Submitted URL: http://www.definityfinancial.com/
Effective URL: https://www.definityfinancial.com/English/overview/default.aspx
Submission: On March 07 via manual from NL — Scanned from DE

Summary

This website contacted 62 IPs in 14 countries across 69 domains to perform 152 HTTP transactions. The main IP is 162.159.129.11, located in and belongs to CLOUDFLARENET, US. The main domain is www.definityfinancial.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 12th 2022. Valid for: a year.
This is the only time www.definityfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 20 162.159.129.11 13335 (CLOUDFLAR...)
32 2a0b:4d07:401::1 44239 (PROINITY ...)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.224.194.107 16509 (AMAZON-02)
4 13.224.189.93 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 193.234.225.88 34971 (PDDA-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 142.251.39.6 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 199.232.16.157 54113 (FASTLY)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 37.157.2.247 198622 (ADFORM)
1 2 151.101.1.181 54113 (FASTLY)
1 18.66.97.118 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2 185.167.164.39 198622 (ADFORM)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 18.66.112.77 16509 (AMAZON-02)
1 1 13.32.121.78 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 15 37.157.6.254 198622 (ADFORM)
1 37.157.5.141 198622 (ADFORM)
1 2 3.122.30.166 16509 (AMAZON-02)
1 104.96.129.75 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 18.196.192.213 16509 (AMAZON-02)
1 185.86.138.151 201081 (SMARTADSE...)
1 2 3.126.56.137 16509 (AMAZON-02)
1 2.18.79.139 20940 (AKAMAI-ASN1)
2 2 3.65.89.114 16509 (AMAZON-02)
1 3 76.223.111.18 16509 (AMAZON-02)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
7 8 77.243.60.138 42697 (NETIC-AS)
2 2 92.123.37.164 16625 (AKAMAI-AS)
1 1 185.89.210.90 29990 (ASN-APPNEX)
4 4 172.217.19.98 15169 (GOOGLE)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
1 3.127.178.105 16509 (AMAZON-02)
4 4 18.198.69.109 16509 (AMAZON-02)
1 2a02:6ea0:f40... 60068 (CDN77 ^_^)
1 35.244.174.68 15169 (GOOGLE)
1 52.30.48.43 16509 (AMAZON-02)
2 23.35.209.176 16625 (AKAMAI-AS)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 1 52.213.180.231 16509 (AMAZON-02)
1 52.218.26.67 16509 (AMAZON-02)
2 2 141.94.170.77 16276 (OVH)
2 15.197.193.217 16509 (AMAZON-02)
5 6 62.141.38.122 24961 (MYLOC-AS ...)
1 1 139.162.141.41 63949 (AKAMAI-AP...)
1 1 193.135.9.127 48314 (IP-PROJECTS)
1 1 80.85.85.173 63949 (AKAMAI-AP...)
1 54.220.166.58 16509 (AMAZON-02)
2 3 185.89.211.12 29990 (ASN-APPNEX)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 13.32.110.41 16509 (AMAZON-02)
2 3 52.0.191.77 14618 (AMAZON-AES)
2 2 34.255.210.6 16509 (AMAZON-02)
1 1 46.137.131.3 16509 (AMAZON-02)
2 2 52.58.237.138 16509 (AMAZON-02)
1 216.46.185.182 13649 (ASN-VINS)
1 141.95.33.111 16276 (OVH)
2 2 35.190.24.218 15169 (GOOGLE)
1 23.35.209.30 16625 (AKAMAI-AS)
1 87.242.89.90 208677 (SBERCLOUD-AS)
1 2600:9000:211... 16509 (AMAZON-02)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
1 46.19.11.36 51790 (SIEL)
1 1 109.206.161.21 50245 (SERVEREL-AS)
1 69.173.144.165 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.137 54113 (FASTLY)
2 162.247.243.29 54113 (FASTLY)
152 62
Apex Domain
Subdomains
Transfer
32 q4cdn.com
s28.q4cdn.com — Cisco Umbrella Rank: 125671
2 MB
20 definityfinancial.com
www.definityfinancial.com
114 KB
18 adform.net
s2.adform.net — Cisco Umbrella Rank: 6215
a2.adform.net — Cisco Umbrella Rank: 6801
c1.adform.net — Cisco Umbrella Rank: 590
dmp.adform.net — Cisco Umbrella Rank: 3609
42 KB
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
583 KB
8 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1141
se.semasio.net — Cisco Umbrella Rank: 25701
5 KB
7 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 20243
tags.adsafety.net — Cisco Umbrella Rank: 95046
11 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 73
93 KB
6 doubleclick.net
12019998.fls.doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
2 KB
5 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1412
load77.exelator.com — Cisco Umbrella Rank: 3278
loada.exelator.com — Cisco Umbrella Rank: 25455
4 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2425
64 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
secure.adnxs.com — Cisco Umbrella Rank: 377
4 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
www.linkedin.com — Cisco Umbrella Rank: 564
px4.ads.linkedin.com — Cisco Umbrella Rank: 6058
3 KB
4 q4app.com
widgets.q4app.com — Cisco Umbrella Rank: 40926
43 KB
3 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2469
2 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1398
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 338
870 B
3 vidyard.com
play.vidyard.com — Cisco Umbrella Rank: 9880
cdn.vidyard.com — Cisco Umbrella Rank: 14867
4 MB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
190 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 231
751 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 424
1 KB
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 11882
629 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 726
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 198
2 KB
2 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 31567
cm.smartstream.tv — Cisco Umbrella Rank: 303619
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
529 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2072
914 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 549
665 B
2 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 991
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
2 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
875 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
488 B
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3421
691 B
2 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 541
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
453 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 663
828 B
2 q4inc.com
login.q4inc.com — Cisco Umbrella Rank: 44393
auth.platform.q4inc.com — Cisco Umbrella Rank: 46784
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
239 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
136 KB
2 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5645
388 B
2 cloudfront.net
d1azc1qln24ryf.cloudfront.net
15 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 358
14 KB
1 e-volution.ai
sync.e-volution.ai — Cisco Umbrella Rank: 2648
464 B
1 contentexchange.me
match.contentexchange.me — Cisco Umbrella Rank: 23538
49 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 701
242 B
1 1dmp.io
sync.1dmp.io — Cisco Umbrella Rank: 15899
155 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1218
172 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 404
1 KB
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1787
72 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 481
492 B
1 userreport.com
pdw-adf.userreport.com — Cisco Umbrella Rank: 21009
444 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 668
447 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 585
338 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
390 B
1 adrtx.net
api.adrtx.net — Cisco Umbrella Rank: 25693
407 B
1 openx.net
eu-u.openx.net — Cisco Umbrella Rank: 2089
273 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 759
266 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 342
98 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1027
344 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 624
682 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 571
163 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4455
525 B
1 seadform.net
a1.seadform.net — Cisco Umbrella Rank: 19883
334 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8947
515 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 628
396 B
1 t.co
t.co — Cisco Umbrella Rank: 536
378 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 813
370 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 704
5 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 633
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
805 B
0 emxdgt.com Failed
e1.emxdgt.com Failed
152 69
Domain Requested by
32 s28.q4cdn.com www.definityfinancial.com
s28.q4cdn.com
20 www.definityfinancial.com 2 redirects www.definityfinancial.com
12 c1.adform.net 2 redirects a2.adform.net
c1.adform.net
8 www.gstatic.com www.google.com
www.gstatic.com
6 cm.adsafety.net 5 redirects c1.adform.net
6 www.google.com www.definityfinancial.com
www.gstatic.com
www.google.com
5 se.semasio.net 4 redirects c1.adform.net
4 cm.g.doubleclick.net 4 redirects
4 www.google-analytics.com www.definityfinancial.com
www.googletagmanager.com
4 widgets.q4app.com www.definityfinancial.com
3 fonts.gstatic.com www.definityfinancial.com
3 dmp.adform.net c1.adform.net
3 a.audrte.com 2 redirects c1.adform.net
3 secure.adnxs.com 2 redirects c1.adform.net
3 dsp.adfarm1.adition.com 3 redirects
3 uipglob.semasio.net 3 redirects
3 eb2.3lift.com 1 redirects c1.adform.net
3 www.googletagmanager.com www.definityfinancial.com
www.googletagmanager.com
www.google-analytics.com
2 bam.nr-data.net js-agent.newrelic.com
www.definityfinancial.com
2 pixel.tapad.com 2 redirects
2 redirect.frontend.weborama.fr 2 redirects
2 pm.w55c.net 2 redirects
2 dpm.demdex.net 2 redirects
2 match.adsrvr.org c1.adform.net
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 tags.bluekai.com c1.adform.net
2 loadm.exelator.com 2 redirects
2 pixel.mathtag.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects c1.adform.net
2 x.bidswitch.net 2 redirects
2 ups.analytics.yahoo.com 1 redirects c1.adform.net
2 ih.adscale.de 2 redirects
2 ad.360yield.com 1 redirects c1.adform.net
2 a2.adform.net 1 redirects www.definityfinancial.com
2 www.facebook.com www.definityfinancial.com
2 px.ads.linkedin.com 2 redirects
2 play.vidyard.com 1 redirects www.definityfinancial.com
2 connect.facebook.net www.definityfinancial.com
connect.facebook.net
2 12019998.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 pro.ip-api.com www.definityfinancial.com
2 d1azc1qln24ryf.cloudfront.net www.definityfinancial.com
d1azc1qln24ryf.cloudfront.net
1 js-agent.newrelic.com www.definityfinancial.com
1 pixel.rubiconproject.com c1.adform.net
1 sync.e-volution.ai 1 redirects
1 match.contentexchange.me c1.adform.net
1 s.ad.smaato.net c1.adform.net
1 sync.1dmp.io c1.adform.net
1 sync.teads.tv c1.adform.net
1 id5-sync.com c1.adform.net
1 global.ib-ibi.com c1.adform.net
1 aa.agkn.com 1 redirects
1 pdw-adf.userreport.com c1.adform.net
1 simage2.pubmatic.com c1.adform.net
1 beacon.krxd.net c1.adform.net
1 cm.smartstream.tv 1 redirects
1 ads.smartstream.tv 1 redirects
1 tags.adsafety.net 1 redirects
1 s3-eu-west-1.amazonaws.com c1.adform.net
1 api.adrtx.net 1 redirects
1 eu-u.openx.net c1.adform.net
1 sync.crwdcntrl.net c1.adform.net
1 idsync.rlcdn.com c1.adform.net
1 load77.exelator.com c1.adform.net
1 ps.eyeota.net c1.adform.net
1 ib.adnxs.com 1 redirects
1 ads.stickyadstv.com c1.adform.net
1 rtb-csync.smartadserver.com c1.adform.net
1 token.rubiconproject.com c1.adform.net
1 ad.yieldlab.net c1.adform.net
1 a1.seadform.net www.definityfinancial.com
1 adservice.google.de adservice.google.com
1 auth.platform.q4inc.com 1 redirects
1 login.q4inc.com 1 redirects
1 adservice.google.com 12019998.fls.doubleclick.net
1 analytics.twitter.com www.definityfinancial.com
1 t.co www.definityfinancial.com
1 px4.ads.linkedin.com www.definityfinancial.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io www.definityfinancial.com
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.vidyard.com www.definityfinancial.com
1 s2.adform.net www.definityfinancial.com
1 snap.licdn.com www.definityfinancial.com
1 static.ads-twitter.com www.definityfinancial.com
1 fonts.googleapis.com www.definityfinancial.com
0 e1.emxdgt.com Failed c1.adform.net
152 87
Subject Issuer Validity Valid
www.definityfinancial.com
Cloudflare Inc ECC CA-3
2022-09-12 -
2023-09-12
a year crt.sh
s28.q4cdn.com
R3
2023-01-16 -
2023-04-16
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
widgets.q4app.com
Amazon RSA 2048 M02
2023-02-28 -
2024-01-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-25 -
2023-12-26
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-10 -
2023-03-15
2 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-22 -
2023-08-22
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-02-01 -
2024-01-31
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
*.vidyard.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-09-27 -
2023-10-29
a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01
2023-02-24 -
2023-08-06
5 months crt.sh
www.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.google.de
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.seadform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-10-20 -
2023-11-09
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-15
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-14 -
2023-06-16
a year crt.sh
eyeota.net
GoGetSSL RSA DV CA
2022-03-18 -
2023-03-18
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-27 -
2024-02-26
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.userreport.com
Amazon RSA 2048 M02
2023-02-22 -
2024-01-18
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.ib-ibi.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-01 -
2023-04-01
a year crt.sh
*.id5-sync.com
R3
2023-01-25 -
2023-04-25
3 months crt.sh
teads.tv
R3
2023-02-21 -
2023-05-22
3 months crt.sh
sync.1dmp.io
R3
2023-01-31 -
2023-05-01
3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M02
2023-02-27 -
2023-09-20
7 months crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA
2022-05-31 -
2023-06-04
a year crt.sh
*.3lift.com
Amazon RSA 2048 M01
2023-02-10 -
2023-06-11
4 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-07-10 -
2023-08-11
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-18 -
2023-12-19
a year crt.sh

