salvum-doplacamy.pl Open in urlscan Pro
46.101.147.16  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

• https://track.adform.net/Serving/TrackPoint/?pm=460984&ADFdivider=%7C&ord=223463577066&ADFtpmode=2&loc=https%3A%2F%2Fsalvum-doplacamy.pl%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
• https://track.adform.net/Serving/TrackPoint/?CC=1&pm=460984&ADFdivider=%7C&ord=223463577066&ADFtpmode=2&loc=https%3A%2F%2Fsalvum-doplacamy.pl%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 24

• https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5543539852908786291&Expiration=1705784242 HTTP 302
• https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5543539852908786291&Expiration=1705784242

Request Chain 28

• https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5543539852908786291&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
• https://c1.adform.net/serving/cookie/match?party=10&cid=6524452672064137653

Request Chain 30

• https://x.bidswitch.net/sync?dsp_id=70&user_id=5543539852908786291 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=5543539852908786291 HTTP 302
• https://usersync.gumgum.com/usersync?b=bsw&i=428185f0-8aac-4b46-ad35-3dc6d420b800&gdpr=&gdpr_consent=&us_privacy=

Request Chain 31

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5543539852908786291&expiration=1705784242 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5543539852908786291&expiration=1705784242&C=1

Request Chain 32

• https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5543539852908786291&sInitiator=external HTTP 302
• https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5543539852908786291&sInitiator=external

Request Chain 33

• https://ps.eyeota.net/match?uid=5543539852908786291&bid=9gdtmu1 HTTP 302
• https://ps.eyeota.net/match/bounce/?uid=5543539852908786291&bid=9gdtmu1

Request Chain 34

• https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5543539852908786291 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5543539852908786291&xl8blockcheck=1 HTTP 302
• https://load77.exelator.com/pixel.gif

Request Chain 35

• https://idsync.rlcdn.com/398366.gif?partner_uid=5543539852908786291 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNTU0MzUzOTg1MjkwODc4NjI5MRAAGg0Is_3mrAYSBQjoBxAAQgBKAA HTTP 307
• https://pippio.com/api/sync?pid=5324&it=1&iv=5001a8b3d139ea62211490141887cfbc20d2bc28f9823d6a828eab1e4aa4ea3f791426b5417dce21&_=2 HTTP 307
• https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5001a8b3d139ea62211490141887cfbc20d2bc28f9823d6a828eab1e4aa4ea3f791426b5417dce21&rand=07827367 HTTP 302
• https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5001a8b3d139ea62211490141887cfbc20d2bc28f9823d6a828eab1e4aa4ea3f791426b5417dce21&rand=07827367&expected_cookie=90a71fbf-de88-4d73-a5ec-ed1886c2ec3a

Request Chain 36

• https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5543539852908786291/gdpr=/gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5543539852908786291/gdpr=/gdpr_consent=

Request Chain 38

• https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5543539852908786291 HTTP 302
• https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5543539852908786291

Request Chain 39

• https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
• https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 41

• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTU0MzUzOTg1MjkwODc4NjI5MQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NTU0MzUzOTg1MjkwODc4NjI5MQ&google_tc= HTTP 302
• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIrXSMtwmdUNOf3DUqGSJC8&google_cver=1&google_ula=1641347,0

Request Chain 43

• https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
• https://c1.adform.net/serving/cookie/match?party=3&id=7203811296419731947&redirect=1 HTTP 302
• https://secure.adnxs.com/setuid?entity=91&code=5543539852908786291

Request Chain 46

• https://a.audrte.com/a?adform_uid=5543539852908786291 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aDI1aWZReFFuY09SdmlJLVItRFFKZklzZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
• https://a.audrte.com/p

Request Chain 47

• https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5543539852908786291&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5543539852908786291&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
• https://c1.adform.net/serving/cookie/match?party=1007&cid=53388004689639051551373498935596050273&noredirect=1

Request Chain 48

• https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5543539852908786291 HTTP 302
• https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214270604753007170750

Request Chain 49

• https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
• https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7321092345295075483

Request Chain 51

• https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
• https://c1.adform.net/serving/cookie/match?party=1084&cid=s3edNIlK1RmdJp5

Request Chain 52

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
• https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=926ad221-8432-4170-84f9-df0ce0ec18c1

Request Chain 53

• https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5543539852908786291 HTTP 302
• https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=5543539852908786291

Request Chain 54

• https://id5-sync.com/s/10/0.gif?puid=5543539852908786291 HTTP 302
• https://id5-sync.com/c/10/10/2/1.gif?puid=5543539852908786291&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
• https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
• https://id5-sync.com/c/10/2/1/2.gif?puid=7203811296419731947&gdpr=0&gdpr_consent= HTTP 302
• https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-de0ex6QyUT14tulK9puqlKf-TAAiIP4-hPSkCh7BPQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
• https://id5-sync.com/cq/10/124/0/3.gif?puid=6a1c80b0-2e9e-4a55-b032-29e6bcbf46e9&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Request Chain 55

• https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
• https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1022802381 HTTP 302
• https://dmp.adform.net/serving/cookie/match/?party=1145&cid=0DgK1YzYeoK8haqu8i3K.u

Request Chain 57

• https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=5543539852908786291 HTTP 302
• https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=6aa5298f17&gdpr=0&gdpr_consent=

