms Script
text/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/ruxitagentjs_ICA2NVfqru_10273230920145353.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 77147b992b34252900c1b9eb10ac24ce322865bd6711214d4ed056fef308c06d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
elapsedResponseTime: 3
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
Connection: Keep-Alive
Keep-Alive: timeout=15, max=9999
Expires: Wed, 02 Oct 2024 20:39:51 GMT

GET
H/1.1 200
OK font-awesome.css.tk
www4.thy.com/baggage/javax.faces.resource/fa/ 31 KB
10 KB 549ms
281ms Stylesheet
text/css 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/javax.faces.resource/fa/font-awesome.css.tk?ln=primefaces&v=6.2
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 57a679326752aee96a8ee1115d67c0bb79faee1ccfc02d72503b08e86a4a34aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Feb 2018 18:23:26 GMT
elapsedResponseTime: 11
Transfer-Encoding: chunked
Content-Type: text/css
X-OneAgent-JS-Injection: true
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="291072540"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=10000
Expires: Tue, 10 Oct 2023 20:39:51 GMT

GET
H/1.1 404
Not Found RES_NOT_FOUND
www4.thy.com/baggage/ 0
0 419ms
150ms Stylesheet
text/html 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/RES_NOT_FOUND
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
elapsedResponseTime: 14
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-9
X-OneAgent-JS-Injection: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1764811645"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=10000
X-ruxit-JS-Agent: true
Connection: Keep-Alive

GET
H/1.1 200
OK jquery.js.tk Show response
www4.thy.com/baggage/javax.faces.resource/jquery/ 85 KB
42 KB 978ms
289ms Script
text/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/javax.faces.resource/jquery/jquery.js.tk?ln=primefaces&v=6.2
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 90d7c57f39e9c93fd77f5a92d07a6967eedd61fba40c0f3de80bd5105d96a5c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Feb 2018 18:23:24 GMT
elapsedResponseTime: 17
Transfer-Encoding: chunked
Content-Type: text/javascript
X-OneAgent-JS-Injection: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1172038887"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=9998
Expires: Tue, 10 Oct 2023 20:39:51 GMT

GET
H/1.1 200
OK jquery-plugins.js.tk Show response
www4.thy.com/baggage/javax.faces.resource/jquery/ 255 KB
101 KB 973ms
284ms Script
text/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/javax.faces.resource/jquery/jquery-plugins.js.tk?ln=primefaces&v=6.2
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 54e9fc788d0725a66cab8bc860c28cbc5c033657fccb04bbf4e087338a5fa4ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Feb 2018 18:23:32 GMT
elapsedResponseTime: 10
Transfer-Encoding: chunked
Content-Type: text/javascript
X-OneAgent-JS-Injection: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-2090828985"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=9998
Expires: Tue, 10 Oct 2023 20:39:51 GMT

GET
H/1.1 200
OK core.js.tk Show response
www4.thy.com/baggage/javax.faces.resource/ 31 KB
13 KB 972ms
277ms Script
text/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/javax.faces.resource/core.js.tk?ln=primefaces&v=6.2
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: acbbbe04cf5e39536a556402dfe5ac8df6c0f8da7ee38ed2b3b5d04a03a04613

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Feb 2018 18:23:32 GMT
elapsedResponseTime: 9
Transfer-Encoding: chunked
Content-Type: text/javascript
X-OneAgent-JS-Injection: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-2031801682"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=9997
Expires: Tue, 10 Oct 2023 20:39:51 GMT

GET
H/1.1 200
OK myStyle.css
www4.thy.com/baggage/resources/css/ 8 KB
3 KB 417ms
148ms Stylesheet
text/css 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/resources/css/myStyle.css?v=1.5.1.3.20230118_102713
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 73bdd6e0a0cf44a926d12930f24ef4ba9a9aba165014ec0592e465419b73fcca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:31:04 GMT
elapsedResponseTime: 12
Content-Type: text/css
X-OneAgent-JS-Injection: true
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="391227954"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=10000
Content-Length: 2719
Connection: Keep-Alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK pdf.js Show response
www4.thy.com/baggage/resources/js/ 360 KB
117 KB 983ms
288ms Script
text/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/resources/js/pdf.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 7a613bd6db8cbcab8ff755f702214ead016151ff9b0510629940c64d5ac6a274

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:31:04 GMT
elapsedResponseTime: 8
Transfer-Encoding: chunked
Content-Type: text/javascript
X-OneAgent-JS-Injection: true
Cache-Control: no-cache, no-store, must-revalidate
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1518608236"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9997
Connection: Keep-Alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK file.js Show response
www4.thy.com/baggage/resources/js/ 3 KB
2 KB 970ms
145ms Script
text/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/resources/js/file.js?v=1.5.1.3.20230118_102713
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 2c00923e0f22d6be5c281558d0a7e4963b4304af313434210a4e12ea23aa0c7c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:31:04 GMT
elapsedResponseTime: 11
Content-Type: text/javascript
X-OneAgent-JS-Injection: true
Cache-Control: no-cache, no-store, must-revalidate
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1661133046"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9997
Content-Length: 1285
Connection: Keep-Alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK jquery-ui.css
www4.thy.com/baggage/resources/css/ 35 KB
12 KB 684ms
411ms Stylesheet
text/css 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/resources/css/jquery-ui.css
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: f990eb6961e50492396c976a4fafb9352df5a003e3834898b2c2e3731f3391f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:31:04 GMT
elapsedResponseTime: 7
Transfer-Encoding: chunked
Content-Type: text/css
X-OneAgent-JS-Injection: true
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1288673702"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=10000
Connection: Keep-Alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK jquery.js Show response
www4.thy.com/baggage/resources/js/ 292 KB
127 KB 1254ms
283ms Script
text/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/resources/js/jquery.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 6fbb86a67c5f7e8883b26f1215cd331bbf9ebeff732bdfd82d952d9a66f78991

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:31:04 GMT
elapsedResponseTime: 9
Transfer-Encoding: chunked
Content-Type: text/javascript
X-OneAgent-JS-Injection: true
Cache-Control: no-cache, no-store, must-revalidate
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1712815113"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9996
Connection: Keep-Alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK jquery.mask.min.js Show response
www4.thy.com/baggage/resources/js/ 6 KB
4 KB 1113ms
140ms Script
text/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/resources/js/jquery.mask.min.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: e28402acf82dc0bbd4cb1cbd1bca97cbee7d8862d828a31d256a8821eca5b299

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:31:04 GMT
elapsedResponseTime: 6
Transfer-Encoding: chunked
Content-Type: text/javascript
X-OneAgent-JS-Injection: true
Cache-Control: no-cache, no-store, must-revalidate
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1449943214"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9996
Connection: Keep-Alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK jquery-ui.js Show response
www4.thy.com/baggage/resources/js/ 476 KB
180 KB 1259ms
147ms Script
text/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/resources/js/jquery-ui.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 5fc4a21d13d148047c448ed9fa302d2ee3446c3699e42dead3eb745ab8815652

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:31:04 GMT
elapsedResponseTime: 6
Transfer-Encoding: chunked
Content-Type: text/javascript
X-OneAgent-JS-Injection: true
Cache-Control: no-cache, no-store, must-revalidate
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1756394352"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9997
Connection: Keep-Alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK reset.css
www4.thy.com/images/tklayout/css/ 1 KB
2 KB 410ms
138ms Stylesheet
text/css 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/css/reset.css
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: b0b7e5ffe3592675b46263146345cf5d46fac58d17b60d7e32bad0c4a8dff435

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 4
Content-Type: text/css
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="527618553"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=10000
Content-Length: 796
Connection: Keep-Alive

GET
H/1.1 200
OK style.css
www4.thy.com/images/tklayout/css/ 30 KB
9 KB 546ms
273ms Stylesheet
text/css 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/css/style.css
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: b0ebb569aaffe0b2927eb7f1b534672c4a27132fb3ae85439d8ded7c828aea1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 4
Content-Type: text/css
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-879562237"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=10000
Content-Length: 8550
Connection: Keep-Alive

GET
H/1.1 200
OK ui.css
www4.thy.com/images/tklayout/css/ 29 KB
8 KB 684ms
273ms Stylesheet
text/css 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/css/ui.css
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 31c5463c4f624447b3bb3a69f3434cd76e67f671c702e664882ecafb26681f50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: text/css
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1648976088"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9999
Content-Length: 6709
Connection: Keep-Alive

GET
H/1.1 200
OK form.css
www4.thy.com/images/tklayout/css/ 4 KB
3 KB 555ms
137ms Stylesheet
text/css 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/css/form.css
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: c5d53404ccf5b92b7b8363d20df3f8bb2d39a42a1ab3a42dbadbf63af98a570c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: text/css
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1177277496"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9999
Content-Length: 1602
Connection: Keep-Alive

