wesleyfinancialgroup.typeform.com Open in urlscan Pro
104.18.22.9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Submission: On May 20 via api (May 20th 2023, 8:40:41 am UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 71 IPs in 11 countries across 69 domains to perform 130 HTTP transactions. The main IP is 104.18.22.9, located in and belongs to CLOUDFLARENET, US. The main domain is wesleyfinancialgroup.typeform.com. The Cisco Umbrella rank of the primary domain is 275451.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2022. Valid for: a year.

This is the only time wesleyfinancialgroup.typeform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	104.18.22.9 104.18.22.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:205... 2600:9000:2057:4e00:9:b3c8:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:8600:8:2495:5540:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
4	2600:9000:214... 2600:9000:214f:3400:4:f6ce:61c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:8e::84 2a04:4e42:8e::84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:4f:1... 2620:1ec:4f:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
5	23.38.98.84 23.38.98.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:20e... 2600:9000:20eb:4800:f:b1e1:8300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223d:c400:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
1	2606:4700::68... 2606:4700::6811:915b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
2	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1 2	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
1	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	18.119.134.201 18.119.134.201	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:214... 2600:9000:214f:7000:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
3	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:440... 2606:4700:4400::ac40:9197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.83 99.86.4.83	16509 (AMAZON-02) (AMAZON-02)
2 15	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
1 2	63.32.26.56 63.32.26.56	16509 (AMAZON-02) (AMAZON-02)
1	23.215.16.120 23.215.16.120	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.158.249.108 35.158.249.108	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.151 185.86.138.151	201081 (SMARTADSE...) (SMARTADSERVER)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	184.86.251.89 184.86.251.89	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	52.28.232.169 52.28.232.169	16509 (AMAZON-02) (AMAZON-02)
1 2	35.210.138.51 35.210.138.51	19527 (GOOGLE-2) (GOOGLE-2)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
4 4	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	52.17.45.80 52.17.45.80	16509 (AMAZON-02) (AMAZON-02)
2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	18.200.176.212 18.200.176.212	16509 (AMAZON-02) (AMAZON-02)
1	52.218.89.195 52.218.89.195	16509 (AMAZON-02) (AMAZON-02)
3 3	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
4 5	89.163.240.122 89.163.240.122	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	193.135.9.124 193.135.9.124	48314 (IP-PROJECTS) (IP-PROJECTS)
1 1	139.162.141.41 139.162.141.41	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3 3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	52.211.237.29 52.211.237.29	16509 (AMAZON-02) (AMAZON-02)
2 3	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	52.222.214.97 52.222.214.97	16509 (AMAZON-02) (AMAZON-02)
2 3	23.23.142.39 23.23.142.39	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.195.140.228 54.195.140.228	16509 (AMAZON-02) (AMAZON-02)
1 1	18.194.255.212 18.194.255.212	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.185.190.24 18.185.190.24	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	87.242.89.90 87.242.89.90	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	2600:9000:211... 2600:9000:211e:b000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
2	34.236.90.28 34.236.90.28	14618 (AMAZON-AES) (AMAZON-AES)
4	52.86.232.230 52.86.232.230	14618 (AMAZON-AES) (AMAZON-AES)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
130	71

6 104.18.22.9 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wesleyfinancialgroup.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:4e00:9:b3c8:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

font.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:8600:8:2495:5540:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:3400:4:f6ce:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

renderer-assets.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7aaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.38.98.84 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-84.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4800:f:b1e1:8300:93a1 (United States)

ASN16509 (AMAZON-02, US)

pixels.digitaljungle.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:c400:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:915b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

gtm.wesleyfinancialgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.39 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.119.134.201 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-134-201.us-east-2.compute.amazonaws.com

fb.wesleyfinancialgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:7000:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9197 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-83.fra6.r.cloudfront.net

wp-ui.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.26.56 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-26-56.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.249.108 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-249-108.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.86.251.89 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-89.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.232.169 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-232-169.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.138.51 (Brussels, Belgium) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 51.138.210.35.bc.googleusercontent.com

t.visx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.254.143.3 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.45.80 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-45-80.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.176.212 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-176-212.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.89.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.170.64 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.163.240.122 (Germany) 4 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm45.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.124 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.141.41 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: tags1.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.237.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-237-29.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-97.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.23.142.39 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-142-39.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.140.228 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-140-228.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.255.212 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-255-212.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.190.24 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-190-24.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.89.90 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:b000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.161.21 (United States) 1 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.236.90.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-90-28.compute-1.amazonaws.com

rudderstack-control-plane.cdp.prod.data.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.86.232.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-232-230.compute-1.amazonaws.com

rudderstack.cdp.prod.data.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	typeform.com 1 redirects wesleyfinancialgroup.typeform.com — Cisco Umbrella Rank: 275451 font.typeform.com — Cisco Umbrella Rank: 42593 images.typeform.com — Cisco Umbrella Rank: 39052 renderer-assets.typeform.com — Cisco Umbrella Rank: 33949 rudderstack-control-plane.cdp.prod.data.typeform.com — Cisco Umbrella Rank: 38692 rudderstack.cdp.prod.data.typeform.com — Cisco Umbrella Rank: 36618	627 KB
18	adform.net 3 redirects s2.adform.net — Cisco Umbrella Rank: 6634 a2.adform.net — Cisco Umbrella Rank: 7978 c1.adform.net — Cisco Umbrella Rank: 562 dmp.adform.net — Cisco Umbrella Rank: 2844	42 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 952 k.clarity.ms — Cisco Umbrella Rank: 20329 c.clarity.ms — Cisco Umbrella Rank: 1495	24 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 21640 tags.adsafety.net — Cisco Umbrella Rank: 91899	10 KB
6	wesleyfinancialgroup.com gtm.wesleyfinancialgroup.com fb.wesleyfinancialgroup.com	2 KB
5	exelator.com 4 redirects loadm.exelator.com — Cisco Umbrella Rank: 1397 load77.exelator.com — Cisco Umbrella Rank: 3435 loada.exelator.com — Cisco Umbrella Rank: 27301	4 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	280 B
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 715	103 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 343 c.bing.com — Cisco Umbrella Rank: 232	15 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	305 KB
4	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	3 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 1870	2 KB
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 417	3 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2808	1 KB
3	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1099 ups.analytics.yahoo.com — Cisco Umbrella Rank: 272	1 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 765	1 KB
3	google.com google.com — Cisco Umbrella Rank: 1 www.google.com — Cisco Umbrella Rank: 2	643 B
3	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 7406 prism.app-us1.com — Cisco Umbrella Rank: 7520 wp-ui.app-us1.com — Cisco Umbrella Rank: 58172 personalization-wp-service.cluster.app-us1.com Failed	16 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2968 tr.outbrain.com — Cisco Umbrella Rank: 2826	8 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 447	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12659	630 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 752	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 200	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306	529 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 532	663 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 755	495 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	2 KB
2	visx.net 1 redirects t.visx.net — Cisco Umbrella Rank: 7133	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	883 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 2848	691 B
2	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 573 pixel.rubiconproject.com — Cisco Umbrella Rank: 315	453 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 644	847 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 558	7 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 822	3 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 717	19 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	185 KB
1	e-volution.ai 1 redirects sync.e-volution.ai — Cisco Umbrella Rank: 3142	464 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 358	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 28072	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 713	242 B
1	1dmp.io sync.1dmp.io — Cisco Umbrella Rank: 19019	155 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1255	172 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 421	1 KB
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 978	639 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1470	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 493	494 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 24489	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 660	469 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 601	339 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 32942	849 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 29573	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2294	273 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 375	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 924	344 B
1	semasio.net uipglob.semasio.net — Cisco Umbrella Rank: 1176	253 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 560	636 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 592	163 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4221	400 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 22724	466 B
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 7595	315 B
1	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 12858	134 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6080	455 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 637	393 B
1	t.co t.co — Cisco Umbrella Rank: 516	377 B
1	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 18732	9 KB
1	digitaljungle.io pixels.digitaljungle.io — Cisco Umbrella Rank: 422948	9 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 651	15 KB
0	ib-ibi.com Failed global.ib-ibi.com Failed
130	69

	Domain	Requested by
12	c1.adform.net	2 redirects a2.adform.net c1.adform.net
6	wesleyfinancialgroup.typeform.com	1 redirects wesleyfinancialgroup.typeform.com
5	cm.adsafety.net	4 redirects c1.adform.net
5	www.facebook.com	wesleyfinancialgroup.typeform.com
5	analytics.tiktok.com	wesleyfinancialgroup.typeform.com analytics.tiktok.com
4	rudderstack.cdp.prod.data.typeform.com	wesleyfinancialgroup.typeform.com
4	gtm.wesleyfinancialgroup.com	wesleyfinancialgroup.typeform.com www.googletagmanager.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net
4	renderer-assets.typeform.com	wesleyfinancialgroup.typeform.com renderer-assets.typeform.com
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	cm.g.doubleclick.net	3 redirects
3	pixel.onaudience.com	3 redirects
3	k.clarity.ms	wesleyfinancialgroup.typeform.com
3	ct.pinterest.com	s.pinimg.com wesleyfinancialgroup.typeform.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com wesleyfinancialgroup.typeform.com
3	www.clarity.ms	www.googletagmanager.com www.clarity.ms bat.bing.com
3	font.typeform.com	wesleyfinancialgroup.typeform.com font.typeform.com
2	c.clarity.ms	1 redirects
2	rudderstack-control-plane.cdp.prod.data.typeform.com	wesleyfinancialgroup.typeform.com
2	pixel.tapad.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	c1.adform.net
2	loada.exelator.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	t.visx.net	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	fb.wesleyfinancialgroup.com	connect.facebook.net wesleyfinancialgroup.typeform.com
2	sp.analytics.yahoo.com	wesleyfinancialgroup.typeform.com
2	a2.adform.net	1 redirects wesleyfinancialgroup.typeform.com
2	tr.outbrain.com	amplify.outbrain.com wesleyfinancialgroup.typeform.com
2	google.com	www.googletagmanager.com
2	s.yimg.com	wesleyfinancialgroup.typeform.com s.yimg.com
2	unpkg.com	1 redirects wesleyfinancialgroup.typeform.com
2	s.pinimg.com	wesleyfinancialgroup.typeform.com s.pinimg.com
2	www.googletagmanager.com	wesleyfinancialgroup.typeform.com www.googletagmanager.com
1	c.bing.com	1 redirects
1	pixel.rubiconproject.com	c1.adform.net
1	sync.e-volution.ai	1 redirects
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.1dmp.io	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	pixel.mathtag.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	tags.adsafety.net	1 redirects
1	ads.smartstream.tv	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	uipglob.semasio.net	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	ups.analytics.yahoo.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	a1.seadform.net	wesleyfinancialgroup.typeform.com
1	wp-ui.app-us1.com	diffuser-cdn.app-us1.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	cdn.rudderlabs.com	renderer-assets.typeform.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	www.google.de	wesleyfinancialgroup.typeform.com
1	www.google.com	wesleyfinancialgroup.typeform.com
1	analytics.twitter.com	wesleyfinancialgroup.typeform.com
1	t.co	wesleyfinancialgroup.typeform.com
1	diffuser-cdn.app-us1.com	wesleyfinancialgroup.typeform.com
1	s2.adform.net	wesleyfinancialgroup.typeform.com
1	cdn.matomo.cloud	wesleyfinancialgroup.typeform.com
1	pixels.digitaljungle.io	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	images.typeform.com	wesleyfinancialgroup.typeform.com
0	global.ib-ibi.com Failed	c1.adform.net
0	personalization-wp-service.cluster.app-us1.com Failed	wesleyfinancialgroup.typeform.com
130	92

This site contains links to these domains. Also see Links.