This page contains 8 frames:

Primary Page: https://www.definityfinancial.com/English/overview/default.aspx
Frame ID: 756A9CD0BAD1FC8600EDE796006F2884
Requests: 83 HTTP requests in this frame

Frame: https://12019998.fls.doubleclick.net/activityi;dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx
Frame ID: 856E77D8B415EF23CAE6D13F10F18C25
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx
Frame ID: 31831736DC38B1DF347B74379259C47A
Requests: 1 HTTP requests in this frame

Frame: https://www.definityfinancial.com/q4logincallback.aspx?error=400
Frame ID: BB4D51CFA9D2C3E8A0FB20648E4E2B23
Requests: 4 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx
Frame ID: AD0892D575E25A45A10ECA4C3A29CF21
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W&co=aHR0cHM6Ly93d3cuZGVmaW5pdHlmaW5hbmNpYWwuY29tOjQ0Mw..&hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=z7gfarinik0n
Frame ID: 8B2266B678A943F543F73D1A46EBD649
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W
Frame ID: 67A154B1E0A665E0EC09499D84063199
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Frame ID: AD2A99641148A2AD0AEAF70B210A9B06
Requests: 47 HTTP requests in this frame

Screenshot

Page Title

Home | Definity

Page URL History Show full URLs

  1. http://www.definityfinancial.com/ HTTP 301
    https://www.definityfinancial.com/ HTTP 301
    https://www.definityfinancial.com/English/overview/default.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

152
Requests

84 %
HTTPS

21 %
IPv6

69
Domains

87
Subdomains

62
IPs

14
Countries

6961 kB
Transfer

10372 kB
Size

95
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.definityfinancial.com/ HTTP 301
    https://www.definityfinancial.com/ HTTP 301
    https://www.definityfinancial.com/English/overview/default.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://12019998.fls.doubleclick.net/activityi;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx HTTP 302
  • https://12019998.fls.doubleclick.net/activityi;dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx
Request Chain 42
  • https://play.vidyard.com/SCkT1bBhP1pdhgD9PoqCXK.jpg HTTP 302
  • https://cdn.vidyard.com/thumbnails/34582563/aWrWX1YTv3nmY8rangMELQS4tDnKWiry.gif
Request Chain 52
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4033209&time=1678191497624&url=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4033209%26time%3D1678191497624%26url%3Dhttps%253A%252F%252Fwww.definityfinancial.com%252FEnglish%252Foverview%252Fdefault.aspx%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4033209&time=1678191497624&url=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4033209&time=1678191497624&url=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&liSync=true&e_ipv6=AQKT2EC4vY8jmgAAAYa8AhTV9gRSQv2LLmcbHxvWte2-SavTuKqcCDh1tvBDurCZ-YuFPUeMXxP8
Request Chain 66
  • https://a2.adform.net/Serving/TrackPoint/?pm=2529091&ADFdivider=%7C&ord=186590622397&ADFtpmode=2&loc=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2529091&ADFdivider=%7C&ord=186590622397&ADFtpmode=2&loc=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 78
  • https://login.q4inc.com/authorize?client_id=gKrDY1E9BUSWfU7DGuW2CO4rjdskiNg7&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=2Snm6Ww9p18tmIiJ5xuvK3fXlI&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJyZXR1cm5VcmwiOiJodHRwczovL3d3dy5kZWZpbml0eWZpbmFuY2lhbC5jb20vcTRsb2dpbmNhbGxiYWNrLmFzcHgiLCJleHAiOjE2ODM0MDE4ODguMCwiaWF0IjoxNjc4MTQyMjg4LjAsImlzcyI6IlE0LldlYi5QdWJsaWMuU2l0ZSIsImF1ZCI6InVwc3RyZWFtLmNkbi53ZWIucHJkLnE0aW5jLmNvbSJ9.BNjmvcFJTAMCqSim3GQUSQEILS2QooSfVvj0DYlFIMw&redirect_uri=https://auth.platform.q4inc.com/auth/publicAuthRedirect&prompt=none HTTP 302
  • https://auth.platform.q4inc.com/auth/publicAuthRedirect?error=login_required&error_description=Login%20required&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJyZXR1cm5VcmwiOiJodHRwczovL3d3dy5kZWZpbml0eWZpbmFuY2lhbC5jb20vcTRsb2dpbmNhbGxiYWNrLmFzcHgiLCJleHAiOjE2ODM0MDE4ODguMCwiaWF0IjoxNjc4MTQyMjg4LjAsImlzcyI6IlE0LldlYi5QdWJsaWMuU2l0ZSIsImF1ZCI6InVwc3RyZWFtLmNkbi53ZWIucHJkLnE0aW5jLmNvbSJ9.BNjmvcFJTAMCqSim3GQUSQEILS2QooSfVvj0DYlFIMw HTTP 301
  • https://www.definityfinancial.com/q4logincallback.aspx?error=400
Request Chain 95
  • https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=713663938463873976&Expiration=1679401098 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=713663938463873976&Expiration=1679401098
Request Chain 98
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=713663938463873976&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=713663938463873976&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=b21f327255ce4ba58c4a7262faa7b56f HTTP 307
  • https://c1.adform.net/serving/cookie/match?party=9&uid=e23da2f887108ae33add0dcaeef58a5d231a9ad387410b004eaab02f7fa6dc79
Request Chain 100
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=713663938463873976&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=713663938463873976&_origin=1&verify=true
Request Chain 102
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=713663938463873976 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=713663938463873976 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=228d3b9a-b7e2-4289-a3e8-95e9ae5f5350&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=228d3b9a-b7e2-4289-a3e8-95e9ae5f5350&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 103
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=713663938463873976&expiration=1679401098 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=713663938463873976&expiration=1679401098&C=1
Request Chain 104
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=713663938463873976&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=713663938463873976&sInitiator=external HTTP 302
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=713663938463873976&gdpr=&sInitiator=external HTTP 302
  • https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal HTTP 302
  • https://se.semasio.net/sync/1/14876172?sExtCookieId=315e6407-2b8c-4a00-9702-b1941ffdaa00&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=2837535589818544212&sInitiator=internal&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QjQ3MTQ2RURGODUzQUMxOQ&gdpr= HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEOJDCsLJfrkm2Sl5E5MZKqc&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEOJDCsLJfrkm2Sl5E5MZKqc&sInitiator=internal&google_cver=1&gdpr= HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7207777604643715217&sInitiator=internal&gdpr=
Request Chain 106
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=713663938463873976 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=713663938463873976&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 111
  • https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Request Chain 112
  • https://pixel.onaudience.com/?mapped=713663938463873976&partner=68 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=44f9bf78916ce65aea692f8f7b570252&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 113
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=713663938463873976 HTTP 302
  • https://tags.adsafety.net/v1/cm?cm_uid=CM120230307125682335b56781d2b31e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=eae2527176c61399441488e3c60f0859 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120230307125682335b56781d2b31e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
  • https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=eae2527176c61399441488e3c60f0859&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzAzMDcxMjU2ODIzMzViNTY3ODFkMmIzMWU&gdpr_consent=&gdpr=0 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEMy46jo3z2VNO3kYYbTwyHI&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=28&cid=CM120230307125682335b56781d2b31e HTTP 302
  • https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=713663938463873976 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
  • https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7207777604643715217 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7207777604643715217
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NzEzNjYzOTM4NDYzODczOTc2 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOkjrdMjZ9Da-Ns5NZxoSbg&google_cver=1&google_ula=1641347,0
Request Chain 116
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=3&id=2837535589818544212&redirect=1 HTTP 302
  • https://secure.adnxs.com/setuid?entity=91&code=713663938463873976
Request Chain 120
  • https://a.audrte.com/a?adform_uid=713663938463873976 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTBsQURWZXNEUG5TbXlDM0g2bkJnWjhGZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 121
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=713663938463873976&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=713663938463873976&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=84124440580976971823530850555194619632&noredirect=1
Request Chain 122
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=713663938463873976 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219573204448001618377
Request Chain 123
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7207777604643715217
Request Chain 125
  • https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1066&cid=547b6407-2b8c-4500-b236-98dfd5db1b52
Request Chain 126
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=2M0fJnYS1PzwgP5
Request Chain 130
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=630481436 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=EgzB/thpqtYlx2ob2UyhHO
Request Chain 134
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=713663938463873976&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=713663938463873976&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=2007&cid=44c8017e-c8b6-44e9-b350-0c501333d349
Request Chain 137
  • https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=713663938463873976 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

152 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request default.aspx
www.definityfinancial.com/English/overview/
Redirect Chain
  • http://www.definityfinancial.com/
  • https://www.definityfinancial.com/
  • https://www.definityfinancial.com/English/overview/default.aspx
138 KB
42 KB
Document
General
Full URL
https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2f31ff4a6da47d4f2bb33c6773658df0cbf10fe1aef2193194bed206db8abc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
REVALIDATED
cf-ray
7a42c7b219839219-FRA
content-encoding
gzip
content-length
43068
content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 12:18:16 GMT
etag
1f8b6133ad66e84a5a4b856f73ae27ee
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
public, max-age=120, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
EXPIRED
cf-ray
7a42c7b0af5e9219-FRA
content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 12:18:15 GMT
location
/English/overview/default.aspx
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
index.js
www.definityfinancial.com/js/typescript/dist/
92 KB
30 KB
Script
General
Full URL
https://www.definityfinancial.com/js/typescript/dist/index.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6a8c757c59b2df0c50814b344398dedb725eaf508722c9a22136defbb030cf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/English/overview/default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
content-length
30581
x-xss-protection
1; mode=block
last-modified
Tue, 21 Feb 2023 17:32:24 GMT
server
cloudflare
etag
631a3fadd46980f7f334555768ad3599
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7a42c7b33b1e9219-FRA
proxima-nova.css
s28.q4cdn.com/441925426/files/fonts/proxima-nova/
2 KB
988 B
Stylesheet
General
Full URL
https://s28.q4cdn.com/441925426/files/fonts/proxima-nova/proxima-nova.css
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
dc1b9457c7b4d376b605485ba3aa51f075d322ba4a90f7d697e5da0d42983ff5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:16 GMT
content-encoding
gzip
last-modified
Wed, 11 Aug 2021 16:02:04 GMT
server
keycdn-engine
x-amz-request-id
4MJ0STA3AWHQMMB1
x-edge-location
atvi
etag
W/"89675fda4bc9848a304c5227b05a2e73"
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
aqSW1cRSHud6XfBLNKefV/wEdLI4R0l+/18z+F/RFZnDqWjLniIp4cspemdp3OA13mejHQVzHE4=
expires
Tue, 07 Mar 2023 13:18:16 GMT
css2
fonts.googleapis.com/
1 KB
805 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 12:18:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 12:06:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 12:18:16 GMT
print.css
s28.q4cdn.com/441925426/files/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://s28.q4cdn.com/441925426/files/css/print.css
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
1104af4ec5fd522b923898ae46be7a55bc7d62350d291b231400efb27e4de913

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 19:17:49 GMT
server
keycdn-engine
x-amz-request-id
4MJ9VHEXPYJV4832
x-edge-location
atvi
etag
W/"9e71dfea1584fe67a0710304c0c70c40"
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
2REb6i/Oyj/umxG33wSyVddJy7l85zkBJTqB8XGewAreqDhk/qP9+Cql/hIj77/qhaPh04VC8Io=
expires
Tue, 07 Mar 2023 13:18:16 GMT
style-cf.css
d1azc1qln24ryf.cloudfront.net/50912/Q4studioclassic2018na1/
8 KB
2 KB
Stylesheet
General
Full URL
https://d1azc1qln24ryf.cloudfront.net/50912/Q4studioclassic2018na1/style-cf.css?5j2dpc
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-107.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60871c745ee14ae9b1e1c892da0b30fd3d1695fbffc0a1fa49974a2c4bd86061