Request Chain 60

• https://eb2.3lift.com/xuid?mid=7354&xuid=5543539852908786291&dongle=AD20 HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5543539852908786291&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response salvum-doplacamy.pl/	16 KB 5 KB	563ms 133ms	Document text/html	46.101.147.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://salvum-doplacamy.pl/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 46.101.147.16 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash b21e6815295e41ac22fca1f57ce1023372030ef9159d04b80f4de3dae5b5f92e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 06 Jan 2024 20:57:21 GMT server nginx vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	salvum.css salvum-doplacamy.pl/css/themes/	155 KB 19 KB	236ms 235ms	Stylesheet text/css	46.101.147.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://salvum-doplacamy.pl/css/themes/salvum.css?id=8c935377edc2d79fff33 Requested by Host: salvum-doplacamy.pl URL: https://salvum-doplacamy.pl/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 46.101.147.16 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 790f10291a88af36bcb2c8a6053615195984003d430fb879085796defde6ac79 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:21 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 12 Nov 2019 08:33:20 GMT server nginx etag W/"5dca6e50-26afd" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css x-xss-protection 1; mode=block
GET H2	200	js Show response www.googletagmanager.com/gtag/	189 KB 68 KB	126ms 58ms	Script application/javascript	2607:f8b0:4004:c09::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-115745257-8 Requested by Host: salvum-doplacamy.pl URL: https://salvum-doplacamy.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bf3ac77b991713efc9e35a26e9205a4c157297b7c4962e06f6f442af33749970 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 69700 x-xss-protection 0 last-modified Sat, 06 Jan 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 06 Jan 2024 20:57:21 GMT
GET H2	200	salvum-odszkodowania.png salvum-doplacamy.pl/img/brand/	14 KB 14 KB	237ms 237ms	Image image/png	46.101.147.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://salvum-doplacamy.pl/img/brand/salvum-odszkodowania.png Requested by Host: salvum-doplacamy.pl URL: https://salvum-doplacamy.pl/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 46.101.147.16 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash e5ef0b521f1eb2598f5eaa725c070efd2a9c2d710fd3f50b3a5810c6f78a39b5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:21 GMT x-content-type-options nosniff last-modified Mon, 15 Apr 2019 10:19:48 GMT server nginx etag "5cb45ac4-3708" x-frame-options SAMEORIGIN content-type image/png accept-ranges bytes content-length 14088 x-xss-protection 1; mode=block
GET H2	200	hero.png salvum-doplacamy.pl/themes/salvum/img/misc/	112 KB 112 KB	351ms 350ms	Image image/png	46.101.147.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://salvum-doplacamy.pl/themes/salvum/img/misc/hero.png Requested by Host: salvum-doplacamy.pl URL: https://salvum-doplacamy.pl/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 46.101.147.16 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 3dc42dda98490dd18e817c16afb7b2e4180e7b421080509aa8036980afe5936d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:21 GMT x-content-type-options nosniff last-modified Mon, 06 Aug 2018 08:30:27 GMT server nginx etag "5b680723-1bf07" x-frame-options SAMEORIGIN content-type image/png accept-ranges bytes content-length 114439 x-xss-protection 1; mode=block
GET H2	200	app.js Show response salvum-doplacamy.pl/js/	221 KB 77 KB	229ms 228ms	Script application/javascript	46.101.147.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://salvum-doplacamy.pl/js/app.js?id=a1ce6f88c182164c1ef4 Requested by Host: salvum-doplacamy.pl URL: https://salvum-doplacamy.pl/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 46.101.147.16 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash e3f1da11af416935ad08f1eb97851039a75cf505a13b622783876f68395f01fa Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:21 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 30 May 2022 06:25:28 GMT server nginx etag W/"62946358-3742a" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 x-xss-protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	4 KB 1 KB	109ms 43ms	Stylesheet text/css	2607:f8b0:4004:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito+Sans:400,700&subset=latin-ext Requested by Host: salvum-doplacamy.pl URL: https://salvum-doplacamy.pl/css/themes/salvum.css?id=8c935377edc2d79fff33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 560765f617b08e3dde63671ed98ad64412d412e24754a266a7fdb8c467835193 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 06 Jan 2024 20:57:21 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 06 Jan 2024 20:57:21 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 06 Jan 2024 20:57:21 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	239 KB 83 KB	60ms 58ms	Script application/javascript	2607:f8b0:4004:c09::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-EG4CEGWXW9&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-115745257-8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2c7b663b5a7382792dc629ea9f89b5d6ba0b7d5668d04fd90e9ee66e15411a55 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:22 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 84551 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 06 Jan 2024 20:57:22 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	100ms 35ms	Script text/javascript	2607:f8b0:4004:c06::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-115745257-8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 06 Jan 2024 19:18:44 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 5918 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 06 Jan 2024 21:18:44 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	106ms 33ms	Script application/x-javascript	2a03:2880:f003:c0e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: salvum-doplacamy.pl URL: https://salvum-doplacamy.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 06 Jan 2024 20:57:22 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54372 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug 51anUztMN+BUWXT0UW7rWwlSsmFXQwZRsA66mtYO4g7R2oYNRaUMGQImy3aJijyHNWya57vtfs5lGi+dcPuK3A== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	trackpoint-async.js Show response s2.adform.net/banners/scripts/st/	81 KB 31 KB	120ms 34ms	Script application/javascript	185.167.164.45 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s2.adform.net/banners/scripts/st/trackpoint-async.js Requested by Host: salvum-doplacamy.pl URL: https://salvum-doplacamy.pl/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459 Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:22 GMT content-encoding gzip last-modified Tue, 23 May 2023 09:56:34 GMT server nginx x-amz-request-id tx000002c3f35d322d138ac-00646c8ee1-32950a49-default etag W/"f937ab3eef01c118930b200e5087d00d" x-cache-status HIT, HIT, HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-rgw-object-type Normal cache-control public, max-age=604800