Domain
wesleyfinancial.com

Subject Issuer	Validity	Valid
typeform.com Cloudflare Inc ECC CA-3	`2022-06-27` - `2023-06-26`	a year	crt.sh
*.typeform.com Amazon RSA 2048 M01	`2023-02-24` - `2023-10-29`	8 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-26` - `2023-05-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
pixels.digitaljungle.io Amazon RSA 2048 M01	`2023-03-01` - `2024-01-05`	10 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M01	`2023-02-24` - `2023-12-25`	10 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
diffuser-cdn.app-us1.com E1	`2023-04-10` - `2023-07-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
gtm.wesleyfinancialgroup.com GTS CA 1D4	`2023-03-26` - `2023-06-24`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
prism.app-us1.com R3	`2023-03-31` - `2023-06-29`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
fb.wesleyfinancialgroup.com R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.rudderlabs.com Amazon RSA 2048 M02	`2023-02-21` - `2023-08-12`	6 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-25` - `2023-09-25`	a year	crt.sh
*.app-us1.com Amazon RSA 2048 M02	`2023-02-21` - `2024-01-02`	10 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
sync.1dmp.io R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M02	`2023-02-27` - `2023-09-20`	7 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2022-05-31` - `2023-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
cdp.prod.data.typeform.com Amazon RSA 2048 M02	`2023-02-23` - `2024-02-01`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Frame ID: 4F9353CCAD7CE0EE0F5AA38546C8894E
Requests: 78 HTTP requests in this frame

Frame: https://wesleyfinancialgroup.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Frame ID: A5C6A3C8D786394C11BA69A865E22E75
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Frame ID: F0EC4E4473120A2231AB9FF1C8F837C8
Requests: 46 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 8336EF810E1A0AB14A849759EE4523BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get Rid Your Timeshare - Verizon - Predictive Video

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

130
Requests

79 %
HTTPS

28 %
IPv6

69
Domains

92
Subdomains

71
IPs

11
Countries

1540 kB
Transfer

4848 kB
Size

116
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wesleyfinancial.com/thank-you?utm
Title: https://wesleyfinancial.com/thank-you?utm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://wesleyfinancialgroup.typeform.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://wesleyfinancialgroup.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

Request Chain 11

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.3.1/dist/web-vitals.iife.js

Request Chain 48

https://a2.adform.net/Serving/TrackPoint/?pm=2463751&ADFdivider=%7C&ord=864928092838&ADFtpmode=2&loc=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2463751&ADFdivider=%7C&ord=864928092838&ADFtpmode=2&loc=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 74

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=98248848795922064&Expiration=1685781635 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=98248848795922064&Expiration=1685781635

Request Chain 77

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=98248848795922064&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=98248848795922064&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=c7064150b276488d9eb943bc7ba755f4 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=4bdbc792d7de4a34c6624d2187e112031bda20b9e13a64765b3040556ded465d

Request Chain 81

https://x.bidswitch.net/sync?dsp_id=70&user_id=98248848795922064 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=98248848795922064 HTTP 302
https://t.visx.net/sync?tp_id=1&tp_uid=ca8fc418-a85c-4807-9499-5e2375982557&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd= HTTP 302
https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=ca8fc418-a85c-4807-9499-5e2375982557&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=

Request Chain 82

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=98248848795922064&expiration=1685781635 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=98248848795922064&expiration=1685781635&C=1

Request Chain 85

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=98248848795922064 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=98248848795922064&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 90

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 91

https://pixel.onaudience.com/?mapped=98248848795922064&partner=68 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6d07069978ebe02e6acf51f40b38cdc8&gdpr=1 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bbe3683ad6ed4d53/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 92

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=98248848795922064 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12023052008a2a2843c4b55dc24b51&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=2dbcc4e906a1da8073009307279b03d6&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12023052008a2a2843c4b55dc24b51&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=2dbcc4e906a1da8073009307279b03d6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzA1MjAwOGEyYTI4NDNjNGI1NWRjMjRiNTE&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEECm4eCmZ2KaBHPyXEXUMF8&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12023052008a2a2843c4b55dc24b51 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=98248848795922064

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTgyNDg4NDg3OTU5MjIwNjQ HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIm_3FVzeCTf8NNDTXpMADQ&google_cver=1&google_ula=1641347,0

Request Chain 95

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=5854758284647055159&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=98248848795922064

Request Chain 99

https://a.audrte.com/a?adform_uid=98248848795922064 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NzFmZk1TSC02a1VRRFdNSXpXNHRtNUYtdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 100

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=98248848795922064&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=98248848795922064&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=61696962936676845721679643413221280906&noredirect=1

Request Chain 101

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=98248848795922064 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217553104522001217570

Request Chain 102

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7235181802389829772

Request Chain 104

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=5e0c6468-8785-4000-94be-773cf4f04a57

Request Chain 105

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=8Xv15bGJ1Q0i8I5

Request Chain 109

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2365000723 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=kRFRhYbl9E8ROyO4JSmSbO

Request Chain 113

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=98248848795922064&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=98248848795922064&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=123981c3-b639-4de4-85ec-3e2acf3ede68

Request Chain 116

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=98248848795922064 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 128

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7652EA2F3D9340FBB4788046F6D11143&RedC=c.clarity.ms&MXFR=3401CB16C466656C1EA9D801C0666B73 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7652EA2F3D9340FBB4788046F6D11143&MUID=3A8C1B93CFF7601D289E0884CE5B61AE

130 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request GtOxZlcR Show response
wesleyfinancialgroup.typeform.com/to/ 192 KB
63 KB 689ms
434ms Document
text/html 104.18.22.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 7913-7.53.0

Resource Hash

2e458548b79b6787b66b7f91afd065d243576054f9bb4f8435a0352ee73d83bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-expose-headers: Location, X-Request-Id
age: 244
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ca346899a779b67-FRA
content-encoding: gzip
content-security-policy-report-only: report-uri https://typeformforms.report-uri.com/r/t/csp/reportOnly; default-src 'self' https: data: blob: chrome-extension: moz-extension: safari-extension:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:; worker-src 'self' blob:; manifest-src public-assets.typeform.com; form-action 'none'; frame-ancestors 'self' http://localhost:* capacitor: iconic: https:; base-uri 'self'; child-src wvjbscheme: https:; connect-src 'self' wss: https: chrome-extension: moz-extension: safari-extension:; style-src 'self' 'unsafe-inline' https:
content-type: text/html; charset=utf-8
date: Sat, 20 May 2023 08:40:33 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4sst72u61eAyqNYP6ut8aBhsRIE5S%2FdvJj7GE2i30AAE%2BlYYFIJ9df18GojLFxmC0Vukpc%2BLrmJbNROwMhhSb7cUXJdJepkF2pfV1I%2FH672oj90Seck021E8G2MnK2k%2B4v3vAv3nHwvn%2FU6dw061OjL7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-cache-lookup: HIT
x-envoy-upstream-service-time: 1
x-powered-by: 7913-7.53.0
x-varnish: 9987213 12488120

GET
H2 200 index.css
font.typeform.com/dist/google/source-sans-pro/ 4 KB
1000 B 179ms
41ms Stylesheet
text/css 2600:9000:2057:4e00:9:b3c8:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://font.typeform.com/dist/google/source-sans-pro/index.css
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4e00:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d2c4cbbbe60040a93036ff274f963363983cd0858668321167755d1a591584a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 12:08:25 GMT
x-amz-version-id: RgrC5wN2ZUhy35oPfXwQaqq0F8n7vOug
content-encoding: gzip
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 160330
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 May 2023 00:22:39 GMT
server: AmazonS3
etag: W/"e890cc09440a04f162dbe2f3b154126e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=432000
x-amz-cf-id: XIeqzll1dyAsv-6ksCn7KMC4m43nIVzNnaCik4PxyDjuiVGzrjAL4A==

GET
H2 200 default
images.typeform.com/images/Pp6xQ58SdCfZ/image/ 51 KB
51 KB 5236ms
5112ms Image
image/png 2600:9000:214f:8600:8:2495:5540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.typeform.com/images/Pp6xQ58SdCfZ/image/default

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8600:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f02efbdb587f7295480f9d062e83a09948386c5bf62a0ab488f9cc5847aa55bd

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:39 GMT
content-security-policy: script-src 'self'
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7, FRA53-C1
x-amzn-requestid: 75802c89-5c13-4cda-aa0e-445c1353ff38
x-amzn-trace-id: Root=1-64688782-20cf0ad16afa801015f7292a;Sampled=0;lineage=1e19b125:0
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1296000
x-amz-apigw-id: FNocaEjnIAMFcug=
content-length: 51976
x-amz-cf-id: znEBMOlJswUre_xRzJn0gStQGo-9JOqVVuDIM3iN2e2k6JRXx2MChw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 366 KB
106 KB 161ms
63ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N4NN3KX&l=googleTagManager

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f351a4f19c177005933374240a5fd074e0488b847462752b30dcd08b25a6fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108343
x-xss-protection: 0
last-modified: Sat, 20 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 20 May 2023 08:40:34 GMT

GET
H2 200 modern-renderer.02b7866125a40cee98bf.js Show response
renderer-assets.typeform.com/ 788 KB
232 KB 189ms
47ms Script
application/x-javascript 2600:9000:214f:3400:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/modern-renderer.02b7866125a40cee98bf.js
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca1f18a91a1f911d23498f38c331581730aa5f82d656e25717f582abf14437b3

Request headers

Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Origin: https://wesleyfinancialgroup.typeform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:02:51 GMT
x-amz-version-id: AfRSpHqMtxsrLvvlHkwElijzNSoARM84
content-encoding: gzip
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 63464
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 May 2023 11:48:50 GMT
server: AmazonS3
etag: W/"6f1aa4c9b857f728be3f91075d8f2fc9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: max-age=2419200
x-amz-cf-id: mil-VXvowgK1-bLZH8pTWxzj1U9VF4bjXgqNQDY2977hVc3fK9ffRg==

GET
H3

200

invisible.js Show response
wesleyfinancialgroup.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/ Frame A5C6
Redirect Chain

https://wesleyfinancialgroup.typeform.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://wesleyfinancialgroup.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

28 KB
15 KB

49ms
48ms

Script
application/javascript

104.18.22.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wesleyfinancialgroup.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Server

104.18.22.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

401443194091a1e4ddbac0f265e50b025b8f2175536e3558bc16967ce64204ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtJvOZPs9%2FuEX%2FdD5EEH2Hw2YiAVvG%2FnlbgsniuFul5yflYLNZ13q%2BB8YxlPxDRc%2Bki5jOJy96jY39daTXyKjacrjIOLUCs2Sc7UN8G6DXlG9%2BgV29%2Bv7CDY0Jyi3lIZfFm5eJ0f2yUsSZS0qnOdKgB7Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7ca3468e4f04380e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sat, 20 May 2023 08:40:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECkZYiiDjZhbCLCLO2%2BOV68jI5MSYim3aYqAkcqgloQATRLrh4WYKTPoimguqa00qM%2Bye%2FWwmykGRk5x%2FZMv%2B3oeGOd2J5OHDbnKdig4YVY7v7sgYH7HaDdd7LvR3b3IayqG%2BRekNlQ1vJ8dAaWzxlVXfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7ca3468dff4a9b67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
wesleyfinancialgroup.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame A5C6 5 KB
4 KB 47ms
46ms Other
application/javascript 104.18.22.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wesleyfinancialgroup.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94616f7b7d9cbebbd3b4524b2963d86f132f1f57aa715b51ecabbe2b04132d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLabpwAdeSN9VlaJhOpGLWQoa07ycr5XxAjUfzeE3aXdzKm5D%2BvCwqvKiGJHthPgzJSi7BUKn4RbfDwU41v91GKfBJGPYXCfvvegpLTvdZ4RL%2F1BvlZeCJRQo0gvVCLuncvbOPCGDT3OCkf%2B1q%2F%2Fs4KXEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7ca3468eefa3380e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 152ms
39ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a62387c9826311dd23b686c73af32a3922cbbb087222698947a74301414b87ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:34 GMT
content-encoding: br
x-cdn: fastly
etag: "a04e1291e6ed2967f1c0f633fddfe433"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1444

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/967761814/ 3 KB
2 KB 197ms
88ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/967761814/?random=1684572034482&cv=11&fst=1684572034482&bg=ffffff&guid=ON&async=1&gtm=45He35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&hn=www.googleadservices.com&frm=0&tiba=Get%20Rid%20Your%20Timeshare%20-%20Verizon%20-%20Predictive%20Video&auid=1591535792.1684572034&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NN3KX&l=googleTagManager

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16f83a3888c2f9fca0cee0ea90d007b4dc624c608e9037dd068a71bdcc353e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 22 KB
7 KB 130ms
39ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NN3KX&l=googleTagManager
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:40:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 May 2023 06:28:15 GMT
Server: AkamaiNetStorage
ETag: "5eb6cb81dec36b8e936c154fb603efbb:1683181933.901167"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6835
Expires: Sat, 20 May 2023 09:00:34 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 145ms
39ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NN3KX&l=googleTagManager
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:34 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230091-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 127ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NN3KX&l=googleTagManager