GET
H/1.1 200
OK jquery-1.5.1.min.js Show response
www4.thy.com/images/tklayout/js/ 85 KB
42 KB 1254ms
141ms Script
application/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/jquery-1.5.1.min.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: d454d1678f862fa4046147ec1f41f551bec8ced6c14bf8c3e06f4520b8895a69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2017 10:53:41 GMT
elapsedResponseTime: 3
Transfer-Encoding: chunked
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1370290525"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9995
Connection: Keep-Alive

GET
H/1.1 200
OK jquery.colortip-1.0.css
www4.thy.com/images/tklayout/js/plugin/jquery.colortip/ 2 KB
2 KB 553ms
136ms Stylesheet
text/css 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/jquery.colortip/jquery.colortip-1.0.css
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: e91989148db0a451fd96b0ceb73302efe3b91d59243473a465c3cd650e3dbb65

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: text/css
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1282518143"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9999
Content-Length: 1055
Connection: Keep-Alive

GET
H/1.1 200
OK jquery.colortip-1.0.js Show response
www4.thy.com/images/tklayout/js/plugin/jquery.colortip/ 4 KB
3 KB 1366ms
138ms Script
application/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/jquery.colortip/jquery.colortip-1.0.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: aca455a6575de5b6367da9d6934982ff7feb0f50c1817f6e3e005ed0ff5eeb54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-578532903"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9998
Content-Length: 1959
Connection: Keep-Alive

GET
H/1.1 200
OK accordion.js Show response
www4.thy.com/images/tklayout/js/plugin/ 689 B
2 KB 1511ms
143ms Script
application/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/accordion.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 427ad523d6fbf568f356fcc740f61dbe216ead1ef60998a0fe3628e657d1e089

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="93336720"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9997
Content-Length: 689
Connection: Keep-Alive

GET
H/1.1 200
OK combo.css
www4.thy.com/images/tklayout/js/plugin/jquery.combo/css/ 964 B
2 KB 685ms
138ms Stylesheet
text/css 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/jquery.combo/css/combo.css
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 95d33276fa9dd4f6ddbe03798c05ebf433f4634664ef9780563c7d01409e52f5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: text/css
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1295459709"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9999
Content-Length: 964
Connection: Keep-Alive

GET
H/1.1 200
OK stil.css
www4.thy.com/images/tklayout/js/plugin/jquery.combo/css/combo/ 2 KB
2 KB 684ms
137ms Stylesheet
text/css 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/jquery.combo/css/combo/stil.css
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 7c7c2f3ce55641ce99afac04c14589f3ab37829853102713164188d741d4c99c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 2
Content-Type: text/css
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1688691534"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9999
Content-Length: 958
Connection: Keep-Alive

GET
H/1.1 200
OK jquery.combo.min.js Show response
www4.thy.com/images/tklayout/js/plugin/jquery.combo/ 32 KB
13 KB 1537ms
146ms Script
application/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/jquery.combo/jquery.combo.min.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 288f2bace696c2774504dab7f5d73c958134045eefdb5d27ae97b096f8e832e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 4
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1717227617"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9994
Content-Length: 12155
Connection: Keep-Alive

GET
H/1.1 200
OK datepicker.css
www4.thy.com/images/tklayout/js/plugin/datepicker/ 7 KB
4 KB 691ms
137ms Stylesheet
text/css 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/datepicker/datepicker.css
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 982522358c4d8ab75da671728bf370fc150a267bcf7b9ea981008dbc08649802

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: text/css
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1206807538"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9998
Content-Length: 2525
Connection: Keep-Alive

GET
H/1.1 200
OK date_en.js Show response
www4.thy.com/images/tklayout/js/plugin/datepicker/ 13 KB
5 KB 1576ms
148ms Script
application/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/datepicker/date_en.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 48fa8f5681683a99d0d4df4d6ae2db4e4031e95a134afe42bdcdf29bdf4adefe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1376412402"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9996
Content-Length: 4568
Connection: Keep-Alive

GET
H/1.1 200
OK datepicker.js Show response
www4.thy.com/images/tklayout/js/plugin/datepicker/ 43 KB
17 KB 1659ms
147ms Script
application/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/datepicker/datepicker.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 598a6747868c0b531ec9a88bd6073f0bd8ffcec66054d07b6c4e6288c9c79984

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1856676719"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9996
Content-Length: 16260
Connection: Keep-Alive

GET
H/1.1 200
OK dateMultiMonth.js Show response
www4.thy.com/images/tklayout/js/plugin/datepicker/ 7 KB
3 KB 1663ms
144ms Script
application/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/datepicker/dateMultiMonth.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 67ad95d906c0808befa9f2a7ce7cfe6897ffa9e01c40a0731041bf7931f81325

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 2
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1912822970"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9997
Content-Length: 2333
Connection: Keep-Alive

GET
H/1.1 200
OK jquery.fancybox-1.3.4.css
www4.thy.com/images/tklayout/js/plugin/jquery.fancybox/ 9 KB
4 KB 691ms
137ms Stylesheet
text/css 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/jquery.fancybox/jquery.fancybox-1.3.4.css
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 938f04fefb7daf3fd1aa3e1332a771bb1081e010d613cd95e06c0c0b1c597c0d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: text/css
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1383256623"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9998
Content-Length: 2659
Connection: Keep-Alive

GET
H/1.1 200
OK jquery.fancybox-1.3.4.js Show response
www4.thy.com/images/tklayout/js/plugin/jquery.fancybox/ 29 KB
12 KB 1682ms
146ms Script
application/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/jquery.fancybox/jquery.fancybox-1.3.4.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 550da296bfff54193e141d0934e2dcb71a210b975c547eb56bdd96f3adab2281

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 2
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1917716816"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9993
Content-Length: 10820
Connection: Keep-Alive

GET
H/1.1 200
OK menuOver.js Show response
www4.thy.com/images/tklayout/js/ 1 KB
2 KB 1723ms
146ms Script
application/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/menuOver.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: e1cd019ed15754c970fb16d36cd60e99e11bbb043ec748e85cbf9b68152527af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1100909804"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9995
Content-Length: 591
Connection: Keep-Alive

GET
H/1.1 200
OK jquery.autocomplete.css
www4.thy.com/images/tklayout/js/plugin/jquery.autocomplete/ 797 B
2 KB 820ms
136ms Stylesheet
text/css 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/jquery.autocomplete/jquery.autocomplete.css
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 4beeab88211da104f7d4fe2ac0366fe84540d3d93549d73507e9ab6b1b288a7c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:51 GMT
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 2
Content-Type: text/css
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="453173516"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9998
Content-Length: 797
Connection: Keep-Alive

GET
H/1.1 200
OK jquery.autocomplete.js Show response
www4.thy.com/images/tklayout/js/plugin/jquery.autocomplete/ 21 KB
10 KB 1804ms
145ms Script
application/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/jquery.autocomplete/jquery.autocomplete.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: c15cf49656940d2815ba48b06372e60f4577e4742bda5c358769783de2397e20

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="233185207"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9995
Content-Length: 9438
Connection: Keep-Alive

GET
H/1.1 200
OK localdata.js Show response
www4.thy.com/images/tklayout/js/plugin/jquery.autocomplete/ 15 KB
8 KB 1807ms
144ms Script
application/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/plugin/jquery.autocomplete/localdata.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: a62d1c1172c87fdfd11f977fb1f2a0dc8e1e941a17cde82f20d51962fb5be22d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1601642192"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9996
Content-Length: 6991
Connection: Keep-Alive

GET
H/1.1 200
OK functions.js Show response
www4.thy.com/images/tklayout/js/ 115 KB
36 KB 1827ms
144ms Script
application/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/functions.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: d0e5d0f8f4345b3def3b8461059fa65a5f4d23ae5280d5fffc5bfef11eab57e7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2017 10:53:41 GMT
elapsedResponseTime: 2
Transfer-Encoding: chunked
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1715833091"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9992
Connection: Keep-Alive

GET
H/1.1 200
OK tablesorter.js Show response
www4.thy.com/images/tklayout/js/ 6 KB
3 KB 1860ms
144ms Script
application/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/images/tklayout/js/tablesorter.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: ce3df70b75c332b9d0fa4e9cd4469cfdc152ba7d45d8291ad7ae1ae9f9d11109

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 2
Content-Type: application/javascript
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-720736984"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9995
Content-Length: 1591
Connection: Keep-Alive

GET
H/1.1 200
OK m_logo.png
www4.thy.com/images/tklayout/img/ 10 KB
11 KB 144ms
144ms Image
image/png 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www4.thy.com/images/tklayout/img/m_logo.png
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: db497fbf446625c8d2df32a4f0608e0e4cb255ec7d81d8e3e44775ca93589242

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: image/png
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1838048154"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9994
Content-Length: 10684
Connection: Keep-Alive