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 00:48:58 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Fri, 07 May 2021 09:24:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
818959
etag
"73f9f63c8976a5a631b8f85bbf7f9bde"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31000000
accept-ranges
bytes
content-length
1539
x-amz-cf-id
pgQoP5X9lxh56epN4ITF6AVKrBwNI7Im0bVCVAwDKstq0DzH8gWmVg==
global.css
s28.q4cdn.com/441925426/files/css/
330 KB
60 KB
Stylesheet
General
Full URL
https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5506c0ee0d14f185f9864aa92ebf85caf3e7225c8401b375cffc25e8c4435fcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:16 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:22:09 GMT
server
keycdn-engine
x-amz-request-id
4MJBSMBPKEF4JYYN
x-edge-location
atvi
etag
W/"7575c59c34d922b479d02ef2e574f3b0"
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
x2BLmexTMTaXrRm3pnyUJYakUYoLYd/WKDty6/A5f6++2BGxl234EGAjAmhCyVHIUgqwcS968TY=
expires
Tue, 07 Mar 2023 13:18:16 GMT
client.css
s28.q4cdn.com/441925426/files/css/
65 KB
16 KB
Stylesheet
General
Full URL
https://s28.q4cdn.com/441925426/files/css/client.css?v=51380
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4753a7fd3784f3b95fca05d374c0af7232e66501aa9b69eb4b90cc7f6c1dbef3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:16 GMT
content-encoding
gzip
last-modified
Fri, 17 Jun 2022 18:16:24 GMT
server
keycdn-engine
x-amz-request-id
4MJ6EBD10AVRSXD9
x-edge-location
atvi
etag
W/"e36c5cde0499b699d9f1f534c8c81d6e"
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
cklJm4YIi7JlEfAK7ii6pjhKf1pih9GnfEAZyd3FHUVPxqM3ppbxxGmtTsMtuUqwz1svqubBR3k=
expires
Tue, 07 Mar 2023 13:18:16 GMT
q4.core.1.0.0.js
s28.q4cdn.com/441925426/files/js/bundle/
976 KB
355 KB
Script
General
Full URL
https://s28.q4cdn.com/441925426/files/js/bundle/q4.core.1.0.0.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
fc3213fa9594847b906c8c597372ede552a8d8a3c9d870650eddf8626ee09506

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:16 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 15:40:02 GMT
server
keycdn-engine
x-amz-request-id
4MJ5AK2KA4WGC7PY
x-edge-location
atvi
etag
W/"f1b16797306090925d0aa1fd8425385e"
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
UJPNz1Re5nLiTVKlcMpvFxImOFpHSIvNc4bYXfm/HFVKcPLRo+pVpwhilY/L2cUsQ4Ljzc5mVOE=
expires
Tue, 07 Mar 2023 13:18:16 GMT
q4.helpers.1.0.0.js
s28.q4cdn.com/441925426/files/js/bundle/
43 KB
13 KB
Script
General
Full URL
https://s28.q4cdn.com/441925426/files/js/bundle/q4.helpers.1.0.0.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c1c47f5dc52848b3caad1d25d4a637bfb065b402e4e39e37a6aeb2a70f13bfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:16 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 15:40:04 GMT
server
keycdn-engine
x-amz-request-id
4MJ31T0GN1MZG5AQ
x-edge-location
atvi
etag
W/"2d441e232dd9728d4dff3fe674231b27"
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
Q/JtkHZLrpr6yHh/M+TsIh6htEum6sxSonS+sGPV90OrDHb6IprSEJpkH1OMQDEFkVtXAxIpzlk=
expires
Tue, 07 Mar 2023 13:18:16 GMT
q4.widgets.1.0.0.js
s28.q4cdn.com/441925426/files/js/bundle/
550 KB
161 KB
Script
General
Full URL
https://s28.q4cdn.com/441925426/files/js/bundle/q4.widgets.1.0.0.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
39cf9e3f1a2549cc9f2b00d18c954329c035b0500e89b09bd16aee32cad28eb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:16 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 15:40:08 GMT
server
keycdn-engine
x-amz-request-id
4MJ5TXBXBFD92GRS
x-edge-location
atvi
etag
W/"a4628de9be6795a9a18a76f142e94521"
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
9as73ouknO7uTAzQvMNbubuE9l3buxtnDfw+Xm2WmTvLLhvSMDBl5yDQ73FY0/hW58F5+Mcsi1s=
expires
Tue, 07 Mar 2023 13:18:16 GMT
q4.datepicker.1.0.0.min.js
widgets.q4app.com/widgets/
13 KB
14 KB
Script
General
Full URL
https://widgets.q4app.com/widgets/q4.datepicker.1.0.0.min.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-93.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
65cbd6e94f20fb94d3ec0056f83acc671c297967feccf5eca95281401b605566

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 11:33:49 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
last-modified
Wed, 08 Feb 2023 15:47:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
2714
x-amz-server-side-encryption
AES256
etag
"2960f93dabe9b742f2c9c43ced12b0a7"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
13555
x-amz-cf-id
I7d2fPDU8EnnDCHUEulkUzjH2WSfF8eZEH7mMOcpkUAyRIaODYgPgw==
findIndex_polyfill.js
s28.q4cdn.com/441925426/files/js/polyfills/
1 KB
1 KB
Script
General
Full URL
https://s28.q4cdn.com/441925426/files/js/polyfills/findIndex_polyfill.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4f926bb1da1f8ef66097de2d153bdd55e90f1502e8acb39c9ea5304c5ec56718

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 19:19:46 GMT
server
keycdn-engine
x-amz-request-id
4MJ09Z9B5QYS91T5
x-edge-location
atvi
etag
W/"ce6a48c2153df6a9bb68a08d17107262"
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
HB+MomKD4QvlUaW6BcqlsJpf/pR3bd8qaJ9N7R3NGClNtMoVtm64C1gvToVf0zHMw/XF/nE/QWA=
expires
Tue, 07 Mar 2023 13:18:17 GMT
nav_nima_2.js
s28.q4cdn.com/441925426/files/js/
91 KB
19 KB
Script
General
Full URL
https://s28.q4cdn.com/441925426/files/js/nav_nima_2.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
62e5d4c16451d3bf8a5b81e16afc396417e15bd8085f5b2ceb9cc235eab67a88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 15:08:26 GMT
server
keycdn-engine
x-amz-request-id
4MJ5F3Q4A5NHS0FP
x-edge-location
atvi
etag
W/"0332ff99ab5752296fb6f203ca622e04"
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
8IUalGTX0V2utNndG5jXALL+l8CdM1PL0dJKVgjklIPfxnNhGZQm00guLHTzeeSIv3pD6qjPD/g=
expires
Tue, 07 Mar 2023 13:18:17 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 11:17:30 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3647
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 07 Mar 2023 13:17:30 GMT
/
pro.ip-api.com/json/
39 B
194 B
XHR
General
Full URL
https://pro.ip-api.com/json/?key=6KddQSe576qrfNb&fields=isp,org
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.234.225.88 Milan, Italy, ASN34971 (PDDA-AS, IT),
Reverse DNS
hex.psxhosting.is
Software
/
Resource Hash
dc80ba256d0defd1ef2507933c86c2949ea0fd7271020e96bbf41b543800b9f6

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.definityfinancial.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 07 Mar 2023 12:18:17 GMT
Content-Length
39
Content-Type
application/json; charset=utf-8
/
pro.ip-api.com/json/
39 B
194 B
XHR
General
Full URL
https://pro.ip-api.com/json/?key=6KddQSe576qrfNb&fields=isp,org
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.234.225.88 Milan, Italy, ASN34971 (PDDA-AS, IT),
Reverse DNS
hex.psxhosting.is
Software
/
Resource Hash
dc80ba256d0defd1ef2507933c86c2949ea0fd7271020e96bbf41b543800b9f6

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.definityfinancial.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 07 Mar 2023 12:18:17 GMT
Content-Length
39
Content-Type
application/json; charset=utf-8
gtm.js
www.googletagmanager.com/
196 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5CJD3TD
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50212c23863cdd10dbc0a7e32c3a4b0bd051152902805115e8571b3b4c77a8ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71154
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Mar 2023 12:18:17 GMT
WebResource.axd
www.definityfinancial.com/
23 KB
6 KB
Script
General
Full URL
https://www.definityfinancial.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZDSH1oVlXKNmZSXd3zYZ2Gq6ERm6jivSb4ijerOGYkuGRtePZg2&t=637814437746327080
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/English/overview/default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
cf-cache-status
HIT
content-length
6007
x-xss-protection
1; mode=block
last-modified
Tue, 05 Jan 2021 01:27:55 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7a42c7b9abd39219-FRA
expires
Thu, 16 Nov 2023 15:18:51 GMT
icon_close_bl.svg
s28.q4cdn.com/441925426/files/design/svg/
598 B
962 B
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/design/svg/icon_close_bl.svg
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
64aa36d5c3b2ae0f81afd36bc0aa665884010659a5ed4fe68e0723378dc2a6b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
last-modified
Wed, 03 Nov 2021 14:31:10 GMT
server
keycdn-engine
x-amz-request-id
MAWSHQVFB5AW584D
x-edge-location
atvi
etag
"092ded0997d80eff8f2a790b7c4dd31d"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
598
x-amz-id-2
gCL+18xyQ/9TMB5aRXRP5/jvDGQb5kOhQy+5LrARzqE6Dhssi/NJLoHgw4tvMudVW87+cnMPSBk=
expires
Tue, 07 Mar 2023 13:18:17 GMT
icon_minus_blue.svg
s28.q4cdn.com/441925426/files/design/svg/
705 B
1 KB
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/design/svg/icon_minus_blue.svg
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
ba7f521100dc4dc111fc83b854f40376a916ef3bf6e35cf1987d9d9678023936

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
last-modified
Thu, 16 Sep 2021 20:57:22 GMT
server
keycdn-engine
x-amz-request-id
MAWPKBB1HFP4S5JM
x-edge-location
atvi
etag
"8921a8fc74499dcf879df51a2ef21223"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
705
x-amz-id-2
oe5lz5DTwSLRLnld8hHwEmDwMNQX7UbyXW2lTXWJ5vEEvcZR265377n0idyPR6aCPotZs2AuX/s=
expires
Tue, 07 Mar 2023 13:18:17 GMT
icon_minus_wh.svg
s28.q4cdn.com/441925426/files/design/svg/
712 B
1 KB
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/design/svg/icon_minus_wh.svg
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7744c4014632488b22e3c5f7befbcd63737b53dd3e8962491b22f3ad7aab0d62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
last-modified
Tue, 24 Aug 2021 13:31:52 GMT
server
keycdn-engine
x-amz-request-id
MAWNQGVERCSGHGST
x-edge-location
atvi
etag
"66c424f9be128c06885f2713950c2e19"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
712
x-amz-id-2
h5nd4O8nsd42e1MHI3cAMvFuNUFihmfiDRKLR8C2tx+sgNGCiTpxBgE8IZTkQdcZjGBHxYRRKTQ=
expires
Tue, 07 Mar 2023 13:18:17 GMT
122f8a1b-fa6b-4246-8d37-911edb4ac556.woff2
s28.q4cdn.com/441925426/files/fonts/proxima-nova/300/
26 KB
27 KB
Font
General
Full URL
https://s28.q4cdn.com/441925426/files/fonts/proxima-nova/300/122f8a1b-fa6b-4246-8d37-911edb4ac556.woff2
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/fonts/proxima-nova/proxima-nova.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0976ff87bf115f4fc16a30bc2ed128f3658f792a92382ac80c6871003dfac379