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 20 May 2023 08:40:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FRvcEnUNuX6wOlNYf50ff9TYZrU7FjTK5QaiiM5DOZeruRMDj9PGAhTOnXed4YNtWtGvmnWXkJs4yaqBY4FHOA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.3.1/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.3.1/dist/web-vitals.iife.js

7 KB
3 KB

49ms
48ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.3.1/dist/web-vitals.iife.js

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:34 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2082533
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GYY30SBSC6QNKX6R8JSGKJG2-fra
server: cloudflare
etag: W/"1b8b-2Pht765cKB7+cupYL/A9I7DYa+A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ca34690dbd818ef-FRA

Redirect headers

date: Sat, 20 May 2023 08:40:34 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H0W52F3847FJQT134K75G48D-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.3.1/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7ca346903afa18ef-FRA

GET
H2 200 8xisnr0ha8 Show response
www.clarity.ms/tag/ 840 B
1 KB 303ms
144ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/8xisnr0ha8?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NN3KX&l=googleTagManager
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e98bc316106d0b5f0bb29378ae099aafbc17b3b3031ec1814f7f9af83a4114bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: application/x-javascript
date: Sat, 20 May 2023 08:40:33 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0godoZAAAAACDxsBTw8zRSY4Lo6BMAS5yRlJBMzFFREdFMDMwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 192ms
65ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NN3KX&l=googleTagManager

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 20 May 2023 08:40:33 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C43307646D75415B9C5F3F64C2890E23 Ref B: FRA31EDGE0810 Ref C: 2023-05-20T08:40:34Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 17 KB
7 KB 164ms
44ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:04 GMT
x-amz-version-id: JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: MQZE9336C086WTEB
age: 31
x-amz-server-side-encryption: AES256
x-amz-id-2: 6ONGaQ4ozqf+E6XYJjMt+BICb+TXLeoGVnSos5mBVjVeRp+iuq8qpZp3TaI11hr7mPHFdcn+WSM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 26 Apr 2023 11:08:30 GMT
server: ATS
etag: "e896178ac557f4e393e0a05405c33633-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 268ms
145ms Script
application/javascript 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2MHLICST064N5C4AJ10&lib=ttq
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: aeeb6db2bad8963464d81eeccf1152f1381bb87178990602af63ed98dc3a7503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 229801f5.1beba71f
date: Sat, 20 May 2023 08:40:34 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time: 102,23.38.99.148
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=14, inner; dur=3
content-length: 1216
pragma: no-cache
server: nginx
x-tt-logid: 20230520084034050892ED99FF8FF7DE6C
x-cache-remote: TCP_MISS from a23-222-16-102.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.222.16.102
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f17fa09a9abbc68c29f531e1300c5d5ecbded6cfaef14f2de18633405c1db14a54a4d5087de5f1c133698509678e5c5ca72e2196a17cada35b32d32d69537cbce46c74e1b9fc9bc0d4a8dcbaf64a46ca93b62ca8a682b4673b6fe997c8cd72e0be
expires: Sat, 20 May 2023 08:40:34 GMT

GET
H2 200 20700.min.js Show response
pixels.digitaljungle.io/ 9 KB
9 KB 208ms
42ms Script
application/javascript 2600:9000:20eb:4800:f:b1e1:8300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.digitaljungle.io/20700.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NN3KX&l=googleTagManager
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4800:f:b1e1:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4470f09758bd5bacde005dbe35d43094b6b7a5c411044bc0e7c8c0026fb05328

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: GHBouyKOREo8cglE4yZkLmXXFypkJOMh
date: Sat, 20 May 2023 07:45:56 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
last-modified: Wed, 30 Jun 2021 19:01:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 42960
etag: "de7f832adf7fffe350fec4ccf728c97c"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9003
x-amz-cf-id: QLCTSEaF_DP9zOnV3otoEqgaCNaiWLcmmlPUvfGKbNmDiqCF6_QihQ==

GET
H2 200 container_p6aMKtRI.js Show response
cdn.matomo.cloud/reverseads.matomo.cloud/ 28 KB
9 KB 193ms
43ms Script
application/javascript 2600:9000:223d:c400:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/reverseads.matomo.cloud/container_p6aMKtRI.js
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:c400:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0656cff5640723c6bf720a918774f718f7f895d67195977f0c7d7d330f5bc3b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 07:56:34 GMT
x-amz-version-id: bJN.L9I.o1KWh9g5wn1afjTzADaF0dV1
content-encoding: gzip
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 2641
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 24 Nov 2022 09:46:10 GMT
server: AmazonS3
etag: W/"04ad09bb6b5425b0a0f96a2bbace8dbd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: JWfy5LAgllmlVKd_qS8XTKCNqMiJYf-MO8K3lXXTDLMlghFf43IyUg==

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 78 KB
30 KB 204ms
77ms Script
application/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:34 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
server: nginx
x-amz-request-id: tx000008ea21c9e2f837d84-006385e0d3-32940f80-default
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 162ms
53ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:34 GMT
content-encoding: gzip
via: 1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: MUC50-C1
age: 276
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 7ca346918a4b1e49-FRA
x-amz-cf-id: mJ4u6OA9voNWkGOh5PwuAG1LKQnhTMCnsMjoY0kCp6Jg772XJ96AlA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 62ms
60ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KYL4CRBW7Z&l=googleTagManager&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NN3KX&l=googleTagManager

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

744e9ef33d1e46d31471b93056ac2cc82983846c68988b6a66e2c88cdca49a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 20 May 2023 08:40:34 GMT

POST
H2 200 967761814
google.com/pagead/form-data/ 0
0 151ms
47ms Ping
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/pagead/form-data/967761814?em=tv.1&gtm=45He35h0&auid=1591535792.1684572034
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NN3KX&l=googleTagManager
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

POST
H2 204 967761814
google.com/ccm/form-data/ 0
188 B 180ms
82ms Ping
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/967761814?em=tv.1&gtm=45He35h0&auid=1591535792.1684572034
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NN3KX&l=googleTagManager
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
gtm.wesleyfinancialgroup.com/campaign_data/ 2 B
130 B 601ms
491ms XHR
text/plain 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gtm.wesleyfinancialgroup.com/campaign_data/
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
date: Sat, 20 May 2023 08:40:35 GMT
via: 1.1 google
access-control-allow-credentials: true
content-length: 2

POST
H2 200 / Show response
gtm.wesleyfinancialgroup.com/geo/ 122 B
182 B 606ms
497ms XHR
text/plain 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gtm.wesleyfinancialgroup.com/geo/
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 261ad6ea835383221584dd7fb5ba2c5456686876ba3a643b951138c320db7777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
date: Sat, 20 May 2023 08:40:35 GMT
via: 1.1 google
access-control-allow-credentials: true
content-length: 122

POST
H3 200 7ca346899a779b67 Show response
wesleyfinancialgroup.typeform.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame A5C6 2 B
738 B 66ms
62ms XHR
text/plain 104.18.22.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wesleyfinancialgroup.typeform.com/cdn-cgi/challenge-platform/h/g/cv/result/7ca346899a779b67

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/cdn-cgi/challenge-platform/scripts/invisible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 May 2023 08:40:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yX7HlZyjcnYGkSsNSrvNVJ%2BL%2B8uLzEebdM0woEP6Tv7AKGSx03aUmLOSQyZ8xWR5fZMrfNk%2BoOASvjb4ppcvqGH1dzpnIRO6lsjDfLoIOctJMozpPCzJVifvIru1ImNdtrqLQlQsOZzIP0YFHzhJ3vyR%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7ca34690c9f7380e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.b68cecd9.js Show response
s.pinimg.com/ct/lib/ 62 KB
18 KB 43ms
42ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.b68cecd9.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a603139b3b85a956beb096a23eb80bad0a19c119df91b618122779fe16bbff91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:34 GMT
content-encoding: br
x-cdn: fastly
etag: "c7f9533bd6b4e2008590df3f4d1a5fbe"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 17974

GET
H3 200 vendors~form~blocks-validation-phone_number~blocks-renderer-contact_info~blocks-renderer-phone_number.0c35a1c1193305df993f.renderer.js Show response
renderer-assets.typeform.com/ 107 KB
28 KB 100ms
47ms Script
application/x-javascript 2600:9000:214f:3400:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/vendors~form~blocks-validation-phone_number~blocks-renderer-contact_info~blocks-renderer-phone_number.0c35a1c1193305df993f.renderer.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.02b7866125a40cee98bf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:3400:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c683a0b24c9732c0eaa4f0e9552d815dde7e4e5eea1270da99e81dd703c950dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: xdjvmhjdVwEAO6dGoixvICurUq2xwYKi
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
date: Sat, 20 May 2023 00:28:32 GMT
age: 29523
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 May 2023 11:21:52 GMT
server: AmazonS3
etag: W/"84ed4a4c21dda7b34914967639b12068"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: cXiFbCUxvpUaDmv2qY2Na9W2aU62PP4I15Z31iqK9lTPtYbsJfXIfw==

GET
H3 200 vendors~form.d3eb08818b27667e99fe.renderer.js Show response
renderer-assets.typeform.com/ 455 KB
134 KB 99ms
45ms Script
application/x-javascript 2600:9000:214f:3400:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/vendors~form.d3eb08818b27667e99fe.renderer.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.02b7866125a40cee98bf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:3400:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b441f99e5c7c2a8a69893b0cdaac010fa2520777527f1e06c234a80440266333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: efxC5qYClPSuh4oz7AENHlow8OOh5Nrq
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
date: Sat, 20 May 2023 06:11:47 GMT
age: 8928
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 May 2023 11:21:52 GMT
server: AmazonS3
etag: W/"2ce270197a614355b87192a593759d36"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: uZ-peC5SQIFIHtnsH9brfRGXJYi1tyCqFlaBw3mLAabPXYJS1yvigQ==

GET
H3 200 form.4155e43be8a55444735f.renderer.js Show response
renderer-assets.typeform.com/ 247 KB
70 KB 101ms
48ms Script
application/x-javascript 2600:9000:214f:3400:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/form.4155e43be8a55444735f.renderer.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.02b7866125a40cee98bf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:3400:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ccb902f19f885a9f1b65ff0a4a6418e26611b4f464b6295ea3b68e89fcb2075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: FYKmZqIgnoIJM6ZiwjqBB02CmoQhXu6h
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
date: Fri, 19 May 2023 11:24:32 GMT
age: 76565
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 May 2023 11:21:52 GMT
server: AmazonS3
etag: W/"8b64c54c199253217d83735ccc5211b8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 3dj4hC9SZLIpPFTtj34ZDlzcecu9m5z-1iqtISAFNq_9dz9ehIsf6w==

GET default-firstframe.png
images.typeform.com/images/Pp6xQ58SdCfZ/image/ 0
0

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 515ms
132ms Script
application/javascript 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=003a821aad98fc44e71ede97d9d1b12761
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:40:35 GMT
X-TraceId: 6a211d295225bf71f49add548d388e09
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 505ms
120ms Image
image/gif 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=04406146748720665&referrer=&cht=gtm&marketerId=003a821aad98fc44e71ede97d9d1b12761&name=PAGE_VIEW&dl=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&g=1&obApiVersion=1.0-gtm&obtpVersion=2.0.5
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:40:35 GMT
Cache-Control: no-cache
X-TraceId: 6c08b4a42c7eaf08a92d59d3df1b7b1e
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 adsct
t.co/i/ 43 B
377 B 238ms
145ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=8379e094-8199-405b-a8a2-bb0db0512388&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9414b18f-b140-4b92-ba9c-aa700d904b86&tw_document_href=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2uge&type=javascript&version=2.3.29

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time: 105
date: Sat, 20 May 2023 08:40:34 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2eaf10941272f293
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 8c6baefc2a3948145ba9028d3284006f2e46b64d26b6155ef61b79ea56b75e94
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 273ms
151ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8379e094-8199-405b-a8a2-bb0db0512388&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9414b18f-b140-4b92-ba9c-aa700d904b86&tw_document_href=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2uge&type=javascript&version=2.3.29

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time: 111
date: Sat, 20 May 2023 08:40:34 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 02429bc1bc1b828f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c375fa0b12d2223722b078817973fa04f955c3bc844c24d55ee6f02bbf4deb08
content-length: 43