GET
H/1.1 200
OK en.png
www4.thy.com/baggage/resources/img/ 3 KB
4 KB 150ms
149ms Image
image/png 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www4.thy.com/baggage/resources/img/en.png
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 74f96784dc05bd5370f25b0d850d0fd7a455422cefafbf52450899aba5ca8cd0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:52 GMT
Last-Modified: Thu, 19 Jan 2023 13:31:04 GMT
elapsedResponseTime: 7
Content-Type: image/png
X-OneAgent-JS-Injection: true
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-746848505"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9996
Content-Length: 3543
Connection: Keep-Alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK components.js.tk Show response
www4.thy.com/baggage/javax.faces.resource/ 399 KB
140 KB 155ms
155ms Script
text/javascript 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www4.thy.com/baggage/javax.faces.resource/components.js.tk?ln=primefaces&v=6.2
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: b1bae460fb4e8c2fbf08da925bc45343d97b338ba4b6d3e2f656cf405abb9a11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/baggage/?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Feb 2018 18:23:32 GMT
elapsedResponseTime: 9
Transfer-Encoding: chunked
Content-Type: text/javascript
X-OneAgent-JS-Injection: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1694017338"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=9991
Expires: Tue, 10 Oct 2023 20:39:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 325 KB
96 KB 102ms
61ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-6V7P

Requested by

Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c3929d1e1777314c0f594e78041f2e37e0d5e13f132b9a578a072f5d5226856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97958
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 18:09:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Oct 2023 20:39:52 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 55ms
13ms Script
text/javascript 2607:f8b0:4020:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 19:14:16 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5136
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 03 Oct 2023 21:14:16 GMT

GET
H/1.1 200
OK bg.jpg
www4.thy.com/images/tklayout/img/ 31 KB
31 KB 145ms
145ms Image
image/jpeg 46.31.112.112
THY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www4.thy.com/images/tklayout/img/bg.jpg
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/images/tklayout/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.31.112.112 Istanbul, Turkey, ASN51625 (THY-AS, TR),
Reverse DNS
Software: /
Resource Hash: 558009b6e718837b94e28bf64b7c93c56f0b95a391b3d9ec3cd312e1d6703d57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/images/tklayout/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:52 GMT
Last-Modified: Wed, 04 Jan 2017 20:53:31 GMT
elapsedResponseTime: 3
Content-Type: image/jpeg
Cache-Control: public,max-age=86400
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1078971359"
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=9995
Content-Length: 31505
Connection: Keep-Alive

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/952663735/ 2 KB
2 KB 91ms
49ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952663735/?random=1696365592912&cv=11&fst=1696365592912&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den&label=YOsYCOneuQUQt_2hxgM&hn=www.googleadservices.com&frm=0&tiba=Turkish%20Airlines%20Baggage%20Services&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6V7P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14bbfebc773dcecb3ad8bf690b68a421970b5cd61c32182ce07c089dd8d4cdbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CIzy06Te2oEDFY29nwodHswIPA;src=4357925;type=counter;cat=Count-;ord=5648730838620;auiddc=1633019736.1696365593;u3=undefined;u2=undefined;u1=undefined;u5=undefined;u4=undefined;gtm=4... Show response
4357925.fls.doubleclick.net/ Frame 6236
Redirect Chain

https://4357925.fls.doubleclick.net/activityi;src=4357925;type=counter;cat=Count-;ord=5648730838620;auiddc=1633019736.1696365593;u3=undefined;u2=undefined;u1=undefined;u5=undefined;u4=undefined;gtm...
https://4357925.fls.doubleclick.net/activityi;dc_pre=CIzy06Te2oEDFY29nwodHswIPA;src=4357925;type=counter;cat=Count-;ord=5648730838620;auiddc=1633019736.1696365593;u3=undefined;u2=undefined;u1=undef...

532 B
631 B

57ms
57ms

Document
text/html

172.217.13.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4357925.fls.doubleclick.net/activityi;dc_pre=CIzy06Te2oEDFY29nwodHswIPA;src=4357925;type=counter;cat=Count-;ord=5648730838620;auiddc=1633019736.1696365593;u3=undefined;u2=undefined;u1=undefined;u5=undefined;u4=undefined;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6V7P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f6.1e100.net

Software

cafe /

Resource Hash

7516d9b24cb91e4956d300adf64437332ca61f020730696299d237764ac5a347

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www4.thy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 293
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 20:39:53 GMT
expires: Tue, 03 Oct 2023 20:39:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 20:39:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4357925.fls.doubleclick.net/activityi;dc_pre=CIzy06Te2oEDFY29nwodHswIPA;src=4357925;type=counter;cat=Count-;ord=5648730838620;auiddc=1633019736.1696365593;u3=undefined;u2=undefined;u1=undefined;u5=undefined;u4=undefined;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/979551715/ 2 KB
1 KB 85ms
58ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979551715/?random=1696365592931&cv=11&fst=1696365592931&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Turkish%20Airlines%20Baggage%20Services&auid=1633019736.1696365593&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6V7P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fc5bd0de562572fb6278f996250a5bbe9a9dff91169f0bf70348d2001413671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1300
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B9297119.126160864;sz=1x2;ord=1610435826;dc_lat=;dc_rdid=;tag_for_child_directed_treatment= Show response
ad.doubleclick.net/ddm/adj/N6757.197812NSO.CODESRV/ 11 B
548 B 87ms
43ms Script
text/javascript 172.217.13.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N6757.197812NSO.CODESRV/B9297119.126160864;sz=1x2;ord=1610435826;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6V7P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 19ms
4ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Oct 2023 20:39:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: dcIzM4Xg5JfBdFURc7P0i1kOIbBgNKbEBGOSo47cUml/Uk6gRHbfM2LXNDD+LXlis/ks5Jj9s2X+4+ewV9JCGw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
31 KB

53ms
4ms

Script
application/javascript

185.167.164.47
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en
Protocol: H2
Server: 185.167.164.47 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:53 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002c3f35d322d138ac-00646c8ee1-32950a49-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Tue, 03 Oct 2023 20:39:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 52ms
12ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6V7P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 20:12:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1635
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 03 Oct 2023 22:12:37 GMT

GET
H2 200 1405733779689993 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 1224ms
1223ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1405733779689993?v=2.9.132&r=stable&domain=www4.thy.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dd034105e81a798b9d634fb08b8f5894669c65a221350ad5a5c73152daf51e7d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Oct 2023 20:39:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 1yhBJfWCSsOdGK+tEuft3QLYl4MkIOVW5ww9w3SlTnfkB0a8tuFlzwwIWnbKVNH3KLmrdocPy10uRLNPiTD+0g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 45ms
44ms XHR
text/plain 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1313873395&t=pageview&_s=1&dl=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den&dp=%2Fbaggage%2F%3Flang%3Den&ul=en-us&de=UTF-8&dt=Turkish%20Airlines%20Baggage%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGhAgEABAAAAACAAM~&jid=178097939&gjid=1798971208&cid=1335898423.1696365593&tid=UA-10160929-10&_gid=1686641051.1696365593&_slc=1&gtm=45He3a20n516V7P&z=672109712

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www4.thy.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www4.thy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
345 B 49ms
27ms XHR
text/plain 2607:f8b0:4004:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10160929-10&cid=1335898423.1696365593&jid=178097939&gjid=1798971208&_gid=1686641051.1696365593&_u=YGhAgEABAAAAAGAAM~&z=1499286129

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www4.thy.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 03 Oct 2023 20:39:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www4.thy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/952663735/ 42 B
108 B 48ms
32ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/952663735/?random=1696365592912&cv=11&fst=1696363200000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den&label=YOsYCOneuQUQt_2hxgM&frm=0&tiba=Turkish%20Airlines%20Baggage%20Services&fmt=3&is_vtc=1&random=1794704861&rmt_tld=0&ipr=y

Requested by

Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/979551715/ 42 B
455 B 46ms
31ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/979551715/?random=1696365592931&cv=11&fst=1696363200000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den&frm=0&tiba=Turkish%20Airlines%20Baggage%20Services&fmt=3&is_vtc=1&random=2348260925&rmt_tld=0&ipr=y

Requested by

Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10160929-10&cid=1335898423.1696365593&jid=178097939&_u=YGhAgEABAAAAAGAAM~&z=1627390886

Requested by

Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIzy06Te2oEDFY29nwodHswIPA;src=4357925;type=counter;cat=Count-;ord=5648730838620;auiddc=*;u3=undefined;u2=undefined;u1=undefined;u5=undefined;u4=undefined;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=...
adservice.google.com/ddm/fls/z/ Frame 6236 42 B
401 B 50ms
30ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIzy06Te2oEDFY29nwodHswIPA;src=4357925;type=counter;cat=Count-;ord=5648730838620;auiddc=*;u3=undefined;u2=undefined;u1=undefined;u5=undefined;u4=undefined;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den