Request headers

Referer
https://s28.q4cdn.com/441925426/files/fonts/proxima-nova/proxima-nova.css
Origin
https://www.definityfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
last-modified
Wed, 11 Aug 2021 16:01:25 GMT
server
keycdn-engine
x-amz-request-id
MAWQGN79R819D3J6
x-edge-location
atvi
etag
"bd6af804d2caa8b29612151a66dfe8c9"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
26844
x-amz-id-2
OQUCt6b2tIEjMafQzPtgze5zB8KfcE4H8qoo0+smecSKgBHRtko4YnShsBg4COfkc1XMTY5iS1w=
expires
Tue, 07 Mar 2023 13:18:17 GMT
collect
www.google-analytics.com/j/
3 B
215 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=2069980906&t=pageview&_s=1&dl=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&dp=%2FEnglish%2Foverview%2Fdefault.aspx&ul=en-us&de=UTF-8&dt=Home%20%7C%20Definity&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1218507554&gjid=832170756&cid=773869995.1678191497&tid=UA-195835768-8&_gid=553035014.1678191497&_r=1&_slc=1&cd1=Keyweb%20AG%20IP%20Network&cd2=(not%20set)&z=646669351
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.definityfinancial.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.definityfinancial.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
WebResource.axd
www.definityfinancial.com/
26 KB
7 KB
Script
General
Full URL
https://www.definityfinancial.com/WebResource.axd?d=x2nkrMJGXkMELz33nwnakMh5buNcZ-t3T4nCU0ZQt96Kk4JDhdv7pdb3Agzis1zDln1EUlimtVH-8O9nKu6Z_e6vBso1&t=637814437746327080
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/English/overview/default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sat, 26 Feb 2022 09:42:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7a42c7ba8d0d9219-FRA
content-length
7228
x-xss-protection
0
expires
Sat, 24 Feb 2024 00:07:39 GMT
xc9
www.definityfinancial.com/x0k461/e6c1b/
2 B
300 B
XHR
General
Full URL
https://www.definityfinancial.com/x0k461/e6c1b/xc9
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

X-NewRelic-ID
VQYBUlRVChACVlhbBQMCVlU=
Referer
https://www.definityfinancial.com/English/overview/default.aspx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.definityfinancial.com
content-type
text/plain; charset=UTF-8
access-control-allow-credentials
true
cf-ray
7a42c7baeda89219-FRA
content-length
2
optimize.js
www.google-analytics.com/gtm/
112 KB
44 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-T4QK89Z
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CJD3TD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b1ebf6037fd21e3d44a54eac5cd3fb416b7cd203aea47ac36a554a8543495ea8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45080
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Mar 2023 12:18:17 GMT
activityi;dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%...
12019998.fls.doubleclick.net/ Frame 856E
Redirect Chain
  • https://12019998.fls.doubleclick.net/activityi;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEngli...
  • https://12019998.fls.doubleclick.net/activityi;dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2...
527 B
459 B
Document
General
Full URL
https://12019998.fls.doubleclick.net/activityi;dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CJD3TD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f6.1e100.net
Software
cafe /
Resource Hash
dc6cc486f1f9097f3f5532a9c5eb42a5be34b15a05997771d065f68190b9e351
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.definityfinancial.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
283
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 12:18:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 12:18:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12019998.fls.doubleclick.net/activityi;dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/
107 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 12:18:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27907
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
ADCnSjBdP1bbqC5lAMP6y8ne8KX5aUlYZRmQK9FyF/a84QxsVqnImzInLZqX3wf9eVELlM77YBqbmgbp6DegYA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-vie6366-VIE
insight.min.js
snap.licdn.com/li.lms-analytics/
13 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=67181
accept-ranges
bytes
content-length
4777
trackpoint-async.js
s2.adform.net/banners/scripts/st/
78 KB
30 KB
Script
General
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 10:23:25 GMT
server
nginx
x-amz-request-id
tx00000b607f2982f72f17d-006385e0d3-3293868f-default
etag
W/"83eb5fafaa212c785f7393188ff817aa"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
js
www.googletagmanager.com/gtag/
217 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XJX4793JW4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CJD3TD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b595138d7f0fff065bce5b2d8cd71c13843340e420ad4c43f04213b38ba2d93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78081
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 Mar 2023 12:18:17 GMT
header-logo.png
s28.q4cdn.com/441925426/files/design/
3 KB
3 KB
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/design/header-logo.png
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
91dc4cbce55f9f23078fa77908a24a6bf63880b0c516361d2d9fed43dbfc6083

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
last-modified
Thu, 12 Aug 2021 18:40:03 GMT
server
keycdn-engine
x-amz-request-id
4MJEFQ7AC8Q0WZEF
x-edge-location
atvi
etag
"99330011fa990b061d05d305741f9e7f"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
2897
x-amz-id-2
GMWuSpV+fQIRKkY8886SvL2mMCBtrG9hj+EDpEudACYFtALdCKo5hDCNiUAR4/u2+0lVcL/bQ2I=
expires
Tue, 07 Mar 2023 13:18:17 GMT
icon_search_sm_wh.svg
s28.q4cdn.com/441925426/files/design/svg/
1 KB
864 B
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/design/svg/icon_search_sm_wh.svg
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
e5d8f173096cda564d1786279fa903be57ef7449dba90ebbe642aa373c0025f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
last-modified
Tue, 24 Aug 2021 13:31:53 GMT
server
keycdn-engine
x-amz-request-id
MAWQD5DPS4JK2GQH
x-edge-location
atvi
etag
W/"7427aa13c8b8904f058cead000224138"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
FR0a28YT5PiJ6sxeZ6RZkBxGgk+dpSVet33RiduDCuVJxioWgu6tWTz7rq+iyqe8QN78jYjdBs8=
expires
Tue, 07 Mar 2023 13:18:17 GMT
b38b8bd9-d96f-4bf9-add1-adbd2b08b802.woff2
s28.q4cdn.com/441925426/files/fonts/proxima-nova/400/
27 KB
27 KB
Font
General
Full URL
https://s28.q4cdn.com/441925426/files/fonts/proxima-nova/400/b38b8bd9-d96f-4bf9-add1-adbd2b08b802.woff2
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/fonts/proxima-nova/proxima-nova.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
e4b5a613f72d2679e4934c0ad6abe861c0c3d8f8455ec834bf67cb7826d08085

Request headers

Referer
https://s28.q4cdn.com/441925426/files/fonts/proxima-nova/proxima-nova.css
Origin
https://www.definityfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
last-modified
Wed, 11 Aug 2021 16:01:25 GMT
server
keycdn-engine
x-amz-request-id
MAWQMP8WGJ8GQWPX
x-edge-location
atvi
etag
"ec615e3f7f8a645016bfe2544fc7741a"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
27592
x-amz-id-2
3M2NAObKHChkoXZVEnH+IWegAFsR3ESqKeOosS4UA7Mp9ANAO7VPPRDklrYOycHl3wUoTmT7iMY=
expires
Tue, 07 Mar 2023 13:18:17 GMT
q4.stockQuote.1.0.17.min.js
widgets.q4app.com/widgets/
10 KB
10 KB
Script
General
Full URL
https://widgets.q4app.com/widgets/q4.stockQuote.1.0.17.min.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-93.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb5bd0ad819c8373380c7540d5112df8e036076cdd15d8005a733d9a2ad8f903

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 11:28:19 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jan 2022 14:39:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
3014
etag
"1a49b2c7c35cca61690f8c7875711cc4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10278
x-amz-cf-id
4vc3Xexrd4tM3m3-8VYyQzt-IfZpj0RfiIPbrXvLFg0QsIPH-we6RQ==
banner_home.jpg
s28.q4cdn.com/441925426/files/design/banner/
441 KB
442 KB
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/design/banner/banner_home.jpg
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b5f00036d74aeb7a055e96322248d897feeee3ddb0c5a7d4959cdcf8d227da14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
last-modified
Wed, 15 Sep 2021 18:24:40 GMT
server
keycdn-engine
x-amz-request-id
AVXP6T1MSVPY8XGY
x-edge-location
atvi
etag
"6e9a9da4b405edcbcc05c107e5fa8199"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
451422
x-amz-id-2
qAqz/fR8TCrkuQ6i4NfhH8Lhfy3gmIY871VTXTTaH5VeZreUTv7L3hsrKcTconaoi/aODh86pMw=
expires
Tue, 07 Mar 2023 13:18:17 GMT
c7dcb253-8dca-459b-aaa9-afef9131ef22.woff2
s28.q4cdn.com/441925426/files/fonts/proxima-nova/600/
27 KB
27 KB
Font
General
Full URL
https://s28.q4cdn.com/441925426/files/fonts/proxima-nova/600/c7dcb253-8dca-459b-aaa9-afef9131ef22.woff2
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/fonts/proxima-nova/proxima-nova.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
375a51a691270f1e41af679a671c6e07f4057d0d7287f7777982624c1ac55ce1

Request headers

Referer
https://s28.q4cdn.com/441925426/files/fonts/proxima-nova/proxima-nova.css
Origin
https://www.definityfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
last-modified
Wed, 11 Aug 2021 16:01:26 GMT
server
keycdn-engine
x-amz-request-id
MAWNSE19QZNGFW9R
x-edge-location
atvi
etag
"ff28b27978b5792c428e3f7b1c8c2f0d"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
27516
x-amz-id-2
4gdjBfwuC8G9+HLXA8+puYslF6bh0JaJTwi+I13pnStDfmte8yAarxfQO2c5ZiJLK9cj3bmvCDw=
expires
Tue, 07 Mar 2023 13:18:17 GMT
collect
www.google-analytics.com/j/
3 B
23 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2069980906&t=pageview&_s=1&dl=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&ul=en-us&de=UTF-8&dt=Home%20%7C%20Definity&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABQAAAACAAI~&jid=1026976371&gjid=983738906&cid=773869995.1678191497&tid=UA-196243751-1&_gid=553035014.1678191497&_r=1&_slc=1&gtm=45He3310n815CJD3TD&z=234897492
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.definityfinancial.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.definityfinancial.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
358685546026150
connect.facebook.net/signals/config/
377 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/358685546026150?v=2.9.98&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d81e135cea5a0d6219f662bc08274bab580524ffb5c2e7884a80245aafb37292
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 07 Mar 2023 12:18:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
1Pcd5Lz8WoH4uajQqO1migbW+8f8EQRE7ZHhwIxldUZu5SU9mNEvb3vpXjR+DiDbdM+NefkVjWdxE0Y1zVh9PQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
GetFullStockQuoteList
www.definityfinancial.com/feed/StockQuote.svc/
495 B
676 B
XHR
General
Full URL
https://www.definityfinancial.com/feed/StockQuote.svc/GetFullStockQuoteList?exchange=XTSE&symbol=DFY&pageSize=1
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac627d9e5b7eab2dae4b7fc28e8d383c20f614606ebb294410f1ec3ad183cd9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
VQYBUlRVChACVlhbBQMCVlU=
Referer
https://www.definityfinancial.com/English/overview/default.aspx
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Tue, 07 Mar 2023 12:16:25 GMT
x-newrelic-app-data
PxQGUVBQCgUCR1NQDggFVFEBBxFORDQHUjZKA1ZLVVFHDFYPHjRBC0tHAxETAVRaUwUREhoEGV5dHwYdUUsQFlRNXgddXBthRwpaCmAUXBYBGEQXBUx/VkQiFA5bYkMJB1pnRg0SBi5ZEUxAFAgaAh9VF1EEWANXUwUbTFdPGgEFXCNVBHV0IiUFD3FUUVRAHARZDktdaQ==
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60, stale-if-error=86400, stale-while-revalidate=86400
cf-ray
7a42c7bbdf0b9219-FRA
GetLookupList
www.definityfinancial.com/feed/Lookup.svc/
184 B
522 B
XHR
General
Full URL
https://www.definityfinancial.com/feed/Lookup.svc/GetLookupList?lookupType=indices
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d46bc0e1a448b40635dc376fb87c0abf20e5895e7093cca509497657274db248
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
VQYBUlRVChACVlhbBQMCVlU=
Referer
https://www.definityfinancial.com/English/overview/default.aspx
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-newrelic-app-data
PxQGUVBQCgUCR1NQDggFVFEBBxFORDQHUjZKA1ZLVVFHDFYPHjRBC0tHAxETAVRaUwUREhoEGV5dHwYdUUsQFlRNXgddXBt+XApSFEFPQBQHGXAEEi9XXFsRES5eQkNESAEYA05WTVIDVQhbAAAYHwJJGyN0JwVVIQV0V1QmCAdyUlRAG1dWChdUaw==
server
cloudflare
etag
0a82c659c37f24d6eb74778648ff6578
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7a42c7bbdf139219-FRA
content-length
184
aWrWX1YTv3nmY8rangMELQS4tDnKWiry.gif
cdn.vidyard.com/thumbnails/34582563/
Redirect Chain
  • https://play.vidyard.com/SCkT1bBhP1pdhgD9PoqCXK.jpg
  • https://cdn.vidyard.com/thumbnails/34582563/aWrWX1YTv3nmY8rangMELQS4tDnKWiry.gif
4 MB
4 MB
Image
General
Full URL
https://cdn.vidyard.com/thumbnails/34582563/aWrWX1YTv3nmY8rangMELQS4tDnKWiry.gif
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Server
18.66.97.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1b186bd97023274b1518744bcfd697e523dae9dfdc434deeb356f9ced3d2bf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 11:01:43 GMT
x-amz-version-id
h.8LXy3raBcTnFi41eNNIopczvATXdKU
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-P2
age
4595
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4057937
last-modified
Fri, 24 Feb 2023 13:46:33 GMT
server
AmazonS3
etag
"d0274367b4b078f70839504d73bd0b54"
vary
Origin
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
Yaghhhr_HYsQfP3KErl9FZFSNiDekG5necwXOBmMDL5ACdyiHBYyJw==