GET H2	200	header.jpg salvum-doplacamy.pl/themes/salvum/img/misc/	155 KB 155 KB	214ms 213ms	Image image/jpeg	46.101.147.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://salvum-doplacamy.pl/themes/salvum/img/misc/header.jpg Requested by Host: salvum-doplacamy.pl URL: https://salvum-doplacamy.pl/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 46.101.147.16 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 8178ac89e122733f1d589ea6ab56dcd04d30e393f8f591e7bef926be29138371 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:22 GMT x-content-type-options nosniff last-modified Mon, 06 Aug 2018 08:30:27 GMT server nginx etag "5b680723-26b40" x-frame-options SAMEORIGIN content-type image/jpeg accept-ranges bytes content-length 158528 x-xss-protection 1; mode=block
GET H2	200	pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2 fonts.gstatic.com/s/nunitosans/v15/	30 KB 31 KB	100ms 34ms	Font font/woff2	2607:f8b0:4004:c06::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,700&subset=latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://salvum-doplacamy.pl accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:34:12 GMT x-content-type-options nosniff age 1390 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31052 x-xss-protection 0 last-modified Thu, 27 Apr 2023 00:27:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 05 Jan 2025 20:34:12 GMT
GET H2	200	pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t7R-tCKQ.woff2 fonts.gstatic.com/s/nunitosans/v15/	27 KB 27 KB	129ms 67ms	Font font/woff2	2607:f8b0:4004:c06::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t7R-tCKQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,700&subset=latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c1dbb40c462897a6e1deba145143a9bb0d84c27afc6029b4f83740349d9d1238 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://salvum-doplacamy.pl accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 01:49:27 GMT x-content-type-options nosniff age 414475 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27216 x-xss-protection 0 last-modified Thu, 27 Apr 2023 00:53:34 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 01 Jan 2025 01:49:27 GMT
POST H2	204	collect analytics.google.com/g/	0 248 B	108ms 39ms	Ping text/plain	2607:f8b0:4004:c09::64 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-EG4CEGWXW9&gtm=45je4130v9136831976&_p=1704574641989&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=880663607.1704574642&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1704574642&sct=1&seg=0&dl=https%3A%2F%2Fsalvum-doplacamy.pl%2F&dt=Szybkie%20dop%C5%82aty%20do%20zani%C5%BConych%20odszkodowa%C5%84&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1119 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-EG4CEGWXW9&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:22 GMT server Golfe2 content-type text/plain access-control-allow-origin https://salvum-doplacamy.pl cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 257 B	106ms 39ms	Ping text/plain	2607:f8b0:4004:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EG4CEGWXW9&cid=880663607.1704574642&gtm=45je4130v9136831976&aip=1&dma=0&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-EG4CEGWXW9&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:22 GMT server Golfe2 content-type text/plain access-control-allow-origin https://salvum-doplacamy.pl cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 210 B	40ms 39ms	XHR text/plain	2607:f8b0:4004:c06::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1626802087&t=pageview&_s=1&dl=https%3A%2F%2Fsalvum-doplacamy.pl%2F&ul=en-us&de=UTF-8&dt=Szybkie%20dop%C5%82aty%20do%20zani%C5%BConych%20odszkodowa%C5%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1164890582&gjid=1411882979&cid=880663607.1704574642&tid=UA-115745257-8&_gid=1249498310.1704574642&_r=1&gtm=457e4130&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1808791930 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://salvum-doplacamy.pl/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:22 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://salvum-doplacamy.pl cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	162836189031815 Show response connect.facebook.net/signals/config/	131 KB 34 KB	129ms 129ms	Script application/x-javascript	2a03:2880:f003:c0e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/162836189031815?v=2.9.139&r=stable&domain=salvum-doplacamy.pl Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 08d5bf603e1221721ec2ff1e4cc3dbe21bd73f0c599d4a69c52344a22c855851 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 06 Jan 2024 20:57:22 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug OL7LgpbCF5XFMxcX/0vOgvqLd12U8Pe9eH3kxhhQmkR9/Scld3E7Gt/p+0x9RE9lx/EyF3xhD69+gSMcDv1AoA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response track.adform.net/Serving/TrackPoint/ Redirect Chain https://track.adform.net/Serving/TrackPoint/?pm=460984&ADFdivider=%7C&ord=223463577066&ADFtpmode=2&loc=https%3A%2F%2Fsalvum-doplacamy.pl%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 https://track.adform.net/Serving/TrackPoint/?CC=1&pm=460984&ADFdivider=%7C&ord=223463577066&ADFtpmode=2&loc=https%3A%2F%2Fsalvum-doplacamy.pl%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24	845 B 1 KB	118ms 118ms	Script text/javascript	37.157.2.229 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/Serving/TrackPoint/?CC=1&pm=460984&ADFdivider=%7C&ord=223463577066&ADFtpmode=2&loc=https%3A%2F%2Fsalvum-doplacamy.pl%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 Requested by Host: salvum-doplacamy.pl URL: https://salvum-doplacamy.pl/ Protocol H2 Server 37.157.2.229 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash de03a12cb2164e4c1c1cdc474a5a79d53a624f2f14a42ef81bb6bf6bde845b68 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:22 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform content-length 686 expires -1 Redirect headers pragma no-cache date Sat, 06 Jan 2024 20:57:22 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version content-type text/html; charset=utf-8 location https://track.adform.net/Serving/TrackPoint/?CC=1&pm=460984&ADFdivider=%7C&ord=223463577066&ADFtpmode=2&loc=https%3A%2F%2Fsalvum-doplacamy.pl%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform expires -1