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
21 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 20 May 2023 08:40:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6ALtZa0r/tBhnVKxs9kePIHe3DeFEd2ekQVISX5cZcDNb44x+N7sTFGB5vcKQC9ugbryfiQ9YdQj9w79e2WL1w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 491856204273972 Show response
connect.facebook.net/signals/config/ 515 KB
149 KB 122ms
122ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/491856204273972?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb87ad0e26c0a5a6bbe5b18dabb678081d2f8c5927e59c3792b058e2ff5ef391

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 20 May 2023 08:40:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: olL+ccaIhBoDlL5Kw/KM8N2QL882smSh38nqFH3aRX6fXff44/IDNSnaJvJwHvZPXKvkyC5lXzmNVx6JFm/SMA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect Show response
gtm.wesleyfinancialgroup.com/g/ 65 B
581 B 739ms
739ms XHR
text/plain 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.wesleyfinancialgroup.com/g/collect?v=2&tid=G-KYL4CRBW7Z&gtm=45je35h0&_p=1741009101&cid=1837462321.1684572035&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gcsub=region1&ngs=1&_s=1&sid=1684572034&sct=1&seg=0&dl=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&dt=Get%20Rid%20Your%20Timeshare%20-%20Verizon%20-%20Predictive%20Video&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1684572230404_16845728835341&ep.timestamp=2023-05-20T08%3A40%3A34.480%2B00%3A00&ep.clean_page_url=wesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR&ep.navigation_type=NAVIGATE&epn.redirect_count_in=0&ep.gtm-web-container-id=GTM-N4NN3KX&ep.gtm-web-container-version=83&ep.x-ga-ua-tracking-id=UA-121622253-1&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYL4CRBW7Z&l=googleTagManager&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 10094627.json Show response
s.yimg.com/wi/config/ 46 B
681 B 231ms
152ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10094627.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

cf7bedc355b38f6b395598b2c226faa3f239810bc30b1da3a89908f969e6b0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:36 GMT
x-amz-version-id: 0EPeY6VxLvrXB_cHbr0fqvXKVQk6jqeK
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: AYV3MYK2FH83GV5Z
age: 0
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: PTkqFKgMS5NJhKyZoClkNKEA/5SnjuCRbeI9a9qrIridK+/jzOX7pd8wUR+UQsEL84Lk1yNcDQI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Tue, 12 Sep 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sun, 07 Aug 2022 02:58:06 GMT
server: ATS
etag: "2194e156ded24855112db94b39b74663"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H3 200 source-sans-pro-latin-700-normal.woff2
font.typeform.com/dist/google/source-sans-pro/files/ 13 KB
13 KB 96ms
47ms Font
binary/octet-stream 2600:9000:2057:4e00:9:b3c8:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://font.typeform.com/dist/google/source-sans-pro/files/source-sans-pro-latin-700-normal.woff2
Requested by: Host: font.typeform.com
URL: https://font.typeform.com/dist/google/source-sans-pro/index.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:4e00:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8

Request headers

Referer: https://font.typeform.com/dist/google/source-sans-pro/index.css
Origin: https://wesleyfinancialgroup.typeform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 19:50:23 GMT
x-amz-version-id: sTiPWsW8WKcKo3J30qt5i.evf7O6x1ZJ
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
age: 391812
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 13008
last-modified: Tue, 09 May 2023 00:22:45 GMT
server: AmazonS3
etag: "8b3ed539e3d76d4bd5649bd4bd06d181"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=432000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: HHoZ1aXy90PslevGTmA795_cTzSVo4lM9NJETysvOlQQA9oDOpjoMA==

GET
H3 200 source-sans-pro-latin-400-normal.woff2
font.typeform.com/dist/google/source-sans-pro/files/ 13 KB
13 KB 91ms
42ms Font
binary/octet-stream 2600:9000:2057:4e00:9:b3c8:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://font.typeform.com/dist/google/source-sans-pro/files/source-sans-pro-latin-400-normal.woff2
Requested by: Host: font.typeform.com
URL: https://font.typeform.com/dist/google/source-sans-pro/index.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:4e00:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Request headers

Referer: https://font.typeform.com/dist/google/source-sans-pro/index.css
Origin: https://wesleyfinancialgroup.typeform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: SFTsEiQQpTcVi1L8g5EifUMZu0AMu6nr
date: Sat, 20 May 2023 02:11:26 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
age: 128899
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 13080
last-modified: Tue, 09 May 2023 00:22:45 GMT
server: AmazonS3
etag: "834648c5f6f2f73c3df33def9348d879"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=432000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: fhkvVCVardKvq9Yii2qXlv48cUr3Si2pUt6dkjN4ubxnOoFiP_KVGg==

GET
H2 200 /
www.google.com/pagead/1p-user-list/967761814/ 42 B
455 B 143ms
52ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/967761814/?random=1684572034482&cv=11&fst=1684569600000&bg=ffffff&guid=ON&async=1&gtm=45He35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&frm=0&tiba=Get%20Rid%20Your%20Timeshare%20-%20Verizon%20-%20Predictive%20Video&fmt=3&is_vtc=1&random=505795307&rmt_tld=0&ipr=y

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/967761814/ 42 B
455 B 146ms
56ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/967761814/?random=1684572034482&cv=11&fst=1684569600000&bg=ffffff&guid=ON&async=1&gtm=45He35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&frm=0&tiba=Get%20Rid%20Your%20Timeshare%20-%20Verizon%20-%20Predictive%20Video&fmt=3&is_vtc=1&random=505795307&rmt_tld=1&ipr=y

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 211018690.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 178ms
177ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/211018690.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

86422b24d7aa0e0a8f88dc56948cfc5c21f961623d07025413c057eb68c1c35e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 20 May 2023 08:40:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7DDE6EC7B7B746E687A56D8B237B15AC Ref B: FRA31EDGE0810 Ref C: 2023-05-20T08:40:35Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60
content-length: 1497

GET
H2 204 0
bat.bing.com/action/ 0
289 B 66ms
65ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=211018690&tm=gtm002&Ver=2&mid=cee052a3-a264-435f-8d79-d3c6e55a67fc&sid=fcf97a20f6e911ed84df6713bc5f212f&vid=fcf9dd10f6e911eda4bf9738b0b23184&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Get%20Rid%20Your%20Timeshare%20-%20Verizon%20-%20Predictive%20Video&p=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&r=&lt=958&evt=pageLoad&sv=1&rn=760783

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 20 May 2023 08:40:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D7D77D19ACB9463E9FEC1831DFB5BFCC Ref B: FRA31EDGE0810 Ref C: 2023-05-20T08:40:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
20 KB 43ms
42ms Script
application/javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/8xisnr0ha8?ref=gtm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:34 GMT
content-encoding: br
last-modified: Wed, 17 May 2023 12:35:47 GMT
x-azure-ref-originshield: 0sndnZAAAAABxGczZe65CS4qUbKy1YPcjRlJBMjMxMDUwNDE3MDI3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB56D33D664056"
x-azure-ref: 0g4doZAAAAADkNCWUo+ACS6VvCjoIiN4rRlJBMzFFREdFMDMwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: fcff8a57-c01e-0049-25a6-896c30000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 / Show response
ct.pinterest.com/user/ 568 B
778 B 168ms
69ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614023592822&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1684572035059&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b68cecd9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pin-unauth: dWlkPU5tWmtNRFE1WXpVdE5EVmlNeTAwT0RnMExUbGtZMll0TUdZM05URm1OVGt4TW1Wag
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Sat, 20 May 2023 08:40:35 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6
x-pinterest-rid: 6383722724330548
content-length: 385
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2463751&ADFdivider=%7C&ord=864928092838&ADFtpmode=2&loc=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&Set1=en-U...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2463751&ADFdivider=%7C&ord=864928092838&ADFtpmode=2&loc=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&Set1...

864 B
1 KB

124ms
123ms

Script
text/javascript

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2463751&ADFdivider=%7C&ord=864928092838&ADFtpmode=2&loc=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5f5defbcd1cfabff3d73557cbbcaf0051f18bfbf5dc8b9be6f9587a7a7aea770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 705
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2463751&ADFdivider=%7C&ord=864928092838&ADFtpmode=2&loc=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 main.MWI2MzlmMWJmMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 257 KB
69 KB 43ms
43ms Script
application/javascript 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2MHLICST064N5C4AJ10&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5c8d3905b5c13d0c0e32c412ae45710365b71b1c9931b9c4ed44596e557be9d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 1beba77d
date: Sat, 20 May 2023 08:40:35 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305102024203C4470670C305137228B
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0131cd491eaeaf1da85982990a99f2fb5431dcbd8f8ac377a3c3cce593671d32072f389db180fffcef84dadd1ed921a5b32ec57c2307cd5acbc992079a0f9b44ec3e2751349af40ed11013146c52cc5ddb43de2d729946e273be25d2dd433af769
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 70024

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
96 B 67ms
66ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614023592822&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b68cecd9%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1684572035203
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:35 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1530171940599816
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 251 B
466 B 269ms
173ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=609784226&u=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.18
Resource Hash: 34004c8484e6adb792c9bb76b8804406f5d0dd0d5c74eb2950c5f6a7ebc8e0e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.18
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 38
cf-ray: 7ca34694ca6a9c12-FRA

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 256ms
61ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2020%20May%202023%2008%3A40%3A35%20GMT&n=0&b=Get%20Rid%20Your%20Timeshare%20-%20Verizon%20-%20Predictive%20Video&.yp=10094627&f=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&enc=UTF-8&yv=1.14.0&tagmgr=gtm

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 20 May 2023 08:40:35 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 257ms
62ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Get%20Rid%20Your%20Timeshare%20-%20Verizon%20-%20Predictive%20Video&.yp=10094627&f=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&enc=UTF-8&yv=1.14.0&et=custom&ec=event%20category&tagmgr=gtm

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 20 May 2023 08:40:35 GMT

GET
H3 200 277016066661358 Show response
connect.facebook.net/signals/config/ 376 KB
107 KB 183ms
183ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/277016066661358?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dddaef9ef6bd50030b8f79f637dac755f7e604cee392088b3a9bb5ff3ca3b20a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 20 May 2023 08:40:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: o2C/ZDaxQzRG662Uu1X/Xu2KQHH2N/xwfRFYQ+HjW640Vwl0qyfPnV/ERMBDAlQTM8x6S2V7tvN5UI10/cIsUA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 events Show response
fb.wesleyfinancialgroup.com/ 0
326 B 530ms
130ms XHR
text/plain 18.119.134.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.wesleyfinancialgroup.com/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/491856204273972?v=2.9.104&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.119.134.201 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-134-201.us-east-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
date: Sat, 20 May 2023 08:40:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 128ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=491856204273972&ev=PageView&dl=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&rl=&if=false&ts=1684572035301&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1684572035295.86681577&cs_est=true&it=1684572034893&coo=false&eid=1684572230404_16845728835341&tm=1&rqm=GET

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 20 May 2023 08:40:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 view-form-open Show response
wesleyfinancialgroup.typeform.com/forms/GtOxZlcR/insights/events/v3/ 2 B
1 KB 423ms
422ms Fetch
application/json 104.18.22.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wesleyfinancialgroup.typeform.com/forms/GtOxZlcR/insights/events/v3/view-form-open

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 20 May 2023 08:40:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-release: 4871726868
x-envoy-upstream-service-time: 12
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
x-build-date: 2023-05-03T14:13:36+02:00
server: cloudflare
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqW%2FWmSnzaLDiW4Q4pWWhGzNXfacR3a09KcuVMcKLeE2uorj0UAe2KIXajipJB47e3Ue1kHboEniEWc2CZEPK9ifgAM%2BkLHyAmX2T48FOWBhlx8bFGW61PiGEUcxZAWsNPWtQqcsj34z6LhxOwKLhl%2FTIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Location, X-Request-Id
x-service: insights-2.0
x-commit-sha: 20a67b777f544b67049d7cca4e25507a451c6ce2
cf-ray: 7ca34694fe88380e-FRA
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/v1/ 467 KB
134 KB 566ms
437ms Script
text/javascript 2600:9000:214f:7000:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1/rudder-analytics.min.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.d3eb08818b27667e99fe.renderer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0de4635daf9e0d9fa50baafa25d06c05b2a0d5350b6bd01b3523b4a33f783574

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:36 GMT
content-encoding: gzip
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2023 16:40:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"5b60435801f30d679713497feb476f2f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: E_nCr3agTd8VHeIGGHWukPCvbwrNIDs26mWOtfwNdAkl40mFg82rjA==