Requested by

Host: 4357925.fls.doubleclick.net
URL: https://4357925.fls.doubleclick.net/activityi;dc_pre=CIzy06Te2oEDFY29nwodHswIPA;src=4357925;type=counter;cat=Count-;ord=5648730838620;auiddc=1633019736.1696365593;u3=undefined;u2=undefined;u1=undefined;u5=undefined;u4=undefined;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4357925.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=876573&ADFdivider=%7C&ord=784562196763&ADFtpmode=2&loc=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den&Set1=en-US%7Cen-US%7C1600x1200%7C24
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=876573&ADFdivider=%7C&ord=784562196763&ADFtpmode=2&loc=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den&Set1=en-US%7Cen-US%7C1600x1200%7C24

2 KB
2 KB

205ms
205ms

Script
text/javascript

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=876573&ADFdivider=%7C&ord=784562196763&ADFtpmode=2&loc=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3b5623c31f749e962093c93d875faeedced9f73a15cbde87a70e5d837f18715c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 981
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=876573&ADFdivider=%7C&ord=784562196763&ADFtpmode=2&loc=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 489D 5 KB
2 KB 391ms
128ms Document
text/html 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Requested by

Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?pm=876573&ADFdivider=%7C&ord=784562196763&ADFtpmode=2&loc=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a81748721d8dcfc45b1056b099070adbeb7ec364ee7138bd1e5c32157b94ead8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www4.thy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 20:39:54 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
track.adform.net/Serving/TrackPoint/ 35 B
518 B 205ms
204ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=876573&ADFPageName=All%20Pages&ADFdivider=|

Requested by

Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
467 B 622ms
202ms Image
image/gif 37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=3277599254868136037&stamp=7SuNVU86HBsDvP-67D9Y4w2

Requested by

Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 13ms
3ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1405733779689993&ev=PageView&dl=https%3A%2F%2Fwww4.thy.com%2Fbaggage%2F%3Flang%3Den&rl=&if=false&ts=1696365594247&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696365594246.425559608&ler=empty&it=1696365593004&coo=false&exp=a1&rqm=GET

Requested by

Host: www4.thy.com
URL: https://www4.thy.com/baggage/?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.thy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 03 Oct 2023 20:39:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 plf
c1.adform.net/imatch/ Frame 489D 0
384 B 132ms
131ms Image
text/plain 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 489D
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=3277599254868136037&Expiration=1697575194
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3277599254868136037&Expiration=1697575194

43 B
425 B

12ms
12ms

Image
image/gif

52.71.246.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3277599254868136037&Expiration=1697575194
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Server: 52.71.246.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-246-190.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 03 Oct 2023 20:39:54 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3277599254868136037&Expiration=1697575194
access-control-allow-origin: *
date: Tue, 03 Oct 2023 20:39:54 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 489D 0
400 B 127ms
92ms Image
text/plain 23.41.169.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.169.75 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-169-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:54 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 02 Oct 2023 20:39:54 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 489D 0
662 B 532ms
131ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 489D
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3277599254868136037&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3277599254868136037&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=63d5c6657c284a4e8...
https://c1.adform.net/serving/cookie/match?party=9&uid=706be84434492e4883b0f206df03d25efa1c703c3aa51fb63981d093f36807ff

35 B
591 B

126ms
126ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=706be84434492e4883b0f206df03d25efa1c703c3aa51fb63981d093f36807ff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=706be84434492e4883b0f206df03d25efa1c703c3aa51fb63981d093f36807ff
date: Tue, 03 Oct 2023 20:39:54 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 489D
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=3277599254868136037&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=8207964416225097642

35 B
591 B

129ms
128ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=8207964416225097642

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=8207964416225097642
pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 489D
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=3277599254868136037&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=3277599254868136037&_origin=1&verify=true

0
121 B

31ms
31ms

Image
text/plain

3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=3277599254868136037&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=3277599254868136037&_origin=1&verify=true
date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 489D 43 B
638 B 683ms
173ms Image
image/gif 63.251.28.234
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.234 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:55 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1696365595025024-160

GET
H/1.1

200
OK

RX-5498b682-a1bd-4f0d-a4e7-4dd7eaa20fed-005
sync.targeting.unrulymedia.com/csync/ Frame 489D
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=3277599254868136037
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=3277599254868136037
https://sync.1rx.io/usersync/bidswitch/1bf8437b-f0ae-4028-91d7-e67d715b7724?gdpr=&gdpr_consent=&us_privacy=
https://sync.1rx.io/usersync/bidswitch/1bf8437b-f0ae-4028-91d7-e67d715b7724?zcc=1&cb=1696365594644
https://sync.targeting.unrulymedia.com/csync/RX-5498b682-a1bd-4f0d-a4e7-4dd7eaa20fed-005

43 B
452 B

66ms
16ms

Image
image/gif

199.127.204.171
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-5498b682-a1bd-4f0d-a4e7-4dd7eaa20fed-005
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: HTTP/1.1
Server: 199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:54 GMT
Server: Tengine
Connection: keep-alive
Content-Length: 43
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:54 GMT
Server: Tengine
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.targeting.unrulymedia.com/csync/RX-5498b682-a1bd-4f0d-a4e7-4dd7eaa20fed-005
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 489D
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3277599254868136037&expiration=1697575194
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3277599254868136037&expiration=1697575194&C=1

43 B
334 B

21ms
20ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3277599254868136037&expiration=1697575194&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qlke3kNsN5hLZeUemBrXe0KIfDfzdF5tbCA7%2F5rb3zPVo6owxG05lm2lWt9BCzSORtYffv63nKZ7EvYGG2r2S088KBFlCWMtRRPScJr9nG9kSt6WrT7Hc%2Bh2jSDxN973rrxXnfjARI1WxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8107ff45aece438e-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOkRzPJTZnuy5Ve7UigPegWrEz89q3rSsHWMRt0hwo1zpDdvgNsgGKtc%2FFLqj5x3SI6re3LdZW5xmI211VEaq1JU0ysd8moTtJGaveijBCcfKoo3%2BMUMB1pLx2HfoZp368X8beloAUc%2F2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=3277599254868136037&expiration=1697575194&C=1
cache-control: no-cache
cf-ray: 8107ff458ea0438e-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/adform/1/ Frame 489D
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=3277599254868136037&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=3277599254868136037&sInitiator=external

42 B
603 B

26ms
25ms

Image
image/gif

50.57.31.206
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=3277599254868136037&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: HTTP/1.1
Server: 50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:54 GMT
Frontend-ID: 8
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type: image/gif
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Content-Length: 42
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:54 GMT
Frontend-ID: 0
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: /adform/1/info2?sType=sync&sExtCookieId=3277599254868136037&sInitiator=external
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 489D
Redirect Chain

https://ps.eyeota.net/match?uid=3277599254868136037&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=3277599254868136037&bid=9gdtmu1

70 B
440 B

10ms
10ms

Image
image/gif

18.214.54.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=3277599254868136037&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: HTTP/1.1
Server: 18.214.54.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-54-215.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 03 Oct 2023 20:39:54 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=3277599254868136037&bid=9gdtmu1
Date: Tue, 03 Oct 2023 20:39:54 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame 489D 0
324 B 120ms
10ms Image
text/plain 52.0.156.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-156-250.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 489D
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=3277599254868136037
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMzI3NzU5OTI1NDg2ODEzNjAzNxAAGg0ImvjxqAYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=33ec1b4cac3ab9364e8c63213fd53d3d685c6676df80ddea25686b4fae1eb13c791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=33ec1b4cac3ab9364e8c63213fd53d3d685c6676df80ddea25686b4fae1eb13c791426b5417dce21&rand=04444969
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=33ec1b4cac3ab9364e8c63213fd53d3d685c6676df80ddea25686b4fae1eb13c791426b5417dce21&rand=04444969&expected_cookie=e00d4332-0187-41f6-97af-18f62ac6fab4

0
143 B

72ms
72ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=33ec1b4cac3ab9364e8c63213fd53d3d685c6676df80ddea25686b4fae1eb13c791426b5417dce21&rand=04444969&expected_cookie=e00d4332-0187-41f6-97af-18f62ac6fab4
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:53 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A3B7D05BE7F04CB6A60F5CDA7466A318 Ref B: EWR311000106049 Ref C: 2023-10-03T20:39:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYG1eSv2oDFTz3VmB9jeA==

Redirect headers

date: Tue, 03 Oct 2023 20:39:53 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: CAB1418279574F41B2D79CDCB98626C0 Ref B: EWR311000106049 Ref C: 2023-10-03T20:39:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: /db_sync?pid=10339&puuid=33ec1b4cac3ab9364e8c63213fd53d3d685c6676df80ddea25686b4fae1eb13c791426b5417dce21&rand=04444969&expected_cookie=e00d4332-0187-41f6-97af-18f62ac6fab4
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYG1eSu0h/6nyHup1SH1w==