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 149 B	40ms 39ms	XHR text/plain	2607:f8b0:4004:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-115745257-8&cid=880663607.1704574642&jid=1164890582&gjid=1411882979&_gid=1249498310.1704574642&_u=YADAAUAAAAAAACAAI~&z=1199507628 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://salvum-doplacamy.pl/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 06 Jan 2024 20:57:22 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://salvum-doplacamy.pl cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	107ms 42ms	Image image/gif	2607:f8b0:4004:c17::68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-115745257-8&cid=880663607.1704574642&jid=1164890582&_u=YADAAUAAAAAAACAAI~&z=82933295 Requested by Host: salvum-doplacamy.pl URL: https://salvum-doplacamy.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::68 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:22 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	108ms 33ms	Image text/plain	2a03:2880:f103:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=162836189031815&ev=PageView&dl=https%3A%2F%2Fsalvum-doplacamy.pl%2F&rl=&if=false&ts=1704574642457&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704574642454.877851184&ler=empty&it=1704574642287&coo=false&rqm=GET Requested by Host: salvum-doplacamy.pl URL: https://salvum-doplacamy.pl/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 06 Jan 2024 20:57:22 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	pixels Show response c1.adform.net/imatch/ Frame 923E	4 KB 2 KB	111ms 35ms	Document text/html	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Full URL https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Requested by Host: track.adform.net URL: https://track.adform.net/Serving/TrackPoint/?pm=460984&ADFdivider=%7C&ord=223463577066&ADFtpmode=2&loc=https%3A%2F%2Fsalvum-doplacamy.pl%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash dd62388d95d5edad64f27bdfeb625ed3e59493baad41ca0562ad38c19e31bccf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://salvum-doplacamy.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 06 Jan 2024 20:57:22 GMT expires -1 pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
GET H2	200	/ server.seadform.net/serving/cookie/sync/	35 B 467 B	372ms 114ms	Image image/gif	37.157.3.20 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://server.seadform.net/serving/cookie/sync/?uid=5543539852908786291&stamp=YHDRWj0l_NYDvP-67D9Y4w2 Requested by Host: salvum-doplacamy.pl URL: https://salvum-doplacamy.pl/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://salvum-doplacamy.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:23 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * content-type image/gif cache-control private
GET H2	200	plf c1.adform.net/imatch/ Frame 923E	0 384 B	35ms 34ms	Image text/plain	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/imatch/plf?name=plff Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:22 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
GET H2	200	match ad.360yield.com/ul_cb/ Frame 923E Redirect Chain https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5543539852908786291&Expiration=1705784242 https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5543539852908786291&Expiration=1705784242	43 B 423 B	45ms 44ms	Image image/gif	3.212.106.63 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5543539852908786291&Expiration=1705784242 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 3.212.106.63 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-212-106-63.compute-1.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers access-control-allow-origin * date Sat, 06 Jan 2024 20:57:23 GMT content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers location https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5543539852908786291&Expiration=1705784242 access-control-allow-origin * date Sat, 06 Jan 2024 20:57:23 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H/1.1	204 No Content	m ad.yieldlab.net/ Frame 923E	0 400 B	217ms 136ms	Image text/plain	23.221.240.124 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ad.yieldlab.net/m?dt_id=4879&ext_id=5543539852908786291 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.221.240.124 Ashburn, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-221-240-124.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Pragma no-cache Date Sat, 06 Jan 2024 20:57:23 GMT Cache-Control no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0 Connection keep-alive Expires Fri, 05 Jan 2024 20:57:23 GMT
GET H/1.1	204 No Content	token token.rubiconproject.com/ Frame 923E	0 661 B	132ms 36ms	Image text/plain	8.43.72.97 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/token?pid=5232&puid=5543539852908786291 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Expires 0 Pragma no-cache Cache-Control no-cache,no-store,must-revalidate X-RPHost 86c92d2fca135435ceca5cadd19355a6 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	tpui ih.adscale.de/adscale-ih/ Frame 923E	0 38 B	356ms 115ms	Image text/plain	18.157.213.115 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5543539852908786291&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.157.213.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-157-213-115.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:23 GMT content-length 0
GET H2	200	match c1.adform.net/serving/cookie/ Frame 923E Redirect Chain https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5543539852908786291&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID https://c1.adform.net/serving/cookie/match?party=10&cid=6524452672064137653	35 B 600 B	35ms 34ms	Image image/gif	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/serving/cookie/match?party=10&cid=6524452672064137653 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers location https://c1.adform.net/serving/cookie/match?party=10&cid=6524452672064137653 pragma no-cache date Sat, 06 Jan 2024 20:57:22 GMT cache-control no-cache,no-store content-length 0 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET H/1.1	200	user-registering ads.stickyadstv.com/ Frame 923E	43 B 639 B	201ms 35ms	Image image/gif	63.251.28.234 FREEWHEEL