GET
H2 200 211018690 Show response
www.clarity.ms/tag/uet/ 1019 B
1 KB 141ms
140ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/211018690
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/211018690.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 40b86fbb221a6db8ab1542facbef71a49d7f1861d4a37e87b2ed138ca1bc79d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: application/x-javascript
date: Sat, 20 May 2023 08:40:34 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0g4doZAAAAADPiPJeK0umSr/9FBXEjHuhRlJBMzFFREdFMDMwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 identify_738b3.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 42ms
42ms Script
application/javascript 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 1beba812
date: Sat, 20 May 2023 08:40:35 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305102024203C4470670C3051372292
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0131cd491eaeaf1da85982990a99f2fb5431dcbd8f8ac377a3c3cce593671d32072f389db180fffcef84dadd1ed921a5b3147a70b2ca5c6d82058b6478aeda68bbbff7a0575b0c585770510aa12ea69e72f972728258428061c5b96f8626976bfc
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 30881

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
553 B 163ms
162ms Ping
text/plain 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:35 GMT
x-akamai-request-id: 1beba823
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202305200840358B8A278A8A106F13952A
x-cache: TCP_MISS from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 111,23.38.99.148
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f1ede74c502a40a78b60509b3024297ee4e4edd838249be9ddfb33ffe3ccd4854d9feeecd06bf13eb9d0266246450949a0777a5c568ad38ebac867d211ac9bbca9f5b2c9efbc87ed36e8c33ad67f33e5d0
server-timing: inner; dur=20, cdn-cache; desc=MISS, edge; dur=10, origin; dur=111
content-length: 0
expires: Sat, 20 May 2023 08:40:35 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
554 B 163ms
163ms Ping
text/plain 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:35 GMT
x-akamai-request-id: 1beba825
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202305200840351C38633B0D0C420956C5
x-cache: TCP_MISS from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 116,23.38.99.148
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f1ede74c502a40a78b60509b3024297ee476d796e0943cd490ef08f74212cb8249bbc75444915b9dbadc7f7526cad4b6095358b5b0855186bf03d59af549a5b40fff9ac7ee0e7680f4df30590a36862fdc
server-timing: inner; dur=25, cdn-cache; desc=MISS, edge; dur=6, origin; dur=116
content-length: 0
expires: Sat, 20 May 2023 08:40:35 GMT

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
313 B 613ms
253ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://wesleyfinancialgroup.typeform.com
Date: Sat, 20 May 2023 08:40:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 collect Show response
gtm.wesleyfinancialgroup.com/g/ 65 B
444 B 533ms
532ms XHR
text/plain 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.wesleyfinancialgroup.com/g/collect?v=2&tid=G-KYL4CRBW7Z&gtm=45je35h0&_p=1741009101&cid=1837462321.1684572035&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sst.uc=DE&sst.gcsub=region1&ngs=1&_s=2&sid=1684572034&sct=1&seg=0&dl=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&dt=Get%20Rid%20Your%20Timeshare%20-%20Verizon%20-%20Predictive%20Video&en=scroll&ep.event_id=1684572230404_16845728835341&ep.timestamp=2023-05-20T08%3A40%3A34.480%2B00%3A00&ep.clean_page_url=wesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR&ep.navigation_type=NAVIGATE&epn.redirect_count_in=0&ep.gtm-web-container-id=GTM-N4NN3KX&ep.gtm-web-container-version=83&ep.x-ga-ua-tracking-id=UA-121622253-1&epn.percent_scrolled=90&_et=80&richsstsse

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 280ms
173ms Script
text/javascript 2606:4700:4400::ac40:9197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=609784226&prismid=34f2bc06-ca65-43ef-b0eb-e0937dd3289f&url=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.19
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.19
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 19
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 7ca34696bd6092c9-FRA
content-length: 0

GET
H2 200 wp-controller.js Show response
wp-ui.app-us1.com/ 23 KB
8 KB 190ms
41ms Script
application/javascript 99.86.4.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wp-ui.app-us1.com/wp-controller.js
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-83.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c7f1515ef582d8c9730e046767d496baa2b27a6408245fa517e715a9409b538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 01:48:32 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Thu, 04 Mar 2021 16:39:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 24724
x-amz-server-side-encryption: AES256
etag: W/"c9bbc9a7fb8ba33cdf05ead14568b82f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: GXsLyJ-cPY2_XMvc0aKGSrj3y0_Oldz_CZi3vber-ri_0MiIiyrwLA==

POST
H2 200 events Show response
fb.wesleyfinancialgroup.com/ 0
327 B 263ms
129ms XHR
text/plain 18.119.134.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb.wesleyfinancialgroup.com/events

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.119.134.201 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-134-201.us-east-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
date: Sat, 20 May 2023 08:40:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 41ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=491856204273972&ev=PageView&dl=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&rl=&if=false&ts=1684572035572&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1684572035295.86681577&eid=ob3_plugin-set_5e29a88b9ad6d011ef7bf5a6e3d8c8065f9f607b741961bb1c85e3480d046054&cs_est=true&it=1684572034893&coo=false&rqm=GET

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 20 May 2023 08:40:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 42ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=277016066661358&ev=PageView&dl=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&rl=&if=false&ts=1684572035573&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684572035295.86681577&cs_est=true&it=1684572034893&coo=false&rqm=GET

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 20 May 2023 08:40:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame F0EC 5 KB
2 KB 149ms
40ms Document
text/html 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2463751&ADFdivider=%7C&ord=864928092838&ADFtpmode=2&loc=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9b867e058d6f57bbb47ab39ff2c00a2e07b5f27a2866d677a5dc35ef3762fe97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 20 May 2023 08:40:35 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
466 B 177ms
38ms Image
image/gif 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=98248848795922064&stamp=pQsXSsw6SKQDvP-67D9Y4w2

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET personalize
personalization-wp-service.cluster.app-us1.com/ 0
0

GET
H2 200 plf
c1.adform.net/imatch/ Frame F0EC 0
384 B 39ms
39ms Image
text/plain 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame F0EC
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=98248848795922064&Expiration=1685781635
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=98248848795922064&Expiration=1685781635

43 B
421 B

57ms
57ms

Image
image/gif

63.32.26.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=98248848795922064&Expiration=1685781635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Server: 63.32.26.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-26-56.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 May 2023 08:40:36 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=98248848795922064&Expiration=1685781635
access-control-allow-origin: *
date: Sat, 20 May 2023 08:40:35 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame F0EC 0
400 B 177ms
83ms Image
text/plain 23.215.16.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=98248848795922064
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-16-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 May 2023 08:40:35 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 19 May 2023 08:40:35 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame F0EC 0
214 B 178ms
41ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=98248848795922064
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame F0EC
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=98248848795922064&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=98248848795922064&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=c7064150b276488d9eb...
https://c1.adform.net/serving/cookie/match?party=9&uid=4bdbc792d7de4a34c6624d2187e112031bda20b9e13a64765b3040556ded465d

35 B
599 B

40ms
39ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=4bdbc792d7de4a34c6624d2187e112031bda20b9e13a64765b3040556ded465d

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=4bdbc792d7de4a34c6624d2187e112031bda20b9e13a64765b3040556ded465d
date: Sat, 20 May 2023 08:40:35 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame F0EC 43 B
163 B 186ms
49ms Image
image/gif 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=98248848795922064&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:35 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55944/ Frame F0EC 0
399 B 170ms
45ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=98248848795922064&_origin=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame F0EC 43 B
636 B 197ms
55ms Image
image/gif 184.86.251.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=98248848795922064
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-89.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 May 2023 08:40:35 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1684572035922050-386
Expires: Sat, 20 May 2023 08:40:35 GMT

GET
H/1.1

200
OK

sync
t.visx.net/ul_cb/ Frame F0EC
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=98248848795922064
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=98248848795922064
https://t.visx.net/sync?tp_id=1&tp_uid=ca8fc418-a85c-4807-9499-5e2375982557&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=
https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=ca8fc418-a85c-4807-9499-5e2375982557&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=

43 B
639 B

48ms
47ms

Image
image/gif

35.210.138.51
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=ca8fc418-a85c-4807-9499-5e2375982557&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: HTTP/1.1
Server: 35.210.138.51 Brussels, Belgium, ASN19527 (GOOGLE-2, US),
Reverse DNS: 51.138.210.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:40:36 GMT
xff: nil
Server: nginx
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
s2s: nil
ip: 80.255.7.104
Content-Length: 43

Redirect headers

Date: Sat, 20 May 2023 08:40:36 GMT
xff: nil
Server: nginx
Content-Type: text/plain
Location: https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=ca8fc418-a85c-4807-9499-5e2375982557&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
s2s: nil
ip: 80.255.7.104
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F0EC
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=98248848795922064&expiration=1685781635
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=98248848795922064&expiration=1685781635&C=1

43 B
766 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=98248848795922064&expiration=1685781635&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 May 2023 08:40:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 20 May 2023 08:40:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=111&external_user_id=98248848795922064&expiration=1685781635&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK info
uipglob.semasio.net/adform/1/ Frame F0EC 42 B
253 B 212ms
93ms Image
image/gif 77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=98248848795922064&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
uip-response-status: FallbackResponse
date: Sat, 20 May 2023 08:40:42 GMT
frontend-id: 8
content-length: 42
routing-server-id: -1
content-type: image/gif

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame F0EC 0
344 B 177ms
41ms Image
text/plain 3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=98248848795922064&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:40:36 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame F0EC
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=98248848795922064
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=98248848795922064&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
364 B

178ms
39ms

Image
image/gif

2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 20 May 2023 08:40:36 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 242007
x-accel-date: 1684330029
content-length: 43
x-77-nzt: AcO1qhHUGFz/V7EDAA
x-accel-expires: @1685366829
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: 4c156224ec919ea884876864e74afa18
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Sat, 20 May 2023 08:40:36 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame F0EC 0
98 B 149ms
48ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=98248848795922064
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=98248848795922064/gdpr=/ Frame F0EC 49 B
266 B 193ms
55ms Image
image/gif 52.17.45.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=98248848795922064/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.45.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-45-80.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.30.242
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame F0EC 62 B
227 B 331ms
216ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=98248848795922064
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 20 May 2023 08:40:36 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame F0EC 43 B
273 B 149ms
48ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=98248848795922064
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame F0EC
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

198ms
64ms

Image
image/gif

52.218.89.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: HTTP/1.1
Server: 52.218.89.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:40:37 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: N9TNCCH14X1EMB68
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 7ocmx2Q7X8nq3kLBMbZ6apdOB6/Z80LeqrKzvKmGob7mcMSQyqJxFCwV8ZpZHC2b+I4XUCPQiOk=

Redirect headers

X-Error-Reason: Missing UserId
Date: Sat, 20 May 2023 08:40:35 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame F0EC
Redirect Chain

https://pixel.onaudience.com/?mapped=98248848795922064&partner=68
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6d07069978ebe02e6acf51f40b38cdc8&gdpr=1
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bbe3683ad6ed4d53/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
265 B

149ms
58ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame F0EC
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=98248848795922064
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12023052008a2a2843c4b55dc24b51&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=2dbcc4e906a1da8073009307279b03d6&idt_did_status=added&gdpr_consent=&gdpr=0
https://tags.adsafety.net/v1/cm?cm_uid=CM12023052008a2a2843c4b55dc24b51&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=2dbcc4e906a1da8073009307279b03d6
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzA1MjAwOGEyYTI4NDNjNGI1NWRjMjRiNTE&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEECm4eCmZ2KaBHPyXEXUMF8&gdpr_consent=&gdpr=0&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12023052008a2a2843c4b55dc24b51
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=98248848795922064

43 B
2 KB

46ms
46ms

Image
image/gif

89.163.240.122
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=98248848795922064
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: HTTP/1.1
Server: 89.163.240.122 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: cm45.as.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 May 2023 08:40:36 GMT
Last-Modified: Sat, 20 May 2023 08:40:36 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=98248848795922064
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F0EC 0
339 B 200ms
54ms Image
text/plain 52.211.237.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=98248848795922064
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.237.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-237-29.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by: beacon-n003-dub-prod.krxd.net
date: Sat, 20 May 2023 08:40:36 GMT
cache-control: private, no-cache, no-store
x-request-time: D=25 t=1684572036
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame F0EC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTgyNDg4NDg3OTU5MjIwNjQ
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIm_3FVzeCTf8NNDTXpMADQ&google_cver=1&google_ula=1641347,0

35 B
599 B

39ms
39ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIm_3FVzeCTf8NNDTXpMADQ&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIm_3FVzeCTf8NNDTXpMADQ&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame F0EC
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=5854758284647055159&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=98248848795922064