Redirect headers

date
Tue, 07 Mar 2023 12:18:17 GMT
via
1.1 varnish
strict-transport-security
max-age=31557600
age
658522
x-cache
HIT
content-length
102
x-served-by
cache-hhn-etou8220046-HHN
x-china
0
referrer-policy
no-referrer-when-downgrade
x-timer
S1678191498.651499,VS0,VE1
vary
Accept, X-China, accept-language
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
https://cdn.vidyard.com/thumbnails/34582563/aWrWX1YTv3nmY8rangMELQS4tDnKWiry.gif
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
v4.js
play.vidyard.com/embed/
70 KB
23 KB
Script
General
Full URL
https://play.vidyard.com/embed/v4.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e1087874174af97be4996b958d8cbd472e5f0efe849481408ea25fc44c55ee9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
1
date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31557600
age
1207632
x-cache
HIT
content-length
22974
x-served-by
cache-hhn-etou8220046-HHN
x-china
0
last-modified
Tue, 07 Feb 2023 20:47:48 GMT
etag
"afece324b241ff0dfff9b6548ef703d6"
vary
X-China, accept-language, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
q4-icons.woff2
d1azc1qln24ryf.cloudfront.net/50912/Q4studioclassic2018na1/
13 KB
13 KB
Font
General
Full URL
https://d1azc1qln24ryf.cloudfront.net/50912/Q4studioclassic2018na1/q4-icons.woff2?5j2dpc
Requested by
Host: d1azc1qln24ryf.cloudfront.net
URL: https://d1azc1qln24ryf.cloudfront.net/50912/Q4studioclassic2018na1/style-cf.css?5j2dpc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-107.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bdb53e52d34362ef53a9dac0189ac48183f5f91ef18575796450c8084c2b17b

Request headers

Referer
https://d1azc1qln24ryf.cloudfront.net/50912/Q4studioclassic2018na1/style-cf.css?5j2dpc
Origin
https://www.definityfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 20:02:51 GMT
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1354527
x-cache
Hit from cloudfront
content-length
13012
last-modified
Fri, 07 May 2021 09:24:50 GMT
server
AmazonS3
etag
"e1e28a829d94e9a43872a987dbe61abf"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31000000
accept-ranges
bytes
x-amz-cf-id
ZknfFZaph_z_1nyMqT4pwOFkVQJw0JCq772WyemEDMTxJT-6LZc8zA==
icon_plus_wh.svg
s28.q4cdn.com/441925426/files/design/svg/
896 B
1 KB
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/design/svg/icon_plus_wh.svg
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2c16499f38c26c457d23697caba5743d623dc7318463c6a8c0ff39d15552fedb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
last-modified
Tue, 24 Aug 2021 13:31:53 GMT
server
keycdn-engine
x-amz-request-id
AVXWZGKAQ0KZ3FS4
x-edge-location
atvi
etag
"45ee3ec581e4cd5372a669992d79961d"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
896
x-amz-id-2
MZx95TQQhozD0Ypz25CX9oVp8t8cLYUndCo1TFVv2KTaa3gOi9lsfXf/YeEhBqqQIozXl/kNOs4=
expires
Tue, 07 Mar 2023 13:18:17 GMT
GetFinancialReportYearList
www.definityfinancial.com/feed/FinancialReport.svc/
48 B
354 B
XHR
General
Full URL
https://www.definityfinancial.com/feed/FinancialReport.svc/GetFinancialReportYearList?LanguageId=1&reportTypes=First%20Quarter%7CSecond%20Quarter%7CThird%20Quarter%7CFourth%20Quarter&reportSubType%5B%5D=First%20Quarter&reportSubType%5B%5D=Second%20Quarter&reportSubType%5B%5D=Third%20Quarter&reportSubType%5B%5D=Fourth%20Quarter&reportSubTypeList%5B%5D=First%20Quarter&reportSubTypeList%5B%5D=Second%20Quarter&reportSubTypeList%5B%5D=Third%20Quarter&reportSubTypeList%5B%5D=Fourth%20Quarter&tagList=
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b8f53d7a1646c331f487d955301c25b7e6846a298ca5319b51b13b9307c795
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
VQYBUlRVChACVlhbBQMCVlU=
Referer
https://www.definityfinancial.com/English/overview/default.aspx
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-newrelic-app-data
PxQGUVBQCgUCR1NQDggFVFEBBxFORDQHUjZKA1ZLVVFHDFYPHjRBC0tHAxETAVRaUwUREhoEGV5dHwYdUUsQFlRNXgddXBt0WgtYD1IIUg42U0cOFBcWQEYHTiVSRXEPClBYUAsHDzBVElcQTGFRU0EpUBJFQx9SSgYHUV9aDQccVE9SAwIDUlwJGh5TSkEnBFEIJgoLBHcEUHsnA1lxQEhQVg0VBmU=
server
cloudflare
etag
02d8fb740e031a8f288ca9224fb8b4c8
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7a42c7bbef309219-FRA
content-length
48
GetFinancialReportYearList
www.definityfinancial.com/feed/FinancialReport.svc/
48 B
317 B
XHR
General
Full URL
https://www.definityfinancial.com/feed/FinancialReport.svc/GetFinancialReportYearList?LanguageId=1&reportTypes=Annual%20Report&reportSubType%5B%5D=Annual%20Report&reportSubTypeList%5B%5D=Annual%20Report&tagList=
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b8f53d7a1646c331f487d955301c25b7e6846a298ca5319b51b13b9307c795
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
VQYBUlRVChACVlhbBQMCVlU=
Referer
https://www.definityfinancial.com/English/overview/default.aspx
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-newrelic-app-data
PxQGUVBQCgUCR1NQDggFVFEBBxFORDQHUjZKA1ZLVVFHDFYPHjRBC0tHAxETAVRaUwUREhoEGV5dHwYdUUsQFlRNXgddXBt0WgtYD1IIUg42U0cOFBcWQEYHTiVSRXEPClBYUAsHDzBVElcQTGFRU0EpUBJFQx9SSgYbUUhTCwIDUlFTGxwGSkYCDwJXVVpSByF5Ww19dnB3RxUHUA1ABzk=
server
cloudflare
etag
8a8949ec5176e08d3fed9efd63b11fe8
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7a42c7bbff389219-FRA
content-length
48
q4.slideshow.1.1.6.min.js
widgets.q4app.com/widgets/
3 KB
4 KB
Script
General
Full URL
https://widgets.q4app.com/widgets/q4.slideshow.1.1.6.min.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-93.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e056093dd194e1558318663a22d5459ccaace80f56a3bb81aef48effc3db5195

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 11:29:59 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
last-modified
Wed, 08 Feb 2023 15:47:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
2947
x-amz-server-side-encryption
AES256
etag
"8f64d6645298cdc74803fb0ed39bf3f3"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
3249
x-amz-cf-id
orb9ZMh4ImoKBlV_hnuPDBgfhKqi9sIRmR0r0wsxraomE4utwifQJQ==
collect
region1.google-analytics.com/g/
0
261 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XJX4793JW4&gtm=45je3310&_p=2069980906&cid=773869995.1678191497&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678191497&sct=1&seg=0&dl=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&dt=Home%20%7C%20Definity&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XJX4793JW4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.definityfinancial.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon_chevron_mb.svg
s28.q4cdn.com/441925426/files/design/svg/
250 B
610 B
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/design/svg/icon_chevron_mb.svg
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2234c10509f7ed245592c4456c11bc033e3036ccef641e6c78499e76b538fea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
last-modified
Tue, 24 Aug 2021 13:31:49 GMT
server
keycdn-engine
x-amz-request-id
AVXRMQ0RKGSCTE7N
x-edge-location
atvi
etag
"d634e1272c5cc8207c20dfc3773121a2"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
250
x-amz-id-2
oKIjHdz8ibMp83SJLq2Th8YO005e0V64/dMxHNpDvQ1gzV5N8StykVIyRA7ioWoomPCjDOHWKRw=
expires
Tue, 07 Mar 2023 13:18:17 GMT
token
cdn.linkedin.oribi.io/partner/4033209/domain/definityfinancial.com/
36 B
370 B
XHR
General
Full URL
https://cdn.linkedin.oribi.io/partner/4033209/domain/definityfinancial.com/token
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.definityfinancial.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30260
x-amz-cf-id
L1flj9Rv6i72gJvEc6NdYiD_HDGcDUzzqVtAp4-hKewI_HaDR_bHvQ==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4033209&time=1678191497624&url=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4033209%26time%3D1678191497624%26url%3Dhttps%253A%252F%252Fwww.definityfinancial....
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4033209&time=1678191497624&url=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4033209&time=1678191497624&url=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&liSync=true&e_ipv6=AQKT2EC4vY8jmgAAAYa...
0
265 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4033209&time=1678191497624&url=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&liSync=true&e_ipv6=AQKT2EC4vY8jmgAAAYa8AhTV9gRSQv2LLmcbHxvWte2-SavTuKqcCDh1tvBDurCZ-YuFPUeMXxP8
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:18 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B30FFD9191F2470EB29D03FB631FF0BC Ref B: FRAEDGE1107 Ref C: 2023-03-07T12:18:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX2TmglRN62vBDXZoAIMw==