General Check archive.org Show headers Download Go to Show image Full URL https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=5543539852908786291 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Pragma no-cache Date Sat, 06 Jan 2024 20:57:23 GMT Server nginx Transfer-Encoding chunked Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive x-sticky-vk 1704574643088028-315
GET H/1.1	200	usersync usersync.gumgum.com/ Frame 923E Redirect Chain https://x.bidswitch.net/sync?dsp_id=70&user_id=5543539852908786291 https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=5543539852908786291 https://usersync.gumgum.com/usersync?b=bsw&i=428185f0-8aac-4b46-ad35-3dc6d420b800&gdpr=&gdpr_consent=&us_privacy=	35 B 250 B	126ms 41ms	Image image/gif	35.172.99.217 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://usersync.gumgum.com/usersync?b=bsw&i=428185f0-8aac-4b46-ad35-3dc6d420b800&gdpr=&gdpr_consent=&us_privacy= Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol HTTP/1.1 Server 35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-99-217.compute-1.amazonaws.com Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Date Sat, 06 Jan 2024 20:57:23 GMT Cache-Control private, no-store, must-revalidate, max-age=0 Connection keep-alive Content-Length 35 Expires 0 Redirect headers Location //usersync.gumgum.com/usersync?b=bsw&i=428185f0-8aac-4b46-ad35-3dc6d420b800&gdpr=&gdpr_consent=&us_privacy= Date Sat, 06 Jan 2024 20:57:23 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 923E Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5543539852908786291&expiration=1705784242 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5543539852908786291&expiration=1705784242&C=1	43 B 629 B	54ms 53ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5543539852908786291&expiration=1705784242&C=1 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0B%2BlvpV%2FpgD0DJPztAx2913YRL%2F36Ri2K%2FcJ5BF%2FfejF558YF9b36aovnPUojtBzDFflvx0LZSA4Ly4tpdMA7UED3wRFg4IcygEws0JpURbnZiXqiLlfAkIqKzU35F9Kz28Bu6Sk9DYqdw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8416df7ef995a226-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4lDAVKEdXoMacaytPPTWXBFKXLtMxxxLdD8jrPEw8d8zO4wkeYg8y%2FaipvFQAUZ1GwpEeWFCvbcNRDPcs%2BULDf95MTmCqVrpPbvUHrHXhYGHJZCYssZKrPhhaIww3gDrkl%2FZgAsC3Y7Rw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=111&external_user_id=5543539852908786291&expiration=1705784242&C=1 cache-control no-cache cf-ray 8416df7e9914a226-YYZ alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H/1.1	200 OK	info2 uipglob.semasio.net/adform/1/ Frame 923E Redirect Chain https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5543539852908786291&sInitiator=external https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5543539852908786291&sInitiator=external	42 B 602 B	36ms 36ms	Image image/gif	50.57.31.206 RACKSPACE
General Check archive.org Show headers Download Go to Show image Full URL https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5543539852908786291&sInitiator=external Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol HTTP/1.1 Server 50.57.31.206 , United States, ASN19994 (RACKSPACE, US), Reverse DNS Software / Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Pragma no-cache Date Sat, 06 Jan 2024 20:57:23 GMT Frontend-ID 0 P3P policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT" Content-Type image/gif UIP-Response-Status Ok Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Access-Control-Allow-Origin * Content-Length 42 Routing-Server-ID -1 Expires Sat, 01 Jan 2011 12:00:00 GMT Redirect headers Pragma no-cache Date Sat, 06 Jan 2024 20:57:23 GMT Frontend-ID 8 P3P policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT" Location /adform/1/info2?sType=sync&sExtCookieId=5543539852908786291&sInitiator=external UIP-Response-Status Ok Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Access-Control-Allow-Origin * Connection Keep-Alive Content-Length 0 Routing-Server-ID -1 Expires Sat, 01 Jan 2011 12:00:00 GMT
GET H/1.1	200 OK	/ ps.eyeota.net/match/bounce/ Frame 923E Redirect Chain https://ps.eyeota.net/match?uid=5543539852908786291&bid=9gdtmu1 https://ps.eyeota.net/match/bounce/?uid=5543539852908786291&bid=9gdtmu1	70 B 440 B	39ms 39ms	Image image/gif	3.232.64.79 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match/bounce/?uid=5543539852908786291&bid=9gdtmu1 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol HTTP/1.1 Server 3.232.64.79 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-64-79.compute-1.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Content-Type image/gif Date Sat, 06 Jan 2024 20:57:23 GMT Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location /match/bounce/?uid=5543539852908786291&bid=9gdtmu1 Date Sat, 06 Jan 2024 20:57:23 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H2	200	pixel.gif load77.exelator.com/ Frame 923E Redirect Chain https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5543539852908786291 https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5543539852908786291&xl8blockcheck=1 https://load77.exelator.com/pixel.gif	43 B 464 B	188ms 30ms	Image image/gif	2a02:6ea0:e200::2 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://load77.exelator.com/pixel.gif Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers x-77-pop ashburnUSVA date Sat, 06 Jan 2024 20:57:23 GMT x-age-lb 597771 x-amz-request-id tx00000e7d951a0399a3833-0065909fa7-5134150-nyc x-77-cache HIT x-accel-date 1703976872 content-length 43 x-77-nzt AyUTzgQ3Nzf/Cx8JAJySO+I3Nzexz9PUZtu8rQA x-accel-expires @1705013672 x-77-age 597771 x-cache-lb HIT last-modified Sat, 30 Dec 2023 22:32:08 GMT server CDN77-Turbo etag "fc94fb0c3ed8a8f909dbc7630a0987ff" x-77-nzt-ray 8e305f1c26e7e856b3be99651cd57b19 content-type image/gif x-rgw-object-type Normal accept-ranges bytes Redirect headers date Sat, 06 Jan 2024 20:57:23 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://load77.exelator.com/pixel.gif content-type image/gif cache-control no-cache access-control-allow-credentials true content-length 0