43 B
1 KB

45ms
45ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=98248848795922064

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 May 2023 08:40:36 GMT
AN-X-Request-Uuid: 3064c1d4-6569-41d5-a8ed-ccb4bd7afb11
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=98248848795922064
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame F0EC 0
384 B 45ms
42ms Image
text/plain 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame F0EC 42 B
469 B 159ms
46ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=98248848795922064
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 20 May 2023 08:40:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame F0EC 43 B
444 B 133ms
39ms Image
image/gif 52.222.214.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-97.fra56.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 01:11:53 GMT
Via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: FRA56-P3
Age: 26923
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: g-TK0EujZjTIQ05GO16PTD4Ib7VM2DPPq7J2mdeZwTyIHM6gWHzoeA==

GET
H/1.1

200

p
a.audrte.com/ Frame F0EC
Redirect Chain

https://a.audrte.com/a?adform_uid=98248848795922064
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NzFmZk1TSC02a1VRRFdNSXpXNHRtNUYtdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

118ms
117ms

Image
image/png

23.23.142.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: HTTP/1.1
Server: 23.23.142.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-142-39.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:40:37 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sat, 20 May 2023 08:40:36 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame F0EC
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=98248848795922064&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=98248848795922064&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect...
https://c1.adform.net/serving/cookie/match?party=1007&cid=61696962936676845721679643413221280906&noredirect=1

35 B
590 B

40ms
39ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=61696962936676845721679643413221280906&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-2-v048-01f166ef7.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: oHAT/Wx7SrM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=61696962936676845721679643413221280906&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame F0EC
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=98248848795922064
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217553104522001217570

35 B
599 B

42ms
39ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217553104522001217570

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217553104522001217570
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame F0EC
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7235181802389829772

35 B
590 B

40ms
40ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7235181802389829772

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7235181802389829772
Date: Sat, 20 May 2023 08:40:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame F0EC 62 B
436 B 214ms
214ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=98248848795922064
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 20 May 2023 08:40:36 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame F0EC
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=5e0c6468-8785-4000-94be-773cf4f04a57

35 B
590 B

40ms
40ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=5e0c6468-8785-4000-94be-773cf4f04a57

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Sat, 20 May 2023 08:40:36 GMT
Server: MT3 851 9bd98ae master zrh-pixel-x10 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=5e0c6468-8785-4000-94be-773cf4f04a57
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Sat, 20 May 2023 08:40:35 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame F0EC
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=8Xv15bGJ1Q0i8I5

35 B
590 B

40ms
40ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=8Xv15bGJ1Q0i8I5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Sat, 20 May 2023 08:40:36 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=8Xv15bGJ1Q0i8I5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F0EC 70 B
264 B 186ms
59ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET image.sbmx
global.ib-ibi.com/ Frame F0EC 0
0

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame F0EC 43 B
1 KB 149ms
41ms Image
image/gif 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=98248848795922064

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 20 May 2023 08:40:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame F0EC
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2365000723
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=kRFRhYbl9E8ROyO4JSmSbO

35 B
599 B

39ms
39ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=kRFRhYbl9E8ROyO4JSmSbO

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:35 GMT
via: 1.1 google
last-modified: Sat, 20 May 2023 08:40:36 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=kRFRhYbl9E8ROyO4JSmSbO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F0EC 23 B
172 B 206ms
68ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=98248848795922064
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sat, 20 May 2023 08:40:36 GMT
pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame F0EC 12 B
155 B 528ms
77ms Image
text/html 87.242.89.90
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=98248848795922064
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:37 GMT
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
server: elb
accept-ranges: bytes
etag: "63d8131e-c"
content-length: 12
content-type: text/html

GET
H2 204 /
s.ad.smaato.net/c/ Frame F0EC 0
242 B 144ms
40ms Image
text/plain 2600:9000:211e:b000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=98248848795922064
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:b000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:36 GMT
cache-control: no-cache, must-revalidate
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 19DPY5N0h6P_FOT4mgu-uBChTXjyyPLieudsmvS0Zn1jdXVbjNJCVQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame F0EC
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=98248848795922064&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVI...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=98248848795922064&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BT...
https://c1.adform.net/serving/cookie/match?party=2007&cid=123981c3-b639-4de4-85ec-3e2acf3ede68

35 B
599 B

40ms
40ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=123981c3-b639-4de4-85ec-3e2acf3ede68

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Sat, 20 May 2023 08:40:36 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=123981c3-b639-4de4-85ec-3e2acf3ede68
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 98248848795922064
match.contentexchange.me/adform/ Frame F0EC 0
49 B 174ms
53ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/98248848795922064?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:36 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame F0EC 37 B
140 B 127ms
42ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=98248848795922064&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/ Frame F0EC
Redirect Chain

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=98248848795922064
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

0
239 B

167ms
40ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma: no-cache
Date: Sat, 20 May 2023 08:40:36 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 plf
c1.adform.net/imatch/ Frame F0EC 0
384 B 43ms
41ms Image
text/plain 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=98248848795922064&agencyId=7390&advertiserId=2105116&src=tp&rnd=564453
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:40:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 40ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=491856204273972&ev=Microdata&dl=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&rl=&if=false&ts=1684572035808&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20Rid%20Your%20Timeshare%20-%20Verizon%20-%20Predictive%20Video%22%2C%22meta%3Adescription%22%3A%22Click%20here%20to%20get%20your%20package!%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%22%2C%22og%3Atitle%22%3A%22Get%20Rid%20Your%20Timeshare%20-%20Verizon%20-%20Predictive%20Video%22%2C%22og%3Adescription%22%3A%22Click%20here%20to%20get%20your%20package!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimages.typeform.com%2Fimages%2FZ3AHBG8TabX5%2Fimage%2Fdefault%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1684572035295.86681577&eid=ob3_plugin-set_e8fe518fc539c5a06b1516d1610799142eb8a39d3ed9c9f1cc539261ac632591&it=1684572034893&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 20 May 2023 08:40:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 41ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=277016066661358&ev=Microdata&dl=https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%3Futm_ad%3DDYKredhouse&rl=&if=false&ts=1684572036074&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20Rid%20Your%20Timeshare%20-%20Verizon%20-%20Predictive%20Video%22%2C%22meta%3Adescription%22%3A%22Click%20here%20to%20get%20your%20package!%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwesleyfinancialgroup.typeform.com%2Fto%2FGtOxZlcR%22%2C%22og%3Atitle%22%3A%22Get%20Rid%20Your%20Timeshare%20-%20Verizon%20-%20Predictive%20Video%22%2C%22og%3Adescription%22%3A%22Click%20here%20to%20get%20your%20package!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimages.typeform.com%2Fimages%2FZ3AHBG8TabX5%2Fimage%2Fdefault%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1684572035295.86681577&it=1684572034893&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 20 May 2023 08:40:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H2 200 /
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame 0
0 397ms
118ms Preflight
text/plain 34.236.90.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.32.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.90.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-90-28.compute-1.amazonaws.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://wesleyfinancialgroup.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 20 May 2023 08:40:36 GMT
server: uvicorn
vary: Origin

GET
H2 200 / Show response
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ 610 B
744 B 121ms
120ms XHR
application/json 34.236.90.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.32.1
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.90.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-90-28.compute-1.amazonaws.com
Software: uvicorn /
Resource Hash: 1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028

Request headers

Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 May 2023 08:40:36 GMT
access-control-allow-credentials: true
server: uvicorn
content-length: 610
content-type: application/json

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
313 B 126ms
126ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://wesleyfinancialgroup.typeform.com
Date: Sat, 20 May 2023 08:40:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

OPTIONS
H2 200 track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 0
0 374ms
118ms Preflight 52.86.232.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.232.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-232-230.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://wesleyfinancialgroup.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
access-control-max-age: 900
content-length: 0
date: Sat, 20 May 2023 08:40:37 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
rudderstack.cdp.prod.data.typeform.com/v1/ 2 B
169 B 3295ms
3295ms XHR
text/plain 52.86.232.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.232.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-232-230.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
AnonymousId: NjZlMDE1ZGEtZGNjMy00Nzc4LWI3MjAtYjY3ZmJiZGY1MTU1
Content-Type: application/json

Response headers

access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
date: Sat, 20 May 2023 08:40:40 GMT
access-control-allow-credentials: true
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 0
0 118ms
117ms Preflight 52.86.232.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.232.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-232-230.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://wesleyfinancialgroup.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
access-control-max-age: 900
content-length: 0
date: Sat, 20 May 2023 08:40:37 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
rudderstack.cdp.prod.data.typeform.com/v1/ 2 B
169 B 125ms
125ms XHR
text/plain 52.86.232.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.232.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-232-230.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
AnonymousId: NjZlMDE1ZGEtZGNjMy00Nzc4LWI3MjAtYjY3ZmJiZGY1MTU1
Content-Type: application/json

Response headers

access-control-allow-origin: https://wesleyfinancialgroup.typeform.com
date: Sat, 20 May 2023 08:40:37 GMT
access-control-allow-credentials: true
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
313 B 127ms
125ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: wesleyfinancialgroup.typeform.com
URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://wesleyfinancialgroup.typeform.com
Date: Sat, 20 May 2023 08:40:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7652EA2F3D9340FBB4788046F6D11143&RedC=c.clarity.ms&MXFR=3401CB16C466656C1EA9D801C0666B73
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7652EA2F3D9340FBB4788046F6D11143&MUID=3A8C1B93CFF7601D289E0884CE5B61AE

42 B
444 B

59ms
59ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7652EA2F3D9340FBB4788046F6D11143&MUID=3A8C1B93CFF7601D289E0884CE5B61AE
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:39 GMT
last-modified: Thu, 04 May 2023 15:33:28 GMT
server: Microsoft-IIS/10.0
etag: "6de038c69d7ed91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 20 May 2023 08:40:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CB585C50632145F09DD94FEADA323C1D Ref B: FRA31EDGE0810 Ref C: 2023-05-20T08:40:39Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7652EA2F3D9340FBB4788046F6D11143&MUID=3A8C1B93CFF7601D289E0884CE5B61AE
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 8336 565 B
426 B 66ms
65ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b68cecd9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sat, 20 May 2023 08:40:39 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 6011266186637582

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images.typeform.com
URL: https://images.typeform.com/images/Pp6xQ58SdCfZ/image/default-firstframe.png

Domain: personalization-wp-service.cluster.app-us1.com
URL: https://personalization-wp-service.cluster.app-us1.com/personalize?trackId=609784226&visitorId=34f2bc06-ca65-43ef-b0eb-e0937dd3289f&url=https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=98248848795922064