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3277599254868136037/gdpr=/ Frame 489D
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3277599254868136037/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3277599254868136037/gdpr=/gdpr_consent=

49 B
543 B

18ms
18ms

Image
image/gif

34.233.138.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3277599254868136037/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Server: 34.233.138.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-138-61.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.9.253
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3277599254868136037/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.40.7.246
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 489D 62 B
430 B 83ms
74ms Image
image/gif 96.17.64.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.64.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-17-64-208.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 03 Oct 2023 20:39:54 GMT
content-length: 62
content-type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 489D
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3277599254868136037
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3277599254868136037

43 B
171 B

25ms
23ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3277599254868136037
date: Tue, 03 Oct 2023 20:39:54 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 489D
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

311ms
93ms

Image
image/gif

52.218.101.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: HTTP/1.1
Server: 52.218.101.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:56 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: W0QZ18Y5NN7CEDCR
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 2G2T9SmXIsb1glPcS2+vbd3+5kwPpdE2J+39A/ezOTeCIPoHME3KJYqL56VMZn2IUf9TQg6YT78=

Redirect headers

X-Error-Reason: Missing UserId
Date: Tue, 03 Oct 2023 20:39:54 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 489D
Redirect Chain

https://pixel.onaudience.com/?mapped=3277599254868136037&partner=68
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
149 B

31ms
9ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 489D 0
339 B 32ms
10ms Image
text/plain 100.24.189.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.189.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-189-89.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-served-by: beacon-n010-ash-prod.krxd.net
date: Tue, 03 Oct 2023 20:39:54 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1696365596
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 489D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzI3NzU5OTI1NDg2ODEzNjAzNw
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKkN3XmBjv9St4YG3K6u7vY&google_cver=1&google_ula=1641347,0

35 B
591 B

130ms
129ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKkN3XmBjv9St4YG3K6u7vY&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKkN3XmBjv9St4YG3K6u7vY&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
secure.adnxs.com/ Frame 489D
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=3903918804796204261&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=3277599254868136037

43 B
833 B

4ms
3ms

Image
image/gif

68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=3277599254868136037

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
an-x-request-uuid: 8312debb-bd59-4318-b5fd-2ce6c6bdd103
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=3277599254868136037
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 489D 42 B
474 B 32ms
10ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 03 Oct 2023 20:39:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 489D 0
384 B 129ms
125ms Image
text/plain 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 489D 43 B
444 B 53ms
4ms Image
image/gif 18.238.55.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-57.jfk52.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 10:00:36 GMT
Via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: JFK52-P4
Age: 38358
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: wGjkQPiZqZEBvCGNaZL-ls3MzOPHElerUdAtoMH30g2V-szo3rsaEg==

GET
H/1.1

200

p
a.audrte.com/ Frame 489D
Redirect Chain

https://a.audrte.com/a?adform_uid=3277599254868136037
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Z2k1NlZQZnl5MmxUMHlRM25UVVZid0RKdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

160ms
159ms

Image
image/png

52.203.124.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: HTTP/1.1
Server: 52.203.124.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-124-67.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 20:39:55 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 03 Oct 2023 20:39:54 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 489D
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=3277599254868136037&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=3277599254868136037&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=13161145987194093203380824435437906267&noredirect=1

35 B
591 B

128ms
128ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=13161145987194093203380824435437906267&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-va6-1-v050-048d515b8.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 87t0IDBlTIs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=13161145987194093203380824435437906267&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 489D
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=3277599254868136037
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213520604658011908699

35 B
591 B

131ms
128ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213520604658011908699

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:54 GMT
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: PHL50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213520604658011908699
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: aGMNiIgQM4S4f3Pemw84aa3xm5oKxuwAyqrSSlg2H6mDpyjp7whvuQ==
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 489D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7285834752588511375

35 B
591 B

152ms
152ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7285834752588511375

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7285834752588511375
Date: Tue, 03 Oct 2023 20:39:55 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 489D 62 B
359 B 129ms
129ms Image
image/gif 96.17.64.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.64.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-17-64-208.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 03 Oct 2023 20:39:55 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 489D
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=5b98651c-7c1b-4c00-bdd9-282ab8dd5666

35 B
591 B

130ms
129ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=5b98651c-7c1b-4c00-bdd9-282ab8dd5666

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Tue, 03 Oct 2023 20:39:54 GMT
Server: MT3 1031 59fd23a master iad iad-pixel-x8 config_version:"1969"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=5b98651c-7c1b-4c00-bdd9-282ab8dd5666
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Tue, 03 Oct 2023 20:39:53 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 489D
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=oUUZR5aE1QNMbp5

35 B
591 B

127ms
127ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=oUUZR5aE1QNMbp5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 20:39:54 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-05a57024f550393f3@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=oUUZR5aE1QNMbp5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 489D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=7bc5aed4-103c-4073-b0c6-7956b9a40064

35 B
591 B

127ms
126ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=7bc5aed4-103c-4073-b0c6-7956b9a40064

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=7bc5aed4-103c-4073-b0c6-7956b9a40064
date: Tue, 03 Oct 2023 20:39:54 GMT
server: Kestrel
content-length: 225

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 489D 0
72 B 29ms
5ms Image
text/plain 69.169.85.6
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.85.6 , United States, ASN29838 (AMC, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H2

200

3.gif
id5-sync.com/cq/10/124/0/ Frame 489D
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=3277599254868136037
https://id5-sync.com/c/10/10/2/1.gif?puid=3277599254868136037&gdpr=0&gdpr_consent=&us_privacy=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/10/2/1/2.gif?puid=3903918804796204261&gdpr=0&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-a37aND2npgr1uyRF4ZAR1CWvWCoHMlZ9IPfwSkhCFA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%...
https://id5-sync.com/cq/10/124/0/3.gif?puid=f1b88cb5-d3ab-4b5c-8eb3-c02c2ee4827e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

43 B
1 KB

87ms
86ms

Image
image/gif

162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/cq/10/124/0/3.gif?puid=f1b88cb5-d3ab-4b5c-8eb3-c02c2ee4827e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/cq/10/124/0/3.gif?puid=f1b88cb5-d3ab-4b5c-8eb3-c02c2ee4827e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
access-control-allow-origin: *
date: Tue, 03 Oct 2023 20:39:55 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 489D
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=66789086
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=oMkteUPPIqFTW.G8FSRnI.

35 B
591 B

129ms
129ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=oMkteUPPIqFTW.G8FSRnI.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:55 GMT
via: 1.1 google
last-modified: Tue, 03 Oct 2023 20:39:55 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=oMkteUPPIqFTW.G8FSRnI.
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 489D 23 B
278 B 47ms
14ms Image
image/gif 23.195.93.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.93.95 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-93-95.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Tue, 03 Oct 2023 20:39:55 GMT
pragma: no-cache
date: Tue, 03 Oct 2023 20:39:55 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET pixel.gif
sync.1dmp.io/ Frame 489D 0
0

GET
H2

200

ads-user-sync
www.tumblr.com/ Frame 489D
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=3277599254868136037
https://www.tumblr.com/ads-user-sync?partner=smaato&uid=612f48c32b&gdpr=0&gdpr_consent=

70 B
1 KB

48ms
26ms

Image
image/png

192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tumblr.com/ads-user-sync?partner=smaato&uid=612f48c32b&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

a73237a07cec4d81b7cb7995220839f554e2e8936e5d5ae25cc47753f9737c07

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ 'unsafe-eval' 'nonce-Vx5OtTrcerPOjriFXDifMhHqyDk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-nc: jfk 1
date: Tue, 03 Oct 2023 20:39:55 GMT
content-security-policy: script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ 'unsafe-eval' 'nonce-Vx5OtTrcerPOjriFXDifMhHqyDk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports;
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; preload
x-frame-options: deny
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
content-type: image/png
x-rid: a767383976d167f85dfd046f6e12361f
content-length: 70
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1

Redirect headers

date: Tue, 03 Oct 2023 20:39:55 GMT
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
location: https://www.tumblr.com/ads-user-sync?partner=smaato&uid=612f48c32b&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: xMc08EWzeSE_TVq90Glmzr04ickNEe_Zcl2DlCELwvgo9hBRs4df6Q==

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 489D
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=3277599254868136037&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=3277599254868136037&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c4e6ad96-f213-4d64-8fd4-83a9f3ab9dd4%252Chttps%25253A%25252F%25252Fc1.adform.net%25252Fserving%25252Fcookie%25252Fmatch%2...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7bc5aed4-103c-4073-b0c6-7956b9a40064&ttd_puid=c4e6ad96-f213-4d64-8fd4-83a9f3ab9dd4%2Chttps%253A%252F%252Fc1.adform.net%25...
https://c1.adform.net/serving/cookie/match?party=2007&cid=c4e6ad96-f213-4d64-8fd4-83a9f3ab9dd4