Redirect headers

date
Tue, 07 Mar 2023 12:18:18 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 36CAA7C7314B4778913A0FB63F1C84B6 Ref B: DUS30EDGE0715 Ref C: 2023-03-07T12:18:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4033209&time=1678191497624&url=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&liSync=true&e_ipv6=AQKT2EC4vY8jmgAAAYa8AhTV9gRSQv2LLmcbHxvWte2-SavTuKqcCDh1tvBDurCZ-YuFPUeMXxP8
x-li-proto
http/2
content-length
0
x-li-uuid
AAX2TmghO1ho3V+UUtj8gQ==
GetEventYearList
www.definityfinancial.com/feed/Event.svc/
38 B
306 B
XHR
General
Full URL
https://www.definityfinancial.com/feed/Event.svc/GetEventYearList?LanguageId=1&eventSelection=3&eventDateFilter=3&includeFinancialReports=true&includePresentations=true&includePressReleases=true&sortOperator=1&tagList=
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86b8242df573fa67adef74c57298a5c20870479af9df5afc37d6b281dc3f2160
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
VQYBUlRVChACVlhbBQMCVlU=
Referer
https://www.definityfinancial.com/English/overview/default.aspx
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-newrelic-app-data
PxQGUVBQCgUCR1NQDggFVFEBBxFORDQHUjZKA1ZLVVFHDFYPHjRBC0tHAxETAVRaUwUREhoEGV5dHwYdUUsQFlRNXgddXBt3RQBXFR8SRQFLcVIVIxVdXUQ9BANFfV4VEBMaA0xWT1IeUgtUCwoCBR9ICE0TUAojVgdyIldQCgQHVCBaBhMbAAVdRVY/
server
cloudflare
etag
0da5f291d1803f581f1036028a8b25c2
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7a42c7bc3fb39219-FRA
content-length
38
GetPressReleaseYearList
www.definityfinancial.com/feed/PressRelease.svc/
50 B
151 B
XHR
General
Full URL
https://www.definityfinancial.com/feed/PressRelease.svc/GetPressReleaseYearList?LanguageId=1&bodyType=0&pressReleaseDateFilter=3&categoryId=1cb807d2-208f-4bc3-9133-6a9ad45ac3b0&tagList=
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a37a0cd08098fea28b8afd16177126a9e12adc01b1100eeddcdf74f641a44534
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
VQYBUlRVChACVlhbBQMCVlU=
Referer
https://www.definityfinancial.com/English/overview/default.aspx
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
server
cloudflare
etag
7cc19a4d651e13862df0c7cef307263a
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7a42c7bc3fb69219-FRA
content-length
50
api.js
www.google.com/recaptcha/
924 B
907 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onLoad__ctrl0_ctl30_recaptcha&render=explicit
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
861ad3ceed0c41bb7363410861e010621652f4670e25d8bcfa67d8a21a38f2e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
587
x-xss-protection
1; mode=block
expires
Tue, 07 Mar 2023 12:18:17 GMT
EconomicalLogo_Wh.svg
s28.q4cdn.com/441925426/files/images/logos/
4 KB
2 KB
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/images/logos/EconomicalLogo_Wh.svg
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
ebc7a1f7bc2cf81033501e61cbd97e2b26fb75d9c454c285341c32f440622ede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 15:02:57 GMT
server
keycdn-engine
x-amz-request-id
4MJ0D7AWQ7ZX6ZRH
x-edge-location
atvi
etag
W/"14fafcdeb71bdb59b7fc1792c138224c"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
4FOmzz5hpoo/jVAkYGjvhGYq5wroWdz5PvnkTrqOjzOinLFEdT3HyPWLgy9X0zq7f/1PxU9mUk0=
expires
Tue, 07 Mar 2023 13:18:17 GMT
SonnetLogo_Wh.svg
s28.q4cdn.com/441925426/files/images/logos/
2 KB
1 KB
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/images/logos/SonnetLogo_Wh.svg
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
28f7171e64b188c70d6bab2b90164bcdf64735d2f7addce229c148daec8af61f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 15:02:57 GMT
server
keycdn-engine
x-amz-request-id
4MJ9PG05XPMBFWM0
x-edge-location
atvi
etag
W/"bd1ce0090d99ed9bdc244408684e6f9e"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
+P+5/xuvTdGOmRpVDZ3vK/+UG7warzKT/Iyf03Ei7wf5qIqrRi0PLdvDkvoC68WL/UXeeu5Vkf8=
expires
Tue, 07 Mar 2023 13:18:17 GMT
FamilyLogo_Wh.svg
s28.q4cdn.com/441925426/files/images/logos/
5 KB
2 KB
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/images/logos/FamilyLogo_Wh.svg
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b5c3b1b26ab70c18edf9dd2f40719975ee41f3df7f80ca913a64a2048279337a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 15:02:57 GMT
server
keycdn-engine
x-amz-request-id
4MJ26B3M78BMMY6M
x-edge-location
atvi
etag
W/"5c6ed0d8652c71fdb9772d55077e8fcc"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
Cf6kHVDSq8/dRDTm1+hOq803KDbRUDs4Q4MEtDNY8MISr0+/iFDOYbqSq+hrlRRPCX6LArvpD80=
expires
Tue, 07 Mar 2023 13:18:17 GMT
PetlineLogo_Wh.svg
s28.q4cdn.com/441925426/files/images/logos/
4 KB
2 KB
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/images/logos/PetlineLogo_Wh.svg
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a50b8bbaff3dbbd53a5e591f402805de19bd23796b1c7008ca70fed59dad3f33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 15:02:57 GMT
server
keycdn-engine
x-amz-request-id
4MJ6BZQN312MGY1V
x-edge-location
atvi
etag
W/"d2f7db300cdd1f1aea27f3f2cc75ace8"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
30ZU6vbIkLper88XeguDP3JOjNpmr+L1pQoFXpJfBjzer22uV3e75//lUw0IaotX+85dBWEvWgY=
expires
Tue, 07 Mar 2023 13:18:17 GMT
banner_long.jpg
s28.q4cdn.com/441925426/files/design/banner/
448 KB
449 KB
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/design/banner/banner_long.jpg
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
88d2dd3fbf9e6e1a27fff2c10c2d2add31135e5936196d2ece2d96ff3be4940a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
last-modified
Wed, 15 Sep 2021 18:24:45 GMT
server
keycdn-engine
x-amz-request-id
AVXHHEKVFZ7DXG26
x-edge-location
atvi
etag
"2f2e9e24086a4eae1c71132ce14e5a85"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
458457
x-amz-id-2
Qd6bjZ3I4/NTf9yOvFxyrAKNKrxvQj5NVyiwy1RN45g2+vO18PiYeWH6CaIf6N5SEcIRcAXXvrU=
expires
Tue, 07 Mar 2023 13:18:17 GMT
icon_new-window_wh.svg
s28.q4cdn.com/441925426/files/design/icon/
1 KB
936 B
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/design/icon/icon_new-window_wh.svg
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
ce7dad344e74c98ee25de7eadc281e27cf3928ee17ae7f66b453e35f4b81a4f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 14:00:10 GMT
server
keycdn-engine
x-amz-request-id
AVXTFHRAHJSPY95P
x-edge-location
atvi
etag
W/"0c28570c0a0ec5fc301dbfa01fed8078"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
Vmj/a8KVsyHuTph6ZNCgqxgRGIyDedl5ah/w4qAYaI+pmM3CKICWSJsm/MqSsOh4HGwfM3/MICM=
expires
Tue, 07 Mar 2023 13:18:17 GMT
q4.cookiemonster.0.1.5.min.js
widgets.q4app.com/widgets/
15 KB
16 KB
Script
General
Full URL
https://widgets.q4app.com/widgets/q4.cookiemonster.0.1.5.min.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-93.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59aeb89c50a0e4ba6fa7ca4c150b956f7e06a461ac3e092e6c9ccb10fdccf1e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 11:41:04 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jan 2022 14:39:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
2257
etag
"d1592062d6e670c12c09c70296bea6d1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15868
x-amz-cf-id
Y1li3HdhgEEQQukQaQLhTPx_qlDO0FVcevcOhkuy87vBul991Cw6iw==
jquery.waypoints.min.js
s28.q4cdn.com/441925426/files/js/
9 KB
3 KB
Script
General
Full URL
https://s28.q4cdn.com/441925426/files/js/jquery.waypoints.min.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 19:19:48 GMT
server
keycdn-engine
x-amz-request-id
AVXNFBXTJT878QM6
x-edge-location
atvi
etag
W/"7d05f92297dede9ecfe3706efb95677a"
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
cS+azcTgVN7uaziZRhDvtnYA+uwWjd+NsNVhl58L8k0DLgRwE2XVKiOvT8gAtrvwahzbK8emxlk=
expires
Tue, 07 Mar 2023 13:18:17 GMT
icon_close_wh.svg
s28.q4cdn.com/441925426/files/design/svg/
598 B
961 B
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/design/svg/icon_close_wh.svg
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0963a3a45d7b2998b677067b5bd8378817758ec0973f3fa1d1a13ea7f1a9ed19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
last-modified
Tue, 24 Aug 2021 13:31:50 GMT
server
keycdn-engine
x-amz-request-id
MAWTR4CP49CTVYH6
x-edge-location
atvi
etag
"a5c6533d432d102e0e72925a9227bae3"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
598
x-amz-id-2
wY4LMXGSNc+PV4RKmHLL6k8ee+BQG/Je5Rw9ncEuFfkXf4/ylJqjkJn/s0JNnvIRHwMVGiVEUXI=
expires
Tue, 07 Mar 2023 13:18:17 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=358685546026150&ev=PageView&dl=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&rl=&if=false&ts=1678191497712&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678191497711.1553309052&it=1678191497558&coo=false&rqm=GET
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 07 Mar 2023 12:18:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
a2.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://a2.adform.net/Serving/TrackPoint/?pm=2529091&ADFdivider=%7C&ord=186590622397&ADFtpmode=2&loc=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&Set1=en-US%7Cen-US%7...
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2529091&ADFdivider=%7C&ord=186590622397&ADFtpmode=2&loc=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&Set1=en-US%7Cen...
872 B
1 KB
Script
General
Full URL
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2529091&ADFdivider=%7C&ord=186590622397&ADFtpmode=2&loc=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f7ec85bdd0b5de19c3985f736db0d9f85b95434f2c09bcbfef3afc9844b36e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
704
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html; charset=utf-8
location
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2529091&ADFdivider=%7C&ord=186590622397&ADFtpmode=2&loc=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
jquery.counterup.min.js
s28.q4cdn.com/441925426/files/js/
2 KB
1 KB
Script
General
Full URL
https://s28.q4cdn.com/441925426/files/js/jquery.counterup.min.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b8985337c167aa4e6e5296ffa6fd288e65bcd4e0da8f82439726f961f6f733da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 19:19:47 GMT
server
keycdn-engine
x-amz-request-id
AVXTK5CWRS5RHYTK
x-edge-location
atvi
etag
W/"5b172bae8311e6a555130ed5c1f5d309"
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
hJ0tkpv2f5wR1z3zte2gMHri+dBpf9Nc9CEMJk8IuUYtQqTZ0eigp+7IqHDNCNa5MhrpagHaDgM=
expires
Tue, 07 Mar 2023 13:18:17 GMT
GetFullStockQuoteList
www.definityfinancial.com/feed/StockQuote.svc/
495 B
411 B
XHR
General
Full URL
https://www.definityfinancial.com/feed/StockQuote.svc/GetFullStockQuoteList?exchange=XTSE&symbol=DFY&pageSize=1
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac627d9e5b7eab2dae4b7fc28e8d383c20f614606ebb294410f1ec3ad183cd9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
VQYBUlRVChACVlhbBQMCVlU=
Referer
https://www.definityfinancial.com/English/overview/default.aspx
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 07 Mar 2023 12:16:25 GMT
x-newrelic-app-data
PxQGUVBQCgUCR1NQDggFVFEBBxFORDQHUjZKA1ZLVVFHDFYPHjRBC0tHAxETAVRaUwUREhoEGV5dHwYdUUsQFlRNXgddXBthRwpaCmAUXBYBGEQXBUx/VkQiFA5bYkMJB1pnRg0SBi5ZEUxAFAgaAh9VF1EEWANXUwUbTFdPGgEFXCNVBHV0IiUFD3FUUVRAHARZDktdaQ==
server
cloudflare
age
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60, stale-if-error=86400, stale-while-revalidate=86400
cf-ray
7a42c7bcf8bd9219-FRA
GetFinancialReportList
www.definityfinancial.com/feed/FinancialReport.svc/
1003 B
1 KB
XHR
General
Full URL
https://www.definityfinancial.com/feed/FinancialReport.svc/GetFinancialReportList?LanguageId=1&reportTypes=Annual%20Report&reportSubType%5B%5D=Annual%20Report&reportSubTypeList%5B%5D=Annual%20Report&pageSize=1&pageNumber=0&tagList=&includeTags=true&year=-1&excludeSelection=1
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cd3da3143e23537800f2e78e16ca191b6eb6bd2fc5e186745e0521f7dc1a3f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
VQYBUlRVChACVlhbBQMCVlU=
Referer
https://www.definityfinancial.com/English/overview/default.aspx
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 07 Mar 2023 12:18:18 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-newrelic-app-data
PxQGUVBQCgUCR1NQDggFVFEBBxFORDQHUjZKA1ZLVVFHDFYPHjRBC0tHAxETAVRaUwUREhoEGV5dHwYdUUsQFlRNXgddXBt0WgtYD1IIUg42U0cOFBcWQEYHTiVSRXEPClBYUAsHDzBVElcQTHRdQUdHFVEfUR9SSgYBVVVUDgIcSVBOFQl0VFxycgRaICckcVAKWw4aGFRSCUoEbA==
server
cloudflare
etag
8eb2540bf01f4df6c3554aecdf0e77bc
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7a42c7bcf8c59219-FRA
content-length
1003
anti-csrf.js
www.definityfinancial.com/js/
2 KB
1 KB
Script
General
Full URL
https://www.definityfinancial.com/js/anti-csrf.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64deea8d3844605b4884ce523931c6582ee35e02eec9c531047a8201cc768a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/English/overview/default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
content-length
822
x-xss-protection
1; mode=block
last-modified
Tue, 21 Feb 2023 17:32:24 GMT
server
cloudflare
etag
95dfb627da1c690bd6d1a958217edc00
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7a42c7bd08cb9219-FRA
GetFinancialReportList
www.definityfinancial.com/feed/FinancialReport.svc/
4 KB
4 KB
XHR
General
Full URL
https://www.definityfinancial.com/feed/FinancialReport.svc/GetFinancialReportList?LanguageId=1&reportTypes=First%20Quarter%7CSecond%20Quarter%7CThird%20Quarter%7CFourth%20Quarter&reportSubType%5B%5D=First%20Quarter&reportSubType%5B%5D=Second%20Quarter&reportSubType%5B%5D=Third%20Quarter&reportSubType%5B%5D=Fourth%20Quarter&reportSubTypeList%5B%5D=First%20Quarter&reportSubTypeList%5B%5D=Second%20Quarter&reportSubTypeList%5B%5D=Third%20Quarter&reportSubTypeList%5B%5D=Fourth%20Quarter&pageSize=1&pageNumber=0&tagList=&includeTags=true&year=-1&excludeSelection=1
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc74a0054e45c0b08a01b50600340ca302c5500fdad9d4bb5d9dd24a0f5de43a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
VQYBUlRVChACVlhbBQMCVlU=
Referer
https://www.definityfinancial.com/English/overview/default.aspx
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
server
cloudflare
etag
c731f5dbe31708f351dbfcdf7c615657
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7a42c7bd08d59219-FRA
content-length
4316
adsct
t.co/i/
43 B
378 B
Image
General
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=d38289e9-e86a-48b8-90c6-dd7ea7693c64&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9ece9d49-da78-43bf-8274-966c4e354b3c&tw_document_href=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o747o&type=javascript&version=2.3.29
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time
112
date
Tue, 07 Mar 2023 12:18:17 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
e28a7b4ced8f2918
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
fbfdc7b4b4f99dd0592d159e601f5e6c72b4602b5aa598939aef30efaff3d338
content-length
43
adsct
analytics.twitter.com/i/
43 B
396 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d38289e9-e86a-48b8-90c6-dd7ea7693c64&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9ece9d49-da78-43bf-8274-966c4e354b3c&tw_document_href=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o747o&type=javascript&version=2.3.29