GET H2	200	db_sync px.ads.linkedin.com/ Frame 923E Redirect Chain https://idsync.rlcdn.com/398366.gif?partner_uid=5543539852908786291 https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNTU0MzUzOTg1MjkwODc4NjI5MRAAGg0Is_3mrAYSBQjoBxAAQgBKAA https://pippio.com/api/sync?pid=5324&it=1&iv=5001a8b3d139ea62211490141887cfbc20d2bc28f9823d6a828eab1e4aa4ea3f791426b5417dce21&_=2 https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5001a8b3d139ea62211490141887cfbc20d2bc28f9823d6a828eab1e4aa4ea3f791426b5417dce21&rand=07827367 https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5001a8b3d139ea62211490141887cfbc20d2bc28f9823d6a828eab1e4aa4ea3f791426b5417dce21&rand=07827367&expected_cookie=90a71fbf-de88-4d73-a5ec-ed1886c2ec3a	0 144 B	102ms 101ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5001a8b3d139ea62211490141887cfbc20d2bc28f9823d6a828eab1e4aa4ea3f791426b5417dce21&rand=07827367&expected_cookie=90a71fbf-de88-4d73-a5ec-ed1886c2ec3a Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:23 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 3CE378B5D9094E3C9C3742B807C925DD Ref B: EWR311000104051 Ref C: 2024-01-06T20:57:23Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYOTTYhEpOeZr5AgN3yjQ== Redirect headers date Sat, 06 Jan 2024 20:57:22 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: A8609EF912894C4EA794AD9F14C5DAAE Ref B: EWR311000104051 Ref C: 2024-01-06T20:57:23Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location /db_sync?pid=10339&puuid=5001a8b3d139ea62211490141887cfbc20d2bc28f9823d6a828eab1e4aa4ea3f791426b5417dce21&rand=07827367&expected_cookie=90a71fbf-de88-4d73-a5ec-ed1886c2ec3a x-li-proto http/2 content-length 0 x-li-uuid AAYOTTYe+/lixOseCHGRKQ==
GET H2	200	gdpr_consent= sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5543539852908786291/gdpr=/ Frame 923E Redirect Chain https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5543539852908786291/gdpr=/gdpr_consent= https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5543539852908786291/gdpr=/gdpr_consent=	49 B 544 B	51ms 51ms	Image image/gif	52.72.21.140 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5543539852908786291/gdpr=/gdpr_consent= Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 52.72.21.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-72-21-140.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.55.151 content-length 49 expires 0 Redirect headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5543539852908786291/gdpr=/gdpr_consent= cache-control no-cache x-server 10.40.8.121 content-length 0 expires 0
GET H2	200	29729 tags.bluekai.com/site/ Frame 923E	62 B 431 B	444ms 103ms	Image image/gif	23.197.109.53 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/29729?id=5543539852908786291 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.197.109.53 Ashburn, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-197-109-53.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Sat, 06 Jan 2024 20:57:23 GMT content-length 62 content-type image/gif
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 923E Redirect Chain https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5543539852908786291 https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5543539852908786291	43 B 171 B	48ms 47ms	Image image/gif	35.244.159.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5543539852908786291 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5543539852908786291 date Sat, 06 Jan 2024 20:57:23 GMT via 1.1 google server OXGW/0.0.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H/1.1	200 OK	pixel.gif s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 923E Redirect Chain https://api.adrtx.net/thirdparty/click?p=adfo https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif	35 B 390 B	339ms 114ms	Image image/gif	52.218.120.200 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol HTTP/1.1 Server 52.218.120.200 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1.amazonaws.com Software AmazonS3 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Sat, 06 Jan 2024 20:57:24 GMT Last-Modified Thu, 29 Oct 2015 16:41:57 GMT Server AmazonS3 x-amz-request-id RBKK8P4NZ3ZWV7YA ETag "c2196de8ba412c60c22ab491af7b1409" Content-Type image/gif Accept-Ranges bytes Content-Length 35 x-amz-id-2 8B2jYcHPI9GNYg8xJVhcohUxDtX8E4V1i7s6l2Qf72Xh8n1s0/p06gkEiPPXusbfzzTI7g18Xl8= Redirect headers X-Error-Reason Missing UserId Date Sat, 06 Jan 2024 20:57:22 GMT Server akka-http/10.2.10 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Location https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif Content-Type text/html; charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 137
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 923E	0 338 B	185ms 40ms	Image text/plain	3.216.169.142 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=5543539852908786291 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.216.169.142 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-216-169-142.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers x-served-by beacon-n023-ash-prod.krxd.net date Sat, 06 Jan 2024 20:57:23 GMT cache-control private, no-cache, no-store x-request-time D=36 t=1704574643 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	/ c1.adform.net/serving/cookie/match/ Frame 923E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTU0MzUzOTg1MjkwODc4NjI5MQ https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NTU0MzUzOTg1MjkwODc4NjI5MQ&google_tc= https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIrXSMtwmdUNOf3DUqGSJC8&google_cver=1&google_ula=1641347,0	35 B 591 B	35ms 35ms	Image image/gif	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIrXSMtwmdUNOf3DUqGSJC8&google_cver=1&google_ula=1641347,0 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIrXSMtwmdUNOf3DUqGSJC8&google_cver=1&google_ula=1641347,0 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 334 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	plf c1.adform.net/imatch/ Frame 923E	0 384 B	39ms 33ms	Image text/plain	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/imatch/plf?name=plfm Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:22 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
GET H2	200	setuid secure.adnxs.com/ Frame 923E Redirect Chain https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 https://c1.adform.net/serving/cookie/match?party=3&id=7203811296419731947&redirect=1 https://secure.adnxs.com/setuid?entity=91&code=5543539852908786291	43 B 999 B	37ms 36ms	Image image/gif	68.67.179.164 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/setuid?entity=91&code=5543539852908786291 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT an-x-request-uuid 96bab848-e09e-42c0-9f8a-b9a174d3656d server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 96.9.249.35; 96.9.249.35; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://secure.adnxs.com/setuid?entity=91&code=5543539852908786291 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 923E	42 B 473 B	90ms 28ms	Image image/gif	162.248.18.37 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5543539852908786291 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Sat, 06 Jan 2024 20:57:23 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H/1.1	200 OK	cs pdw-adf.userreport.com/ Frame 923E	43 B 444 B	121ms 33ms	Image image/gif	18.160.10.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pdw-adf.userreport.com/cs Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.160.10.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-10-100.iad12.r.cloudfront.net Software nginx/1.22.0 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Sat, 06 Jan 2024 10:04:20 GMT Via 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront) Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx/1.22.0 X-Amz-Cf-Pop IAD12-P3 Age 39183 X-Cache Hit from cloudfront Content-Type image/gif Connection keep-alive Content-Length 43 X-Amz-Cf-Id H0z9e9B5HnurlNFhnUdKn0T3Ga6uzSpKvHYKNIMwodh7V4YWSEp1gQ==