35 B
600 B

126ms
125ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=c4e6ad96-f213-4d64-8fd4-83a9f3ab9dd4

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 20:39:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Tue, 03 Oct 2023 20:39:55 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=c4e6ad96-f213-4d64-8fd4-83a9f3ab9dd4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 3277599254868136037
match.contentexchange.me/adform/ Frame 489D 0
49 B 353ms
116ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/3277599254868136037?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:55 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 489D 43 B
109 B 118ms
55ms Image
image/gif 34.238.22.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=16974&user_id=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.22.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-22-106.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:55 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 489D
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=3277599254868136037&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=3277599254868136037&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

12ms
12ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=3277599254868136037&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 03 Oct 2023 20:39:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=3277599254868136037&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date: Tue, 03 Oct 2023 20:39:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET 296800c6dbd7f8eb22cf034b9927d719.gif
sync.e-volution.ai/ Frame 489D 0
0

GET
H2 200 put
e1.emxdgt.com/ Frame 489D 43 B
120 B 51ms
10ms Image
image/gif 34.235.210.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.235.210.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-210-13.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:54 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2 204 adf
pixel.sojern.com/idsync/ Frame 489D 0
156 B 81ms
21ms Image
text/plain 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=3277599254868136037
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 489D 0
384 B 129ms
128ms Image
text/plain 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=3277599254868136037&agencyId=2846&advertiserId=137831&src=tp&rnd=713690
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:39:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.1dmp.io
URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3277599254868136037

Domain: sync.e-volution.ai
URL: https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=3277599254868136037