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

116 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.typeform.com/	1970-01-20 14:05:48	Name: _gcl_au Value: 1.1.1591535792.1684572034
.typeform.com/	1970-01-20 16:15:24	Name: utmData Value: utmSource=(direct)\|utmMedium=(none)\|utmCampaign=(not set)\|utmContent=(not set)\|utmTerm=(not set)\|utmAdSet=(not set)\|utmAd=(not set)
.typeform.com/	1969-12-31 23:59:59	Name: utmDataSession Value: 1
.typeform.com/	1970-01-20 11:56:13	Name: __cf_bm Value: Bo.Ql4xmrUf5WvRUH0TxwqOSkqOt4dVhtNwTbMTvouA-1684572034-0-AU+4r+FdHhthwV2g5EfwR4sSjdLz7y+8a41xiBcQezXchVO5qW5d2fGQUSpD3liiayAKCR+dTzrBTNJUN7mJmcVWeEx61AFPyKTsok44DdvOVXVtxtWlAT2HsmMDmA+xMFwfNZLJqEbwluoomSZXGco=
www.clarity.ms/	1970-01-20 20:41:48	Name: CLID Value: c3c4092f6c2d4e91a7f396c47ff9d27b.20230520.20240519
.tiktok.com/	1970-01-20 21:17:48	Name: _ttp Value: 2Q3AkawMKWmQNxLeoMml1Sod9fA
.typeform.com/	1970-01-20 21:32:12	Name: _ga Value: GA1.1.1837462321.1684572035
.typeform.com/	1970-01-20 21:32:12	Name: _ga_KYL4CRBW7Z Value: GS1.1.1684572034.1.0.1684572034.0.0.0
.typeform.com/	1970-01-20 11:57:38	Name: _uetsid Value: fcf97a20f6e911ed84df6713bc5f212f
.typeform.com/	1970-01-20 21:17:48	Name: _uetvid Value: fcf9dd10f6e911eda4bf9738b0b23184
.bing.com/	1970-01-20 21:17:48	Name: MUID Value: 3A8C1B93CFF7601D289E0884CE5B61AE
.typeform.com/	1970-01-20 16:19:43	Name: tf_respondent_cc Value: {%22groups%22:[%222%22]%2C%22timestamp%22:%222023-05-20T08:40:35.115Z%22%2C%22implicitConsent%22:true}
.t.co/	1970-01-20 21:32:12	Name: muc_ads Value: 34854a5c-7682-40ba-8c5d-9be6218be917
.twitter.com/	1970-01-20 21:32:12	Name: personalization_id Value: "v1_OAQ67VUolB3EQV6720005Q=="
.wesleyfinancialgroup.typeform.com/	1970-01-20 20:41:48	Name: _pin_unauth Value: dWlkPU5tWmtNRFE1WXpVdE5EVmlNeTAwT0RnMExUbGtZMll0TUdZM05URm1OVGt4TW1Wag
.typeform.com/	1970-01-20 14:05:48	Name: _fbp Value: fb.1.1684572035295.86681577
.typeform.com/	1970-01-20 20:41:48	Name: attribution_user_id Value: a62b6217-c678-4d25-9111-5919d52937d6
.typeform.com/	1970-01-20 11:56:13	Name: tracking_session_id Value: 134d7382-f10d-4179-a87a-e686c1cda588
.typeform.com/	1970-01-20 20:41:48	Name: _clck Value: iv5j0h\|2\|fbr\|0\|1235
.typeform.com/	1970-01-20 21:17:48	Name: _tt_enable_cookie Value: 1
.adform.net/	1970-01-20 12:40:50	Name: C Value: 1
prism.app-us1.com/	1970-01-20 12:39:24	Name: prism_609784226 Value: 34f2bc06-ca65-43ef-b0eb-e0937dd3289f
.typeform.com/	1970-01-20 21:17:48	Name: _ttp Value: 3tq1lul4ahY7fFa-kDtWxZ1l_Dr
.yahoo.com/	1970-01-20 20:42:09	Name: A3 Value: d=AQABBIOHaGQCEBmahNy359BOFBqpCfo1IUAFEgEBAQHZaWRyZOAYyiMA_eMAAA&S=AQAAArCESOe4L988sp_uZrtfgtM
wesleyfinancialgroup.typeform.com/	1970-01-20 11:56:12	Name: outbrain_cid_fetch Value: true
.typeform.com/	1970-01-20 12:39:24	Name: prism_609784226 Value: 34f2bc06-ca65-43ef-b0eb-e0937dd3289f
.adform.net/	1970-01-20 13:22:36	Name: uid Value: 98248848795922064
.adform.net/	1970-01-20 11:57:38	Name: CM Value: 1\|1
wesleyfinancialgroup.typeform.com/	1970-01-20 12:06:16	Name: AWSALBTG Value: 4kKlPuUAKnkbHaqJOwjvS81XYISVL92d8EcDFj2iuEEN8kDW4YfNZRvXrSZ+PbEk1whyFIHP7Wkh5VeN8BbX72SiIsDNun2hZ9YoWd+TXiYvYsjreMnXJNrNZjOBSYnxSP/MBwQWKDqJgCxUDvHJnwIuDaY+F/sucjwDPuwfOT5f
wesleyfinancialgroup.typeform.com/	1970-01-20 12:06:16	Name: AWSALBTGCORS Value: 4kKlPuUAKnkbHaqJOwjvS81XYISVL92d8EcDFj2iuEEN8kDW4YfNZRvXrSZ+PbEk1whyFIHP7Wkh5VeN8BbX72SiIsDNun2hZ9YoWd+TXiYvYsjreMnXJNrNZjOBSYnxSP/MBwQWKDqJgCxUDvHJnwIuDaY+F/sucjwDPuwfOT5f
.adform.net/	1970-01-20 12:16:21	Name: CM14 Value: 1684658435_1684572035_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.seadform.net/	1970-01-20 13:22:36	Name: uid Value: 98248848795922064
.adscale.de/	1970-01-20 20:38:28	Name: uu Value: c7064150b276488d9eb943bc7ba755f4
.adscale.de/	1970-01-20 20:38:28	Name: cct Value: 1684572035902
.analytics.yahoo.com/	1970-01-20 20:41:48	Name: IDSYNC Value: 1760~2bqw
.casalemedia.com/	1970-01-20 20:41:48	Name: CMID Value: ZGiHg8IX4Vx9bRDhfiB.RQAA
.casalemedia.com/	1970-01-20 14:05:48	Name: CMPS Value: 5210
.casalemedia.com/	1970-01-20 14:05:48	Name: CMPRO Value: 5210
.ih.adscale.de/	1970-01-20 20:38:28	Name: tu Value: 4#1027174967#42~98248848795922064~467936~0~0
.360yield.com/	1970-01-20 14:05:48	Name: tuuid Value: 83b8da99-2e0b-420d-b87f-764fcc50d131
.360yield.com/	1970-01-20 14:05:48	Name: tuuid_lu Value: 1684572035
.bidswitch.net/	1970-01-20 20:41:48	Name: tuuid Value: ca8fc418-a85c-4807-9499-5e2375982557
.bidswitch.net/	1970-01-20 20:41:48	Name: c Value: 1684572036
.bidswitch.net/	1970-01-20 20:41:48	Name: tuuid_lu Value: 1684572036
.360yield.com/	1970-01-20 14:05:48	Name: um Value: !42,Ae79WbYSCRCldaWNdKA.yNU4qg6HZiV.oi0a0w2oiQ,1685781635
.360yield.com/	1970-01-20 14:05:48	Name: umeh Value: !42,0,1746780036,-1
.typeform.com/	1970-01-20 11:57:38	Name: _clsk Value: nl76o2\|1684572036120\|1\|1\|k.clarity.ms/collect
.eyeota.net/	1970-01-20 11:56:12	Name: SERVERID Value: 24514~DM
.onaudience.com/	1970-01-20 20:41:48	Name: cookie Value: bbe3683ad6ed4d53
.onaudience.com/	1970-01-20 11:57:38	Name: done_redirects161 Value: 1
cm.adsafety.net/	1970-01-20 20:41:48	Name: UID Value: CM12023052008a2a2843c4b55dc24b51
.adsafety.net/	1970-01-20 20:41:48	Name: cm_uid Value: CM12023052008a2a2843c4b55dc24b51
.doubleclick.net/	1970-01-20 21:17:48	Name: IDE Value: AHWqTUmjpUckAXHsVsqhXpO82iAQ832KzYHbHKQ2CPRyEfDuGmVfo7-PNq-8skpqEzs
.adnxs.com/	1970-01-20 14:05:48	Name: uuid2 Value: 5854758284647055159
.krxd.net/	1970-01-20 16:15:24	Name: _kuid_ Value: PkLvTfwC
ads.smartstream.tv/	1970-01-20 20:41:48	Name: DID Value: 2dbcc4e906a1da8073009307279b03d6
ads.smartstream.tv/	1970-01-20 20:41:48	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 20:41:48	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 12:39:24	Name: cm_uid Value: CM12023052008a2a2843c4b55dc24b51
.pubmatic.com/	1970-01-20 12:39:24	Name: KRTBCOOKIE_391 Value: 22924-98248848795922064&KRTB&23263-98248848795922064&KRTB&23481-98248848795922064
.pubmatic.com/	1970-01-20 12:39:24	Name: PugT Value: 1684572034
.typeform.com/	1970-01-20 20:41:48	Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX1%2Bt6DUEl1Iv%2FhKu9e%2FNr%2F51qXPxrNQu1jY%3D
.typeform.com/	1970-01-20 20:41:48	Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX1%2FLK7c9L4gCFyBaPZEkR5WbnUCckn4NAnRj%2FQA6J914PVt8czxPVNEim71eBTSNO3%2FrT0mDAnSS4Q%3D%3D
.typeform.com/	1970-01-20 20:41:48	Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX183Mk3tOesoXjGqWrnydRIAklPoWKs0GLo%3D
.typeform.com/	1970-01-20 20:41:48	Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX18sXm4bUW1PfvQwoz7kGvjeWm9e8QFU7jQ%3D
.typeform.com/	1970-01-20 20:41:48	Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX19uJZZWPwqUbl4LLgof9zXBS%2F6JCkYqlwE%3D
.typeform.com/	1970-01-20 20:41:48	Name: rl_page_init_referrer Value: RudderEncrypt%3AU2FsdGVkX19Pk5%2F3owP%2F28i%2BoiMDePepMT3aNYE8TZ0%3D
.typeform.com/	1970-01-20 20:41:48	Name: rl_page_init_referring_domain Value: RudderEncrypt%3AU2FsdGVkX19DqKwsoeTcz%2BGhNj2sSS4egZgohVkaN78%3D
cm.adsafety.net/	1970-01-20 20:41:48	Name: permanent Value: 1
.onaudience.com/	1970-01-20 11:57:38	Name: done_redirects104 Value: 1
.adnxs.com/	1970-01-20 14:05:48	Name: anj Value: dTM7k!M4/YDYRWSF']wIg2H`cs(V7+!@wnfH8K'URH[@>=D5/fQgx7e8>@]jG+J_cx$6BZ49r'5D8-@P)[Q]P)j.g(ZH8
t.visx.net/	1970-01-20 20:41:48	Name: tuuid Value: 3ff2fdee-eaf6-4881-b47b-6b5a6623d927
t.visx.net/	1970-01-20 20:41:48	Name: c Value: 1684572036
t.visx.net/	1970-01-20 20:41:48	Name: tuuid_lu Value: 1684572036
.agkn.com/	1970-01-20 20:41:48	Name: ab Value: 0001%3AZe6kOZuvN%2FZvoP5AJWd4CWNpaw%2Bfq3J%2B
t.visx.net/	1970-01-20 20:41:48	Name: um2 Value: !1,ca8fc418-a85c-4807-9499-5e2375982557,453822036
.onaudience.com/	1970-01-20 11:57:38	Name: done_redirects147 Value: 1
tags.adsafety.net/	1970-01-20 20:41:48	Name: UID Value: 2dbcc4e906a1da8073009307279b03d6
tags.adsafety.net/	1970-01-20 20:41:48	Name: DID Value: 2dbcc4e906a1da8073009307279b03d6
tags.adsafety.net/	1970-01-20 20:41:48	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 20:41:48	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 12:39:24	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 20:41:48	Name: ct_uid Value: 2dbcc4e906a1da8073009307279b03d6
.adsafety.net/	1970-01-20 20:41:48	Name: ct_did Value: 2dbcc4e906a1da8073009307279b03d6
.adsafety.net/	1970-01-20 20:41:48	Name: ct_idt Value: 100
.adfarm1.adition.com/	1970-01-20 14:05:48	Name: UserID1 Value: 7235181802389829772
.demdex.net/	1970-01-20 16:15:24	Name: demdex Value: 61696962936676845721679643413221280906
.mathtag.com/	1970-01-20 21:22:07	Name: uuid Value: 5e0c6468-8785-4000-94be-773cf4f04a57
.w55c.net/	1970-01-20 21:27:52	Name: wfivefivec Value: 8Xv15bGJ1Q0i8I5
.bluekai.com/	1970-01-20 16:21:09	Name: bku Value: aG/99/ucSsxo+bQK
.bluekai.com/	1970-01-20 16:21:09	Name: bkpa Value: KJy9/9e4d02pSUHknp1p1p90wtkAwEAT1MxTmexTBpANmE/01eR69yYmjy47
.dpm.demdex.net/	1970-01-20 16:15:24	Name: dpm Value: 61696962936676845721679643413221280906
.id5-sync.com/	1970-01-20 11:56:12	Name: cf Value:
.id5-sync.com/	1970-01-20 11:56:12	Name: cip Value:
.id5-sync.com/	1970-01-20 11:56:12	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:56:12	Name: car Value:
.id5-sync.com/	1970-01-20 11:56:12	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:56:12	Name: callback Value:
.w55c.net/	1970-01-20 12:39:24	Name: matchadform Value: 5
cm.adsafety.net/	1970-01-20 20:41:48	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaMHhOUG0vZDhtM25SeDk2ejVPUDMrVE9TTWJER2pWbmt0eGpqWFhneW9WTUtESCtyc3FPeGhtOFkwM205QXdCdVo1aTRkNnlXK0NBT3FTaUZtQmZVU0xVcEpLK2lCdVp1RG5qMFladDJLcjAxR1dOTW9OUjFqS0QrazhjYmpoYnh5eEtML2tzQWVpNHdQNHd1MnZBemtabzR2SCtpWnA5bU5TcFhWWlZoOTBjTlVubzBWb1k2SnZKMWpXa2Q1NXA3MjJEa1RPaWNNaGduQTVUdExhMnRjdk4wSmVJUE9NQXhiZTA4Z1l1bE53MXhMWnFUanN2QVp4WjhjaXRPWW5uVzVCNG50M3FmNGV0RllCOTF4S2NkaW1zamlYT09SVGNjUmVvbzBiVUx3czdWZmkvRDhjZ3dCU1RNM1hHaGpjT1M5N05DbEkxRzRqYnlYRFRob0NFK3NVRFJvNFduSGhQc1d5Tk1aNlFSQkx0TnE0cXc2Wms2Sy9yK3JHeGk5UVF0QmRXcm9jZnRQOThKd2YxdjNxU0NIOGsycFV1MDVIRmpkZTZVQ1J4VlYwOWlpcjE0RXNRYk5zWWxta1FYMU0xUy9hZ056eUJDSVVaOWF6Wkx1UDE3L3Myazl0STl2SkVCS1VvRDF3TENiN0ZBWWxIbXF2c095Q1M1UmdoTkVBNkhZTk1pallYYzR2TE52NVJIVUZhSEdseFRJc3RBTmpPK3E4aCtWZnVKblI5Nk01VUFadnFmQ0s2anRtUEQ3RUVNdUVKcDdROTNsNFdsSEtld1pVUHJkS0lQM0hEc3orR3JZR1dRRGQxNkZXRXJDN2FTdlJteFFQQ2txSUVwZUdxbThlWFNXd1VIMld5TVQvaXplL2k2b25vUDhrYitKL3pkRFNNMW1NM2JiaTR3K3ZWN2tlNVQrVjVoVENQUTdnUHhzVDV0NzU4Z3prVHBjOEMySVdieGlZT0F2NEtsbDcvamIvUFc2VDZWcnB2TEpoMXZzQzE2UUtXeDlnYnVIeThueHdqb2YxSUtkMmpZN1NmN1FXWUFPeERGVUIwbXN1MTh4K3BSc3NEd3d4UUlvSVI1aEZ6RFhmT0xMYWlGL2J6cHc9PQ%3D%3D
.weborama.fr/	1970-01-20 21:22:07	Name: AFFICHE_W Value: AGp2gtXB60sA34
.tapad.com/	1970-01-20 13:22:36	Name: TapAd_TS Value: 1684572036803
.tapad.com/	1970-01-20 13:22:36	Name: TapAd_DID Value: 123981c3-b639-4de4-85ec-3e2acf3ede68
.audrte.com/	1970-01-20 12:17:48	Name: arcki2 Value: 71ffMSH-6kUQDWMIzW4tm5F-w!20220908!1684572036753!ip#80.255.7.104
.audrte.com/	1970-01-20 12:17:48	Name: arcki2_adform Value: 98248848795922064!20220908!1684572036774
.tapad.com/	1970-01-20 13:22:36	Name: TapAd_3WAY_SYNCS Value:
.e-volution.ai/	1970-01-20 12:16:21	Name: v_usr Value: 9d0963f3-b5bf-43cc-9560-1e8295ec1231
.audrte.com/	1970-01-20 12:17:48	Name: arcki2_ddp2 Value: 71ffMSH-6kUQDWMIzW4tm5F-w!20220908!1684572036957
.typeform.com/	1970-01-20 20:41:48	Name: rl_session Value: RudderEncrypt%3AU2FsdGVkX1%2B2UwgVpDvxR0mm3hFwH1q9WsDT6tVllMb75t0kQnBk6zOizRC6yh8UMavfUiIMxlkmXUbDGzulM%2F3QO0Ijdq67wGkehNBudP1oyeYQ8LedPsbqVy5mPUCs2P3duxU64uGQTduFbEFU0A%3D%3D
.c.bing.com/	1970-01-20 12:06:16	Name: MR Value: 0
.c.bing.com/	1970-01-20 21:17:48	Name: SRM_B Value: 3A8C1B93CFF7601D289E0884CE5B61AE
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 21:17:48	Name: MUID Value: 3A8C1B93CFF7601D289E0884CE5B61AE
.c.clarity.ms/	1970-01-20 12:06:16	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 11:56:12	Name: ANONCHK Value: 0
wesleyfinancialgroup.typeform.com/	1970-01-20 11:56:12	Name: _dd_s Value: logs=1&id=0804c4dd-b1d6-46cb-a988-04becd8ec1d5&created=1684572035333&expire=1684572935334