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time
111
date
Tue, 07 Mar 2023 12:18:17 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
e636042dd1de3355
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
a85b2df451bcec3d1917af1fca92a895c073faf5fd0d796dffaddfbca965dbb8
content-length
43
recaptcha__de.js
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/
406 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onLoad__ctrl0_ctl30_recaptcha&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5624122d7b5604eb5ee4f280f6d672adcfc31a456beb4b54432dda0e00ee9672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.definityfinancial.com/
Origin
https://www.definityfinancial.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 08:44:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166129
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 18:46:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 08:44:56 GMT
GetPressReleaseList
www.definityfinancial.com/feed/PressRelease.svc/
3 KB
3 KB
XHR
General
Full URL
https://www.definityfinancial.com/feed/PressRelease.svc/GetPressReleaseList?LanguageId=1&bodyType=0&pressReleaseDateFilter=3&categoryId=1cb807d2-208f-4bc3-9133-6a9ad45ac3b0&pageSize=3&pageNumber=0&tagList=&includeTags=true&year=-1&excludeSelection=1
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28f7e58ec68292ae7717379a7965da89601a05ef3ebda359c2ee217a5eba7ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
VQYBUlRVChACVlhbBQMCVlU=
Referer
https://www.definityfinancial.com/English/overview/default.aspx
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
server
cloudflare
etag
7bbd6291b2164f71466674a06b452fc1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7a42c7bd494c9219-FRA
content-length
2780
GetEventList
www.definityfinancial.com/feed/Event.svc/
3 KB
3 KB
XHR
General
Full URL
https://www.definityfinancial.com/feed/Event.svc/GetEventList?LanguageId=1&eventSelection=3&eventDateFilter=3&includeFinancialReports=true&includePresentations=true&includePressReleases=true&sortOperator=1&pageSize=3&pageNumber=0&tagList=&includeTags=true&year=-1&excludeSelection=1
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25da29519e67617333fd51b4099041cad1604bd924480a7c9feac9ec1df22edb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-NewRelic-ID
VQYBUlRVChACVlhbBQMCVlU=
Referer
https://www.definityfinancial.com/English/overview/default.aspx
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
server
cloudflare
etag
ce151ac7f38cb6f78ce0d624f0ae3bac
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7a42c7bd596a9219-FRA
content-length
3285
dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview...
adservice.google.com/ddm/fls/i/ Frame 3183
526 B
661 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx
Requested by
Host: 12019998.fls.doubleclick.net
URL: https://12019998.fls.doubleclick.net/activityi;dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4eebfb782bd1274127af7e0237c2873d2b16487b464d46703612279837c4ad16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12019998.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
286
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 12:18:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
q4logincallback.aspx
www.definityfinancial.com/ Frame BB4D
Redirect Chain
  • https://login.q4inc.com/authorize?client_id=gKrDY1E9BUSWfU7DGuW2CO4rjdskiNg7&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=2Snm6Ww9p18tmIiJ5xuvK3fXlI&state=eyJhbGciOiJ...
  • https://auth.platform.q4inc.com/auth/publicAuthRedirect?error=login_required&error_description=Login%20required&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiI...
  • https://www.definityfinancial.com/q4logincallback.aspx?error=400
27 KB
12 KB
Document
General
Full URL
https://www.definityfinancial.com/q4logincallback.aspx?error=400
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/js/typescript/dist/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
971020c6d474960c7322a5520583aced2efe471f8ffbb4987ebb44b248629ca7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.definityfinancial.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
REVALIDATED
cf-ray
7a42c7c2e94b9219-FRA
content-encoding
gzip
content-length
12060
content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 12:18:18 GMT
etag
10f61fd36fe66f56026f2b648e0d4c66
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-type
application/json
date
Tue, 07 Mar 2023 12:18:18 GMT
location
https://www.definityfinancial.com/q4logincallback.aspx?error=400
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
x-amz-apigw-id
BaO9tEjNoAMFSIg=
x-amz-cf-id
PXILMK7JPolp841yQRhDQ927kgic7YBEz8fgzsdvjkZeI9uyxIK-Fw==
x-amz-cf-pop
FRA60-P1
x-amzn-requestid
da394677-7fd9-4880-87c0-4060b5a7bb76
x-amzn-trace-id
Root=1-64072b8a-09019d73758a404f7d08f5c0;Sampled=0
x-cache
Miss from cloudfront
js
www.googletagmanager.com/gtag/
112 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-196243751-1&l=dataLayer&cx=c
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/gtm/optimize.js?id=OPT-T4QK89Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9a178b5b095df341ad5779abcaf6a8e70a05547556ca6b51ad92157e3ff3110e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44807
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Mar 2023 12:18:17 GMT
icon_file-pdf_il_db.svg
s28.q4cdn.com/441925426/files/design/svg/
2 KB
1 KB
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/design/svg/icon_file-pdf_il_db.svg
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f426a30534d35f7a7558d8592a1482aaa3245e4f24a5f9260e2a1e4124421e47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:18 GMT
content-encoding
gzip
last-modified
Tue, 24 Aug 2021 13:31:50 GMT
server
keycdn-engine
x-amz-request-id
8T5P17C7V81JEA4K
x-edge-location
atvi
etag
W/"e6c423bc14b4e2dc39da70aafca0224a"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-id-2
fPyDWWgozIPRL+KdycHRURhOucs9SSbBfkqo6Lq7suwGU2MdRz5trZMxy07xPKgys7tfQVjIOTI=
expires
Tue, 07 Mar 2023 13:18:18 GMT
icon_chevron_db.svg
s28.q4cdn.com/441925426/files/design/svg/
248 B
611 B
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/design/svg/icon_chevron_db.svg
Requested by
Host: s28.q4cdn.com
URL: https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f5887f86b663207b454f64886611b8de47ecee244ebd6525fe2b4643bf08192f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s28.q4cdn.com/441925426/files/css/global.css?v=53077
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:18 GMT
last-modified
Tue, 24 Aug 2021 13:31:49 GMT
server
keycdn-engine
x-amz-request-id
8T5KC27292WY8VEH
x-edge-location
atvi
etag
"375556b39ed6832baf45f0aceebbd41a"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
248
x-amz-id-2
TKvS06llvH++ewJOgD5TwJbrBYqVhMe0RjA4RsFWvgMPBB2FwxZ3uqUBDF3I7IPumHVEUxek+4U=
expires
Tue, 07 Mar 2023 13:18:18 GMT
dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview...
adservice.google.de/ddm/fls/i/ Frame AD08
194 B
515 B
Document
General
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJ_q1sDmyf0CFZKVmwodweIAYA;src=12019998;type=invmedia;cat=rp-de0;ord=7502202666500;gtm=45He3310;auiddc=258139497.1678191497;~oref=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 12:18:18 GMT
expires
Tue, 07 Mar 2023 12:18:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 8B22
45 KB
24 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W&co=aHR0cHM6Ly93d3cuZGVmaW5pdHlmaW5hbmNpYWwuY29tOjQ0Mw..&hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=z7gfarinik0n
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
251608debcc583dc67ca45af8f39cb97c4522ae7bd8649be552553fd8f2c3181
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3WXvz3TkUh_l3PaGSoLkgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.definityfinancial.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
24430
content-security-policy
script-src 'report-sample' 'nonce-3WXvz3TkUh_l3PaGSoLkgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 12:18:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Definity_Cover_Logo_web-240x300.jpg
s28.q4cdn.com/441925426/files/doc_financials/
14 KB
14 KB
Image
General
Full URL
https://s28.q4cdn.com/441925426/files/doc_financials/Definity_Cover_Logo_web-240x300.jpg
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
bf602814caceaf9f87b68a5b4e738df35f0702b029340227d5c68d440af68d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:18 GMT
last-modified
Fri, 11 Mar 2022 19:36:45 GMT
server
keycdn-engine
x-amz-request-id
MAWSTSK17MJ1TKHW
x-edge-location
atvi
etag
"0df677b9daf6e8558cf419e0c37abc3e"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
14215
x-amz-id-2
PmwlzqdSemLdUwlRS4eo5SR1dYIPhaQWPNOi4nNwkpL880PhJVzc2IgdkLFeDKIn/vy6vHaoIEg=
expires
Tue, 07 Mar 2023 13:18:18 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame 8B22
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W&co=aHR0cHM6Ly93d3cuZGVmaW5pdHlmaW5hbmNpYWwuY29tOjQ0Mw..&hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=z7gfarinik0n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 22:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
569316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 18:46:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Feb 2024 22:09:42 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame 8B22
406 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W&co=aHR0cHM6Ly93d3cuZGVmaW5pdHlmaW5hbmNpYWwuY29tOjQ0Mw..&hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=z7gfarinik0n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5624122d7b5604eb5ee4f280f6d672adcfc31a456beb4b54432dda0e00ee9672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 08:44:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166129
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 18:46:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 08:44:56 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 8B22
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W&co=aHR0cHM6Ly93d3cuZGVmaW5pdHlmaW5hbmNpYWwuY29tOjQ0Mw..&hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=z7gfarinik0n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b8ff88a7e8929aa6842a0a31663d71e50c66679b7e225081f2c10b5bec45ca97
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W&co=aHR0cHM6Ly93d3cuZGVmaW5pdHlmaW5hbmNpYWwuY29tOjQ0Mw..&hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=z7gfarinik0n
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 07 Mar 2023 12:18:18 GMT
bframe
www.google.com/recaptcha/api2/ Frame 67A1
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3480996958f1616d4e126e2f1c6b0e2ec21ac672d5f6dc81873f8d123fe8d5cf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SyBJNz2_BRRW_Kf1_sASRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.definityfinancial.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1121
content-security-policy
script-src 'report-sample' 'nonce-SyBJNz2_BRRW_Kf1_sASRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 12:18:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame 67A1
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 22:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
569316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 18:46:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Feb 2024 22:09:42 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame 67A1
406 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5624122d7b5604eb5ee4f280f6d672adcfc31a456beb4b54432dda0e00ee9672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 08:44:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166129
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 18:46:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 08:44:56 GMT
pixels
c1.adform.net/imatch/ Frame AD2A
5 KB
2 KB
Document
General
Full URL
https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2529091&ADFdivider=%7C&ord=186590622397&ADFtpmode=2&loc=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
eb011a6cfa6d3d95eaeb1e0eb03bdda3b39f73cce379444e3c29592f05cb857b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.definityfinancial.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 12:18:18 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
a1.seadform.net/serving/cookie/sync/
35 B
334 B
Image
General
Full URL
https://a1.seadform.net/serving/cookie/sync/?uid=713663938463873976&stamp=08rwh_0-opkDvP-67D9Y4w2
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Mar 2023 12:18:18 GMT
cache-control
private
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
reload
www.google.com/recaptcha/api2/ Frame 67A1
39 KB
24 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
efe025862957bb6882ce8d147042fda1073ba42e9abc4f4456231371b81ffc6c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 07 Mar 2023 12:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24065
x-xss-protection
1; mode=block
expires
Tue, 07 Mar 2023 12:18:18 GMT
plf
c1.adform.net/imatch/ Frame AD2A
0
384 B
Image
General
Full URL
https://c1.adform.net/imatch/plf?name=plff
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
match
ad.360yield.com/ul_cb/ Frame AD2A
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=713663938463873976&Expiration=1679401098
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=713663938463873976&Expiration=1679401098
43 B
424 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=713663938463873976&Expiration=1679401098
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
3.122.30.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-30-166.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Mar 2023 12:18:18 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=713663938463873976&Expiration=1679401098
date
Tue, 07 Mar 2023 12:18:18 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
ad.yieldlab.net/ Frame AD2A
0
525 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=4879&ext_id=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.129.75 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-129-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 12:18:18 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Mon, 06 Mar 2023 12:18:18 GMT
token
token.rubiconproject.com/ Frame AD2A
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=5232&puid=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame AD2A
Redirect Chain
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=713663938463873976&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=713663938463873976&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=b21f327255ce4ba58c...
  • https://c1.adform.net/serving/cookie/match?party=9&uid=e23da2f887108ae33add0dcaeef58a5d231a9ad387410b004eaab02f7fa6dc79
35 B
599 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=9&uid=e23da2f887108ae33add0dcaeef58a5d231a9ad387410b004eaab02f7fa6dc79
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