GET H/1.1	200	p a.audrte.com/ Frame 923E Redirect Chain https://a.audrte.com/a?adform_uid=5543539852908786291 https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aDI1aWZReFFuY09SdmlJLVItRFFKZklzZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL... https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= https://a.audrte.com/p	68 B 424 B	108ms 108ms	Image image/png	34.243.165.208 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://a.audrte.com/p Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol HTTP/1.1 Server 34.243.165.208 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-243-165-208.eu-west-1.compute.amazonaws.com Software nginx/1.22.1 / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Sat, 06 Jan 2024 20:57:24 GMT Server nginx/1.22.1 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Connection keep-alive Content-Length 68 Redirect headers Date Sat, 06 Jan 2024 20:57:23 GMT Server nginx/1.22.1 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Access-Control-Allow-Origin * Location https://a.audrte.com:443/p Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H2	200	match c1.adform.net/serving/cookie/ Frame 923E Redirect Chain https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5543539852908786291&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5543539852908786291&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire... https://c1.adform.net/serving/cookie/match?party=1007&cid=53388004689639051551373498935596050273&noredirect=1	35 B 600 B	36ms 35ms	Image image/gif	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/serving/cookie/match?party=1007&cid=53388004689639051551373498935596050273&noredirect=1 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers dcs dcs-prod-va6-2-v053-0bd4383af.edge-va6.demdex.com 5 ms pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid E2Wf40BSSnE= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://c1.adform.net/serving/cookie/match?party=1007&cid=53388004689639051551373498935596050273&noredirect=1 cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	/ dmp.adform.net/serving/cookie/match/ Frame 923E Redirect Chain https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5543539852908786291 https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214270604753007170750	35 B 600 B	154ms 34ms	Image image/gif	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214270604753007170750 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT via 1.1 5f3758e5ae00fa64427cf258109c7a90.cloudfront.net (CloudFront) server AAWebServer x-amz-cf-pop YUL62-P1 access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" location https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214270604753007170750 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate x-cache Miss from cloudfront access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type x-amz-cf-id icW0nBrgXqBQm3msHjteM5L-1hBCFuqDNmA6XEZ3bIuEzOmg2NgEQw== expires 0
GET H2	200	/ dmp.adform.net/serving/cookie/match/ Frame 923E Redirect Chain https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7321092345295075483	35 B 600 B	35ms 34ms	Image image/gif	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7321092345295075483 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers Location https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7321092345295075483 Date Sat, 06 Jan 2024 20:57:23 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H2	200	33302 tags.bluekai.com/site/ Frame 923E	62 B 430 B	177ms 176ms	Image image/gif	23.197.109.53 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/33302?id=5543539852908786291 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.197.109.53 Ashburn, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-197-109-53.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Sat, 06 Jan 2024 20:57:23 GMT content-length 62 content-type image/gif
GET H2	200	match c1.adform.net/serving/cookie/ Frame 923E Redirect Chain https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ https://c1.adform.net/serving/cookie/match?party=1084&cid=s3edNIlK1RmdJp5	35 B 600 B	34ms 34ms	Image image/gif	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/serving/cookie/match?party=1084&cid=s3edNIlK1RmdJp5 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers Pragma no-cache Date Sat, 06 Jan 2024 20:57:23 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-075c2ed310ac109cf@us-east-1d@dxedge-app-us-east-1-prod-asg Location https://c1.adform.net/serving/cookie/match?party=1084&cid=s3edNIlK1RmdJp5 Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ dmp.adform.net/serving/cookie/match/ Frame 923E Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=926ad221-8432-4170-84f9-df0ce0ec18c1	35 B 591 B	110ms 34ms	Image image/gif	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=926ad221-8432-4170-84f9-df0ce0ec18c1 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers location https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=926ad221-8432-4170-84f9-df0ce0ec18c1 date Sat, 06 Jan 2024 20:57:23 GMT server Kestrel content-length 225
GET H/1.1	200 OK	image.sbmx ib.mookie1.com/ Frame 923E Redirect Chain https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5543539852908786291 https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=5543539852908786291	0 421 B	377ms 80ms	Image image/png	64.58.232.177 ASN-FLEXENTIAL
General Check archive.org Show headers Download Go to Show image Full URL https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=5543539852908786291 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol HTTP/1.1 Server 64.58.232.177 , United States, ASN13649 (ASN-FLEXENTIAL, US), Reverse DNS be31-199.crrt01.las04.flexential.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Pragma no-cache Date Sat, 06 Jan 2024 20:57:24 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/png Access-Control-Allow-Origin * p3p CP="DSP COR ADM DEV PSA PSD OUR" Cache-Control no-cache X-Server LAS15 Content-Length 0 Expires -1 Redirect headers Date Sat, 06 Jan 2024 20:57:23 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type text/html; charset=utf-8 Location https://ib.mookie1.com:443/image.sbmx?go=302927&pid=567&xid=5543539852908786291 Access-Control-Allow-Origin * p3p CP="DSP COR ADM DEV PSA PSD OUR" Cache-Control private X-Server LAS11 Content-Length 204