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

102 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www4.thy.com/images/tklayout/js/plugin/jquery.combo/css/combo	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: FDDGAIEJPJNKNBGDEKIHAAJJPKHMLAHLNGFHMLJCHGKKFCLJJFILJDEFOKPHHDAOEKGDJAGIMLODGFFHKABABBPBMHPBDCDHOPJLKCNBJHLOJGBMKKMEOBJNLJECMFNB
www4.thy.com/images/tklayout/js/plugin/jquery.autocomplete	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: DEEOPLJKLBLOFGAGODNIPKMPMJAHPAPKGKEFADBHHJJCJDKJEOCALIBILNPHOPMPFEJDBMONNLHGEGGDCCIANCCJMHANAHEOFOLGBNNJGGLAKFMMPHIKAJCLHCCGBPGI
www4.thy.com/images/tklayout/js/plugin/jquery.combo/css	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: GDGOPLJKLBLOFGAGOOCIPKMPMJAHPAPKGKEFADBHHJJCJDKJEOCALIBILNPHOPMPFEJDBMONMLHGDGGDCCIANCCJMHANAHEOFOLGBNNJGGLAKFIMPHIKAJCLHCCGBPKC
www4.thy.com/images/tklayout/js/plugin/jquery.colortip	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: KEGFKBGPHMMGFDAFMICCJPOJMBHKOEDNAFAKJDMLLIAOIBLIBPMFDKKEBOABIMNLGNIDEABLNLNEEMLFJHJAHGJDMHPABGCAGHLPKHLGALEIMPPIAPLDJGILFINNEKOO
www4.thy.com/images/tklayout/js/plugin/jquery.fancybox	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: LGLEPDGGJJDLPCFNLMKFKIEJJBPBJMOAJAPJNMFMAOICALNIJMFNDJOHJFNOGMBIMEEDKPDDNLDNMJJEPECAMHNGMHGFMBFEFELCBAOBOHEOCBDMCKPGEONNDLLJINKG
www4.thy.com/images/tklayout/js/plugin/jquery.combo	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: IALEFLPFPPPGNHPKCCPIJNAAKDDGFBFEJKHJOCEJHCEBHNIPMAHFHFGMFGINAEIMNLFDIOMINLCOGAJOBPNANDGIMHPLIDDOIMEGOIPFKDGBAPBBFJONOEJEKCBLHJMF
www4.thy.com/images/tklayout/js/plugin/datepicker	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: MOOJKMCNPNICDLKODGCILPOGJCIMJDNIFLHNBFBNNCLCCNEMAFPMLOIGCINLCIJIMJFDELNDNLJOENFABDJADNPNMHIPIADKLADMGEKDHFGJCKHMMCJHABODJMOLFHDD
www4.thy.com/images/tklayout/js/plugin	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: ODFNFCANOEMPPKMEMOHGFLOOICDBEPGDENEMDKFIPJMPOEAHHGEBKIJOOOJBFJAEHMNDAAAONLCBCHEOCPEALLIDMHEEPLEEHMHLGMDFFPFDDFDADJENCNMBMFDCPDPK
www4.thy.com/images/tklayout/css	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: PLCKMNBHMDJCFIADLPEGFJLLKIALCKFJGHNBKCALPFNMKGIMPMKNOLPGDNBHMBMFBAGDLLDHMLFGGELOAACAJJHEMHOCGDMHBENLGNGGDECNKKLJBIOPDNGHLIPHJLGK
www4.thy.com/images/tklayout/img	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: HIEJLBHHLLGBKHCHGHPAAMFPHMNGLODDCMJJPAHEKFIIEDEMHIDDGFHCCKAMLEHDGKHDBAPMNLBAJCBKENAAKIEBMHGGENCBMGJLHAABFIJKLNBLDHLKMDNPNNLIBCBA
www4.thy.com/images/tklayout/js	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: PMPFHILEBCECCDBLAOCKMMCOEKHAEMABJJLHNLIFOPMAIOMCMOMEJJNMAFDJPDGHBOGDMPDONLMBPMMAGAMANNFBMHDKMFPDLLMIGENEDJELHBCKAKJKEHGFNKOMOFPD
www4.thy.com/baggage	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: KHHGPCHOBLDADACNKANABFDBBOIIAKABIJPBCCNJELOJBOBGGCMONIMGEMKMOGKFOKODOANPLLDLDPHMIFHAKHJLMHCDIDGELLKNNIGBDEKFDLCKGEADMNKBKFNIMHMN
www4.thy.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: -vn3RLg3ho379pSA0VtD92EzFdEvnVLwcBiX-uRsmahCmNf5L_hC!1854577541
www4.thy.com/	1969-12-31 23:59:59	Name: wayaway Value: !eX2KZ09Ire0e8rlU3N+nFK4v6gUjniiKXM8YsaahXebfgg+D/Fe2ozWxqYDMhDVVRgOqZy32BY6fu0k=
www4.thy.com/	1969-12-31 23:59:59	Name: TS0179724f Value: 01438f9f0af98d61b3d2b1b687504ccec8276e0a75839003c975599acf69af35af226bf5c9dff308e60bef3f00539f4da1339d7991
.thy.com/	1969-12-31 23:59:59	Name: TS0177fd3f Value: 01438f9f0af98d61b3d2b1b687504ccec8276e0a75839003c975599acf69af35af226bf5c9dff308e60bef3f00539f4da1339d7991
.thy.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_1_sn_F506F93773760BEC76ED472C8A2C196C_perc_100000_ol_0_mul_1_app-3Ad00f9c5aed40804f_1_app-3Aea7c4b59f27d43eb_0
.thy.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 1696365592127GT6H6LEE7QACQI5N1DTTP115BNLF9UJN
.thy.com/	1969-12-31 23:59:59	Name: dtPC Value: 1$165592123_608h1vPSSQWRCHBMLGRWUOVASVWQRURWFBMOVK-0e0
.thy.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.thy.com/	1970-01-20 17:22:21	Name: _gcl_au Value: 1.1.1633019736.1696365593
.thy.com/	1970-01-21 00:48:45	Name: _ga Value: GA1.2.1335898423.1696365593
.thy.com/	1970-01-20 15:14:11	Name: _gid Value: GA1.2.1686641051.1696365593
.thy.com/	1970-01-20 15:12:45	Name: _dc_gtm_UA-10160929-10 Value: 1
.doubleclick.net/	1970-01-21 00:48:45	Name: IDE Value: AHWqTUme6p9Ui8DfqtDRXt_dZlKDVu-SJKeudPd3PgDW9Uf08dx4bq7QXBQfgrYEsl8
.thy.com/	1969-12-31 23:59:59	Name: rxvt Value: 1696367393174\|1696365592128
.adform.net/	1970-01-20 15:57:27	Name: C Value: 1
.adform.net/	1970-01-20 16:39:09	Name: uid Value: 3277599254868136037
.adform.net/	1970-01-20 15:14:11	Name: CM Value: 1\|1
.thy.com/	1970-01-20 17:22:21	Name: _fbp Value: fb.1.1696365594246.425559608
.adform.net/	1970-01-20 15:32:55	Name: CM14 Value: 1696451994_1696365594_1_Hu7u4e4e4R7u7u4REREeERERERHhERE
.casalemedia.com/	1970-01-20 23:58:21	Name: CMID Value: ZRx8GkxPZ82227W5Ado1dAAA
.casalemedia.com/	1970-01-20 17:22:21	Name: CMPS Value: 3713
.casalemedia.com/	1970-01-20 17:22:21	Name: CMPRO Value: 3713
.yahoo.com/	1970-01-20 23:58:43	Name: A3 Value: d=AQABBBp8HGUCEHXWEyiyF4i6sRCT5gGnGYwFEgEBAQHNHWUmZdxH0iMA_eMAAA&S=AQAAApO9yG3UX1l2XaF_hEUdEtI
.analytics.yahoo.com/	1970-01-20 23:58:21	Name: IDSYNC Value: 1760~2e9w
.360yield.com/	1970-01-20 17:22:21	Name: tuuid Value: f1b88cb5-d3ab-4b5c-8eb3-c02c2ee4827e
.360yield.com/	1970-01-20 17:22:21	Name: tuuid_lu Value: 1696365594
.bidswitch.net/	1970-01-20 23:58:21	Name: tuuid Value: 1bf8437b-f0ae-4028-91d7-e67d715b7724
.bidswitch.net/	1970-01-20 23:58:21	Name: c Value: 1696365594
.bidswitch.net/	1970-01-20 23:58:21	Name: tuuid_lu Value: 1696365594
.rlcdn.com/	1970-01-20 23:58:21	Name: rlas3 Value: ePRcBWw4VP+viCGDRrYo6qq3nsVQg0kE71h2JasCiGI=
.eyeota.net/	1970-01-20 23:59:47	Name: mako_uid Value: 18af744c7e4-26930000010a4914
.eyeota.net/	1970-01-20 15:12:46	Name: SERVERID Value: 18708~DM
.rlcdn.com/	1970-01-20 16:39:09	Name: pxrc Value: CJr48agGEgUI6AcQABIFCOhHEAA=
.smartadserver.com/	1970-01-21 00:44:26	Name: pid Value: 8207964416225097642
.smartadserver.com/	1970-01-21 00:44:26	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 23:59:47	Name: csync Value: 22:3277599254868136037
.1rx.io/	1970-01-20 23:58:21	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5498b682-a1bd-4f0d-a4e7-4dd7eaa20fed-005%22%7D
.semasio.net/	1970-01-20 23:58:21	Name: SEUNCY Value: 8FA2DB96B779FCE1
.crwdcntrl.net/	1970-01-20 21:41:31	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 21:41:31	Name: _cc_id Value: 813ebee1f2d855f2a254415e276680cc
.seadform.net/	1970-01-20 16:39:13	Name: uid Value: 3277599254868136037
.pippio.com/	1970-01-20 23:58:21	Name: did Value: suX94S2O3LK-OaXL
.pippio.com/	1970-01-20 23:58:21	Name: didts Value: 1696365594
.pippio.com/	1970-01-20 16:39:09	Name: nnls Value:
.pippio.com/	1970-01-20 16:39:09	Name: pxrc Value: CJr48agGEgYIgr0rEAA=
.bluekai.com/	1970-01-20 19:36:16	Name: bku Value: /Ux99OoXcsD6IvLZ
.targeting.unrulymedia.com/	1970-01-20 23:58:21	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5498b682-a1bd-4f0d-a4e7-4dd7eaa20fed-005%22%7D
.krxd.net/	1970-01-20 19:31:57	Name: _kuid_ Value: P1WGZzHb
.openx.net/	1970-01-20 23:58:21	Name: i Value: 91403ea8-1795-4ad3-b276-b7e4564fe632\|1696365594
.adnxs.com/	1970-01-20 17:22:21	Name: uuid2 Value: 3903918804796204261
.adscale.de/	1970-01-20 23:55:01	Name: uu Value: 63d5c6657c284a4e884f6f774ed350d7
.adscale.de/	1970-01-20 23:55:01	Name: cct Value: 1696365594709
.linkedin.com/	1970-01-20 17:22:21	Name: li_sugr Value: e00d4332-0187-41f6-97af-18f62ac6fab4
.linkedin.com/	1970-01-20 23:58:21	Name: bcookie Value: "v=2&528956f4-1c64-4573-827b-b52dde507bcd"
.linkedin.com/	1970-01-20 15:14:11	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2603:u=1:x=1:i=1696365594:t=1696451994:v=2:sig=AQESBOL0Dcy4iPC1t2AjVF6IRh0oE60f"
.pubmatic.com/	1970-01-20 15:55:57	Name: KRTBCOOKIE_391 Value: 22924-3277599254868136037&KRTB&23263-3277599254868136037&KRTB&23481-3277599254868136037
.pubmatic.com/	1970-01-20 15:55:57	Name: PugT Value: 1696365594
.ih.adscale.de/	1970-01-20 23:55:01	Name: tu Value: 4#2094639982#42~3277599254868136037~471212~0~0
.demdex.net/	1970-01-20 19:31:57	Name: demdex Value: 13161145987194093203380824435437906267
.dpm.demdex.net/	1970-01-20 19:31:57	Name: dpm Value: 13161145987194093203380824435437906267
.audrte.com/	1970-01-20 15:34:21	Name: arcki2 Value: gi56VPfyy2lT0yQ3nTUVbwDJw!20220908!1696365594873!ip#5.181.234.134
.audrte.com/	1970-01-20 15:34:21	Name: arcki2_adform Value: 3277599254868136037!20220908!1696365594876
.adnxs.com/	1970-01-20 17:22:21	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2GVLdwL^?!]tbPl1M66+q([OUf!e[a`jb=Z61f9Oui]l_)l3NaaT=l.)8`@3If)y3KL9D3I?-(eyH?R
.onaudience.com/	1970-01-20 23:58:21	Name: cookie Value: 96590dfc3f30e2dd
.onaudience.com/	1970-01-20 15:14:11	Name: done_redirects147 Value: 1
.agkn.com/	1970-01-20 23:58:21	Name: ab Value: 0001%3A0qBCh%2BullUe0HSQj7bDb53LbWToPzXnC
.audrte.com/	1970-01-20 15:34:21	Name: arcki2_ddp2 Value: gi56VPfyy2lT0yQ3nTUVbwDJw!20220908!1696365594928
.mathtag.com/	1970-01-21 00:38:40	Name: uuid Value: 5b98651c-7c1b-4c00-bdd9-282ab8dd5666
.adsrvr.org/	1970-01-20 23:59:47	Name: TDID Value: 7bc5aed4-103c-4073-b0c6-7956b9a40064
.rubiconproject.com/	1970-01-20 23:58:21	Name: khaos Value: LNAS9Y5T-1P-BZRE
.rubiconproject.com/	1970-01-20 23:58:21	Name: audit Value: 1\|1AQ7Opl2XKy3QAqESg3dP5ZOxwIrl5Sa/9YVijvF+3vFwpmMCvAS5qppAx2Cno2HUdOFO+ODDIRBK03vAHceEG4bn2cxl7tJ3b5tl9h0csqohHrzHuxX7k4nsEd3/0yUX5rIA/EljOjyU9QaoXNThNzpQ7vzkXQ/
.w55c.net/	1970-01-21 00:44:26	Name: wfivefivec Value: oUUZR5aE1QNMbp5
.w55c.net/	1970-01-20 15:55:57	Name: matchadform Value: 5
.teads.tv/	1970-01-20 23:56:55	Name: tt_viewer Value: d69e362e-6967-42e8-8fc0-5f4e0cf73bc7
.smaato.net/	1970-01-20 15:42:59	Name: SCM Value: 612f48c32b
.smaato.net/	1970-01-20 15:42:59	Name: SCMtu Value: 612f48c32b
.smaato.net/	1970-01-20 15:42:59	Name: SCM1001213 Value: 612f48c32b
.tapad.com/	1970-01-20 16:39:09	Name: TapAd_TS Value: 1696365595113
.tapad.com/	1970-01-20 16:39:09	Name: TapAd_DID Value: c4e6ad96-f213-4d64-8fd4-83a9f3ab9dd4
.weborama.fr/	1970-01-21 00:38:40	Name: AFFICHE_W Value: seBQYK2pfVKx28
.ads.stickyadstv.com/	1970-01-20 16:39:09	Name: uid-bp-617 Value: 3277599254868136037
.ads.stickyadstv.com/	1970-01-20 15:55:57	Name: UID Value: 2dae4ea8d376d039b262ca7b6a4212
.adfarm1.adition.com/	1970-01-20 17:22:21	Name: UserID1 Value: 7285834752588511375
.adsrvr.org/	1970-01-20 23:59:47	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjosbDx3ZaiPBAFGAEgASgCMgsIoqeznvSWojwQBTgBWgV0YXBhZGAC
.tapad.com/	1970-01-20 16:39:09	Name: TapAd_3WAY_SYNCS Value: 1!6644
.3lift.com/	1970-01-20 17:22:21	Name: tluid Value: 2337855622613799110090
.id5-sync.com/	1970-01-20 17:22:21	Name: id5 Value: f3dac05a-0903-7376-9b07-e80f2d51cd9a#1696365595220#2
.360yield.com/	1970-01-20 17:22:21	Name: um Value: !42,CXvKHNK07sxPJZMqoKH7QY3T65dXS-Nspp6rbFECR0kX,1697575194!79,Ys0J94lMkEHHRmOVxrsSGh5wNZCKO1pRbgljn4bonf9NB56ntRqJ8N3U-uIoVamfeZCEqWFb6705TrE3,1704141595
.360yield.com/	1970-01-20 17:22:21	Name: umeh Value: !42,0,1758573594,-1!79,0,1758573595,-1
.id5-sync.com/	1970-01-20 17:22:21	Name: 3pi Value: 2#1696365595427#-328437530#3903918804796204261\|10#1696365595311#1552990527#3277599254868136037\|124#1696365595528#1052900533