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=98248848795922064 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=98248848795922064/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse Message: Access to XMLHttpRequest at 'https://personalization-wp-service.cluster.app-us1.com/personalize?trackId=609784226&visitorId=34f2bc06-ca65-43ef-b0eb-e0937dd3289f&url=https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse' from origin 'https://wesleyfinancialgroup.typeform.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://personalization-wp-service.cluster.app-us1.com/personalize?trackId=609784226&visitorId=34f2bc06-ca65-43ef-b0eb-e0937dd3289f&url=https://wesleyfinancialgroup.typeform.com/to/GtOxZlcR?utm_ad=DYKredhouse Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=98248848795922064 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
api.adrtx.net
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
c1.adform.net
cdn.matomo.cloud
cdn.rudderlabs.com
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
diffuser-cdn.app-us1.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
fb.wesleyfinancialgroup.com
font.typeform.com
global.ib-ibi.com
google.com
googleads.g.doubleclick.net
gtm.wesleyfinancialgroup.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
images.typeform.com
k.clarity.ms
load77.exelator.com
loada.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
personalization-wp-service.cluster.app-us1.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.digitaljungle.io
pm.w55c.net
prism.app-us1.com
ps.eyeota.net
redirect.frontend.weborama.fr
renderer-assets.typeform.com
rtb-csync.smartadserver.com
rudderstack-control-plane.cdp.prod.data.typeform.com
rudderstack.cdp.prod.data.typeform.com
s.ad.smaato.net
s.pinimg.com
s.yimg.com
s2.adform.net
s3-eu-west-1.amazonaws.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
static.ads-twitter.com
sync.1dmp.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.teads.tv
t.co
t.visx.net
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
tr.outbrain.com
trackcmp.net
uipglob.semasio.net
unpkg.com
ups.analytics.yahoo.com
wesleyfinancialgroup.typeform.com
wp-ui.app-us1.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
global.ib-ibi.com
images.typeform.com
personalization-wp-service.cluster.app-us1.com
104.111.217.42
104.18.22.9
104.244.42.195
104.244.42.197
109.206.161.21
139.162.141.41
141.94.170.64
142.250.185.66
146.75.116.157
151.101.192.84
162.19.138.117
18.119.134.201
18.185.190.24
18.194.255.212
18.200.176.212
184.86.251.89
185.167.164.39
185.64.189.110
185.80.39.216
185.86.138.151
185.89.210.244
193.135.9.124
2.18.233.201
20.96.88.162
2001:4860:4802:38::15
212.82.100.181
23.215.16.120
23.23.142.39
23.35.237.86
23.38.98.84
2600:9000:2057:4e00:9:b3c8:b180:93a1
2600:9000:20eb:4800:f:b1e1:8300:93a1
2600:9000:211e:b000:1b:5138:8a40:93a1
2600:9000:214f:3400:4:f6ce:61c0:93a1
2600:9000:214f:7000:16:a497:9700:93a1
2600:9000:214f:8600:8:2495:5540:93a1
2600:9000:223d:c400:c:7d55:b3c0:93a1
2606:4700:4400::ac40:9197
2606:4700::6810:7aaf
2606:4700::6811:915b
2606:4700::6811:925b
2620:1ec:4f:1::45
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:800::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:812::2003
2a00:1450:4001:82b::2004
2a02:6ea0:c700::19
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:8e::84
3.124.210.90
3.71.149.231
34.111.113.62
34.236.90.28
34.254.143.3
34.98.64.218
35.158.249.108
35.190.24.218
35.210.138.51
35.244.174.68
37.157.2.229
37.157.5.73
37.157.6.254
46.19.11.36
52.17.45.80
52.211.237.29
52.218.89.195
52.222.214.97
52.223.40.198
52.28.232.169
52.86.232.230
54.195.140.228
63.32.26.56
68.219.88.97
69.173.144.138
69.192.160.219
70.42.32.63
76.223.111.18
77.243.51.121
85.114.159.93
87.242.89.90
89.163.240.122
99.86.4.83
0656cff5640723c6bf720a918774f718f7f895d67195977f0c7d7d330f5bc3b5
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0de4635daf9e0d9fa50baafa25d06c05b2a0d5350b6bd01b3523b4a33f783574
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434
16f83a3888c2f9fca0cee0ea90d007b4dc624c608e9037dd068a71bdcc353e0c
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028
261ad6ea835383221584dd7fb5ba2c5456686876ba3a643b951138c320db7777
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e458548b79b6787b66b7f91afd065d243576054f9bb4f8435a0352ee73d83bc
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34004c8484e6adb792c9bb76b8804406f5d0dd0d5c74eb2950c5f6a7ebc8e0e3
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3c7f1515ef582d8c9730e046767d496baa2b27a6408245fa517e715a9409b538
3ccb902f19f885a9f1b65ff0a4a6418e26611b4f464b6295ea3b68e89fcb2075
401443194091a1e4ddbac0f265e50b025b8f2175536e3558bc16967ce64204ed
40b86fbb221a6db8ab1542facbef71a49d7f1861d4a37e87b2ed138ca1bc79d0
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4470f09758bd5bacde005dbe35d43094b6b7a5c411044bc0e7c8c0026fb05328
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7
4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c8d3905b5c13d0c0e32c412ae45710365b71b1c9931b9c4ed44596e557be9d9
5f5defbcd1cfabff3d73557cbbcaf0051f18bfbf5dc8b9be6f9587a7a7aea770
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
744e9ef33d1e46d31471b93056ac2cc82983846c68988b6a66e2c88cdca49a95
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86422b24d7aa0e0a8f88dc56948cfc5c21f961623d07025413c057eb68c1c35e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d2c4cbbbe60040a93036ff274f963363983cd0858668321167755d1a591584a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8f351a4f19c177005933374240a5fd074e0488b847462752b30dcd08b25a6fce
94616f7b7d9cbebbd3b4524b2963d86f132f1f57aa715b51ecabbe2b04132d23
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b867e058d6f57bbb47ab39ff2c00a2e07b5f27a2866d677a5dc35ef3762fe97
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a603139b3b85a956beb096a23eb80bad0a19c119df91b618122779fe16bbff91
a62387c9826311dd23b686c73af32a3922cbbb087222698947a74301414b87ba
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aeeb6db2bad8963464d81eeccf1152f1381bb87178990602af63ed98dc3a7503
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f
b441f99e5c7c2a8a69893b0cdaac010fa2520777527f1e06c234a80440266333
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c683a0b24c9732c0eaa4f0e9552d815dde7e4e5eea1270da99e81dd703c950dc
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
ca1f18a91a1f911d23498f38c331581730aa5f82d656e25717f582abf14437b3
cb87ad0e26c0a5a6bbe5b18dabb678081d2f8c5927e59c3792b058e2ff5ef391
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7bedc355b38f6b395598b2c226faa3f239810bc30b1da3a89908f969e6b0c5
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dddaef9ef6bd50030b8f79f637dac755f7e604cee392088b3a9bb5ff3ca3b20a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e98bc316106d0b5f0bb29378ae099aafbc17b3b3031ec1814f7f9af83a4114bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02efbdb587f7295480f9d062e83a09948386c5bf62a0ab488f9cc5847aa55bd
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

wesleyfinancialgroup.typeform.com Open in urlscan Pro 104.18.22.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

130 Requests

79 %HTTPS

28 %IPv6

69 Domains

92 Subdomains

71 IPs

11 Countries

1540 kBTransfer

4848 kBSize

116 Cookies

1 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wesleyfinancialgroup.typeform.com Open in urlscan Pro
104.18.22.9 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

79 %
HTTPS

28 %
IPv6

69
Domains

92
Subdomains

71
IPs

11
Countries

1540 kB
Transfer

4848 kB
Size

116
Cookies

130 HTTP transactions
1 data transactions