GET H2	200	3.gif id5-sync.com/cq/10/124/0/ Frame 923E Redirect Chain https://id5-sync.com/s/10/0.gif?puid=5543539852908786291 https://id5-sync.com/c/10/10/2/1.gif?puid=5543539852908786291&gdpr=0&gdpr_consent=&us_privacy= https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= https://id5-sync.com/c/10/2/1/2.gif?puid=7203811296419731947&gdpr=0&gdpr_consent= https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-de0ex6QyUT14tulK9puqlKf-TAAiIP4-hPSkCh7BPQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%... https://id5-sync.com/cq/10/124/0/3.gif?puid=6a1c80b0-2e9e-4a55-b032-29e6bcbf46e9&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=	43 B 1 KB	115ms 115ms	Image image/gif	162.19.138.119 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/cq/10/124/0/3.gif?puid=6a1c80b0-2e9e-4a55-b032-29e6bcbf46e9&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533570.ip-162-19-138.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Sat, 06 Jan 2024 20:57:23 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers p3p CP="CAO PSA OUR" Redirect headers location https://id5-sync.com/cq/10/124/0/3.gif?puid=6a1c80b0-2e9e-4a55-b032-29e6bcbf46e9&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= access-control-allow-origin * date Sat, 06 Jan 2024 20:57:24 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	/ dmp.adform.net/serving/cookie/match/ Frame 923E Redirect Chain https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1022802381 https://dmp.adform.net/serving/cookie/match/?party=1145&cid=0DgK1YzYeoK8haqu8i3K.u	35 B 591 B	34ms 34ms	Image image/gif	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.adform.net/serving/cookie/match/?party=1145&cid=0DgK1YzYeoK8haqu8i3K.u Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers pragma no-cache date Sat, 06 Jan 2024 20:57:22 GMT via 1.1 google last-modified Sat, 06 Jan 2024 20:57:23 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" location https://dmp.adform.net/serving/cookie/match/?party=1145&cid=0DgK1YzYeoK8haqu8i3K.u access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	um sync.teads.tv/ Frame 923E	23 B 279 B	144ms 38ms	Image image/gif	23.222.197.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=119&uid=5543539852908786291 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-222-197-151.deploy.static.akamaitechnologies.com Software pekko-http/1.0.0 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers expires Sat, 06 Jan 2024 20:57:23 GMT pragma no-cache date Sat, 06 Jan 2024 20:57:23 GMT cache-control max-age=0, no-cache, no-store server pekko-http/1.0.0 content-length 23 content-type image/gif
GET H2	200	/ sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame 923E Redirect Chain https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=5543539852908786291 https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=6aa5298f17&gdpr=0&gdpr_consent=	0 376 B	130ms 35ms	Image text/plain	141.226.224.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=6aa5298f17&gdpr=0&gdpr_consent= Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:24 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 33792 Redirect headers date Sat, 06 Jan 2024 20:57:23 GMT via 1.1 e4d959ba5c709b88eb04934bd0d1eeea.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop YUL62-C2 x-cache Miss from cloudfront location https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=6aa5298f17&gdpr=0&gdpr_consent= cache-control no-cache, must-revalidate content-length 0 x-amz-cf-id Y1LxQ5cPIsw_-NfIIuKh8geDR-WQr1VROfZXFTv6IckwOler4ZJlAg==
GET H2	200	5543539852908786291 match.contentexchange.me/adform/ Frame 923E	0 49 B	405ms 132ms	Image text/plain	46.19.11.36 SIEL
General Check archive.org Show headers Download Go to Show image Full URL https://match.contentexchange.me/adform/5543539852908786291?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI), Reverse DNS ilog.vsn.si Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:24 GMT content-length 0 server nginx/1.16.1
GET H2	200	/ bpi.rtactivate.com/tag/ Frame 923E	43 B 109 B	212ms 85ms	Image image/gif	44.213.136.134 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=16974&user_id=5543539852908786291 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.213.136.134 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-213-136-134.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:23 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H2	200	xuid eb2.3lift.com/ Frame 923E Redirect Chain https://eb2.3lift.com/xuid?mid=7354&xuid=5543539852908786291&dongle=AD20 https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5543539852908786291&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=	37 B 353 B	53ms 53ms	Image image/gif	35.71.139.29 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5543539852908786291&dongle=AD20&gdpr=0&cmp_cs=&us_privacy= Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Server 35.71.139.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afb83dd09526a6517.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers content-type image/gif date Sat, 06 Jan 2024 20:57:23 GMT cache-control no-cache, no-store, must-revalidate content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location /xuid?ld=1&mid=7354&xuid=5543539852908786291&dongle=AD20&gdpr=0&cmp_cs=&us_privacy= date Sat, 06 Jan 2024 20:57:23 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	put e1.emxdgt.com/ Frame 923E	43 B 120 B	173ms 37ms	Image image/gif	34.235.210.13 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://e1.emxdgt.com/put?d=d52&uid=5543539852908786291 Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.235.210.13 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-210-13.compute-1.amazonaws.com Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:23 GMT content-length 43 x-nosync emp content-type image/gif
GET H2	200	plf c1.adform.net/imatch/ Frame 923E	0 384 B	36ms 34ms	Image text/plain	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/imatch/plf?name=plfl Requested by Host: c1.adform.net URL: https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://c1.adform.net/imatch/pixels?uid=5543539852908786291&agencyId=1170&advertiserId=41038&src=tp&rnd=459926 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 06 Jan 2024 20:57:22 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With