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www4.thy.com/baggage/RES_NOT_FOUND Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4357925.fls.doubleclick.net
a.audrte.com
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
ads.stickyadstv.com
adservice.google.com
api.adrtx.net
beacon.krxd.net
bpi.rtactivate.com
c1.adform.net
cm.g.doubleclick.net
connect.facebook.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
global.ib-ibi.com
googleads.g.doubleclick.net
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pippio.com
pixel.mathtag.com
pixel.onaudience.com
pixel.sojern.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
ssl.google-analytics.com
stats.g.doubleclick.net
sync.1dmp.io
sync.1rx.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.targeting.unrulymedia.com
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.tumblr.com
www4.thy.com
x.bidswitch.net
sync.1dmp.io
sync.e-volution.ai
100.24.189.89
104.18.26.193
107.178.244.119
107.178.254.65
13.224.214.125
141.94.170.77
142.250.80.66
162.19.138.117
172.217.13.134
172.217.13.166
18.197.180.240
18.214.54.215
18.238.55.57
185.167.164.39
185.167.164.47
192.0.77.40
199.127.204.171
23.105.12.173
23.195.93.95
23.41.168.211
23.41.169.75
2600:9000:2209:b200:1b:5138:8a40:93a1
2607:f8b0:4004:c0b::9c
2607:f8b0:4006:81e::2002
2607:f8b0:4006:822::2004
2607:f8b0:4020:804::2008
2607:f8b0:4020:805::2002
2607:f8b0:4020:807::2008
2607:f8b0:4020:807::200e
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
3.225.218.10
3.33.220.150
34.111.113.62
34.233.138.61
34.235.210.13
34.238.22.106
34.246.44.190
34.98.64.218
35.190.24.218
35.190.60.146
35.211.178.172
37.157.2.228
37.157.3.20
46.19.11.36
46.31.112.112
50.57.31.206
52.0.156.250
52.203.124.67
52.206.20.105
52.218.101.219
52.223.22.214
52.7.24.177
52.71.246.190
63.251.28.234
68.67.160.186
69.169.85.6
69.173.151.100
8.28.7.83
85.114.159.93
96.17.64.208
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c3929d1e1777314c0f594e78041f2e37e0d5e13f132b9a578a072f5d5226856
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14bbfebc773dcecb3ad8bf690b68a421970b5cd61c32182ce07c089dd8d4cdbf
18c026044856f8e388c8771e3975b5802682661aba87f37bc7814bb082e59ef6
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
288f2bace696c2774504dab7f5d73c958134045eefdb5d27ae97b096f8e832e5
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c00923e0f22d6be5c281558d0a7e4963b4304af313434210a4e12ea23aa0c7c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31c5463c4f624447b3bb3a69f3434cd76e67f671c702e664882ecafb26681f50
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3b5623c31f749e962093c93d875faeedced9f73a15cbde87a70e5d837f18715c
427ad523d6fbf568f356fcc740f61dbe216ead1ef60998a0fe3628e657d1e089
48fa8f5681683a99d0d4df4d6ae2db4e4031e95a134afe42bdcdf29bdf4adefe
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4beeab88211da104f7d4fe2ac0366fe84540d3d93549d73507e9ab6b1b288a7c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e9fc788d0725a66cab8bc860c28cbc5c033657fccb04bbf4e087338a5fa4ac
550da296bfff54193e141d0934e2dcb71a210b975c547eb56bdd96f3adab2281
558009b6e718837b94e28bf64b7c93c56f0b95a391b3d9ec3cd312e1d6703d57
57a679326752aee96a8ee1115d67c0bb79faee1ccfc02d72503b08e86a4a34aa
598a6747868c0b531ec9a88bd6073f0bd8ffcec66054d07b6c4e6288c9c79984
5fc4a21d13d148047c448ed9fa302d2ee3446c3699e42dead3eb745ab8815652
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
67ad95d906c0808befa9f2a7ce7cfe6897ffa9e01c40a0731041bf7931f81325
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fbb86a67c5f7e8883b26f1215cd331bbf9ebeff732bdfd82d952d9a66f78991
73bdd6e0a0cf44a926d12930f24ef4ba9a9aba165014ec0592e465419b73fcca
74f96784dc05bd5370f25b0d850d0fd7a455422cefafbf52450899aba5ca8cd0
7516d9b24cb91e4956d300adf64437332ca61f020730696299d237764ac5a347
77147b992b34252900c1b9eb10ac24ce322865bd6711214d4ed056fef308c06d
7a613bd6db8cbcab8ff755f702214ead016151ff9b0510629940c64d5ac6a274
7c7c2f3ce55641ce99afac04c14589f3ab37829853102713164188d741d4c99c
7fc5bd0de562572fb6278f996250a5bbe9a9dff91169f0bf70348d2001413671
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90d7c57f39e9c93fd77f5a92d07a6967eedd61fba40c0f3de80bd5105d96a5c8
938f04fefb7daf3fd1aa3e1332a771bb1081e010d613cd95e06c0c0b1c597c0d
95d33276fa9dd4f6ddbe03798c05ebf433f4634664ef9780563c7d01409e52f5
982522358c4d8ab75da671728bf370fc150a267bcf7b9ea981008dbc08649802
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a62d1c1172c87fdfd11f977fb1f2a0dc8e1e941a17cde82f20d51962fb5be22d
a73237a07cec4d81b7cb7995220839f554e2e8936e5d5ae25cc47753f9737c07
a81748721d8dcfc45b1056b099070adbeb7ec364ee7138bd1e5c32157b94ead8
aca455a6575de5b6367da9d6934982ff7feb0f50c1817f6e3e005ed0ff5eeb54
acbbbe04cf5e39536a556402dfe5ac8df6c0f8da7ee38ed2b3b5d04a03a04613
b0b7e5ffe3592675b46263146345cf5d46fac58d17b60d7e32bad0c4a8dff435
b0ebb569aaffe0b2927eb7f1b534672c4a27132fb3ae85439d8ded7c828aea1c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bae460fb4e8c2fbf08da925bc45343d97b338ba4b6d3e2f656cf405abb9a11
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c15cf49656940d2815ba48b06372e60f4577e4742bda5c358769783de2397e20
c5d53404ccf5b92b7b8363d20df3f8bb2d39a42a1ab3a42dbadbf63af98a570c
ce3df70b75c332b9d0fa4e9cd4469cfdc152ba7d45d8291ad7ae1ae9f9d11109
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e5d0f8f4345b3def3b8461059fa65a5f4d23ae5280d5fffc5bfef11eab57e7
d454d1678f862fa4046147ec1f41f551bec8ced6c14bf8c3e06f4520b8895a69
db497fbf446625c8d2df32a4f0608e0e4cb255ec7d81d8e3e44775ca93589242
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd034105e81a798b9d634fb08b8f5894669c65a221350ad5a5c73152daf51e7d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e1cd019ed15754c970fb16d36cd60e99e11bbb043ec748e85cbf9b68152527af
e28402acf82dc0bbd4cb1cbd1bca97cbee7d8862d828a31d256a8821eca5b299
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91989148db0a451fd96b0ceb73302efe3b91d59243473a465c3cd650e3dbb65
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f990eb6961e50492396c976a4fafb9352df5a003e3834898b2c2e3731f3391f1

www4.thy.com Open in urlscan Pro 46.31.112.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

72 %HTTPS

18 %IPv6

57 Domains

68 Subdomains

47 IPs

9 Countries

1375 kBTransfer

3523 kBSize

102 Cookies

4 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www4.thy.com Open in urlscan Pro
46.31.112.112 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

72 %
HTTPS

18 %
IPv6

57
Domains

68
Subdomains

47
IPs

9
Countries

1375 kB
Transfer

3523 kB
Size

102
Cookies

109 HTTP transactions
0 data transactions