location
https://c1.adform.net/serving/cookie/match?party=9&uid=e23da2f887108ae33add0dcaeef58a5d231a9ad387410b004eaab02f7fa6dc79
date
Tue, 07 Mar 2023 12:18:18 GMT
content-length
0
p3p
CP=NOI PSA OUR
/
rtb-csync.smartadserver.com/redir/ Frame AD2A
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=713663938463873976&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:18 GMT
transfer-encoding
chunked
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/55944/ Frame AD2A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=713663938463873976&_origin=1
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=713663938463873976&_origin=1&verify=true
0
120 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55944/sync?uid=713663938463873976&_origin=1&verify=true
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55944/sync?uid=713663938463873976&_origin=1&verify=true
date
Tue, 07 Mar 2023 12:18:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame AD2A
43 B
682 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 12:18:18 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1678191498899054-397
Expires
Tue, 07 Mar 2023 12:18:18 GMT
xuid
eb2.3lift.com/ Frame AD2A
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=713663938463873976
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=713663938463873976
  • https://eb2.3lift.com/xuid?mid=2409&xuid=228d3b9a-b7e2-4289-a3e8-95e9ae5f5350&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=228d3b9a-b7e2-4289-a3e8-95e9ae5f5350&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=228d3b9a-b7e2-4289-a3e8-95e9ae5f5350&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Mar 2023 12:18:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2409&xuid=228d3b9a-b7e2-4289-a3e8-95e9ae5f5350&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
date
Tue, 07 Mar 2023 12:18:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rum
dsum-sec.casalemedia.com/ Frame AD2A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=713663938463873976&expiration=1679401098
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=713663938463873976&expiration=1679401098&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=713663938463873976&expiration=1679401098&C=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 12:18:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 12:18:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=111&external_user_id=713663938463873976&expiration=1679401098&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
647471
se.semasio.net/sync/1/ Frame AD2A
Redirect Chain
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=713663938463873976&sInitiator=external
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=713663938463873976&sInitiator=external
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=713663938463873976&gdpr=&sInitiator=external
  • https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal
  • https://se.semasio.net/sync/1/14876172?sExtCookieId=315e6407-2b8c-4a00-9702-b1941ffdaa00&sInitiator=internal&gdpr=&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=2837535589818544212&sInitiator=internal&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QjQ3MTQ2RURGODUzQUMxOQ&gdpr=
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEOJDCsLJfrkm2Sl5E5MZKqc&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEOJDCsLJfrkm2Sl5E5MZKqc&sInitiator=internal&google_cver=1&gdpr=
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7207777604643715217&sInitiator=internal&gdpr=
0
415 B
Image
General
Full URL
https://se.semasio.net/sync/1/647471?sExtCookieId=7207777604643715217&sInitiator=internal&gdpr=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:25 GMT
uip-status
Ok
frontend-id
08
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Location
https://se.semasio.net/sync/1/647471?sExtCookieId=7207777604643715217&sInitiator=internal&gdpr=
Date
Tue, 07 Mar 2023 12:18:20 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
match
ps.eyeota.net/ Frame AD2A
0
344 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=713663938463873976&bid=9gdtmu1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 12:18:18 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pixel.gif
load77.exelator.com/ Frame AD2A
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=713663938463873976
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=713663938463873976&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
344 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
2a02:6ea0:f400::4 Zagreb, Croatia, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-nzt
AamW8oppUD3/VvkLAA
x-accel-expires
@1678443573
date
Tue, 07 Mar 2023 12:18:19 GMT
x-77-pop
zagrebHR
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
etag
"59f0c3fc-2b"
x-77-nzt-ray
bcd92b1fcb40731a8b2b0764948fe516
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-77-cache
HIT
x-age
784726
accept-ranges
bytes
content-length
43

Redirect headers

date
Tue, 07 Mar 2023 12:18:19 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
398366.gif
idsync.rlcdn.com/ Frame AD2A
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/398366.gif?partner_uid=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=713663938463873976/gdpr=/ Frame AD2A
49 B
266 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=713663938463873976/gdpr=/gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.48.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-48-43.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.17.247
content-length
49
expires
0
29729
tags.bluekai.com/site/ Frame AD2A
62 B
227 B
Image
General
Full URL
https://tags.bluekai.com/site/29729?id=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.209.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 07 Mar 2023 12:18:19 GMT
content-length
62
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame AD2A
43 B
273 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame AD2A
Redirect Chain
  • https://api.adrtx.net/thirdparty/click?p=adfo
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
35 B
390 B
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Server
52.218.26.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 12:18:20 GMT
Last-Modified
Thu, 29 Oct 2015 16:41:57 GMT
Server
AmazonS3
x-amz-request-id
1SN97TVNS20GE7YN
ETag
"c2196de8ba412c60c22ab491af7b1409"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
35
x-amz-id-2
fUXTCh26bsGUcLYVXPC4l8vRcympBmrhlPyDMsm6nJ6Zch30aDzpCRDNt5vCrEFVERPd7/YjG6w=

Redirect headers

X-Error-Reason
Missing UserId
Date
Tue, 07 Mar 2023 12:18:18 GMT
Server
akka-http/10.2.10
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
137
generic
match.adsrvr.org/track/cmf/ Frame AD2A
Redirect Chain
  • https://pixel.onaudience.com/?mapped=713663938463873976&partner=68
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=44f9bf78916ce65aea692f8f7b570252&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
/
cm.adsafety.net/ Frame AD2A
Redirect Chain
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=713663938463873976
  • https://tags.adsafety.net/v1/cm?cm_uid=CM120230307125682335b56781d2b31e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=eae2527176c61399441488e3c60f0859
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120230307125682335b56781d2b31e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
  • https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=eae2527176c61399441488e3c60f0859&idt_did_status=added&gdpr_consent=&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzAzMDcxMjU2ODIzMzViNTY3ODFkMmIzMWU&gdpr_consent=&gdpr=0
  • https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEMy46jo3z2VNO3kYYbTwyHI&gdpr_consent=&gdpr=0&google_cver=1
  • https://c1.adform.net/serving/cookie/match?party=28&cid=CM120230307125682335b56781d2b31e
  • https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=713663938463873976
  • https://dsp.adfarm1.adition.com/cookie/?ssp=6
  • https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7207777604643715217
  • https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7207777604643715217
43 B
2 KB
Image
General
Full URL
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7207777604643715217
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Server
62.141.38.122 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cm44.as.net
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 12:18:20 GMT
Last-Modified
Tue, 07 Mar 2023 12:18:20 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7207777604643715217
Date
Tue, 07 Mar 2023 12:18:20 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.5.9-1ubuntu4.26
Transfer-Encoding
chunked
Content-Type
text/html
usermatch.gif
beacon.krxd.net/ Frame AD2A
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.166.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-166-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by
beacon-n002-dub-prod.krxd.net
date
Tue, 07 Mar 2023 12:18:19 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1678191499
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
c1.adform.net/serving/cookie/match/ Frame AD2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NzEzNjYzOTM4NDYzODczOTc2
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOkjrdMjZ9Da-Ns5NZxoSbg&google_cver=1&google_ula=1641347,0
35 B
590 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOkjrdMjZ9Da-Ns5NZxoSbg&google_cver=1&google_ula=1641347,0
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOkjrdMjZ9Da-Ns5NZxoSbg&google_cver=1&google_ula=1641347,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
secure.adnxs.com/ Frame AD2A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
  • https://c1.adform.net/serving/cookie/match?party=3&id=2837535589818544212&redirect=1
  • https://secure.adnxs.com/setuid?entity=91&code=713663938463873976
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/setuid?entity=91&code=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 12:18:19 GMT
AN-X-Request-Uuid
87749880-143c-4cf1-a388-04a3e14456bb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://secure.adnxs.com/setuid?entity=91&code=713663938463873976
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
plf
c1.adform.net/imatch/ Frame AD2A
0
384 B
Image
General
Full URL
https://c1.adform.net/imatch/plf?name=plfm
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
Pug
simage2.pubmatic.com/AdServer/ Frame AD2A
42 B
447 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 12:18:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
pdw-adf.userreport.com/ Frame AD2A
43 B
444 B
Image
General
Full URL
https://pdw-adf.userreport.com/cs
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-41.vie50.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:26:49 GMT
Via
1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
VIE50-C2
Age
39090
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
04fnQMypY4ITQC49cs3X0lUv4lXWhs3aCIXhyk-f1Pa6YUDnVVa4jw==
p
a.audrte.com/ Frame AD2A
Redirect Chain
  • https://a.audrte.com/a?adform_uid=713663938463873976
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTBsQURWZXNEUG5TbXlDM0g2bkJnWjhGZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Server
52.0.191.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-191-77.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 12:18:19 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 07 Mar 2023 12:18:19 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame AD2A
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=713663938463873976&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=713663938463873976&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirec...
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=84124440580976971823530850555194619632&noredirect=1
35 B
590 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=1007&cid=84124440580976971823530850555194619632&noredirect=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

DCS
dcs-prod-irl1-1-v046-0aa5f14bd.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
LrdfH4sEQXA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://c1.adform.net/serving/cookie/match?party=1007&cid=84124440580976971823530850555194619632&noredirect=1
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
dmp.adform.net/serving/cookie/match/ Frame AD2A
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=713663938463873976
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219573204448001618377
35 B
590 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219573204448001618377
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219573204448001618377
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
/
dmp.adform.net/serving/cookie/match/ Frame AD2A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7207777604643715217
35 B
590 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7207777604643715217
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Location
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7207777604643715217
Date
Tue, 07 Mar 2023 12:18:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
33302
tags.bluekai.com/site/ Frame AD2A
62 B
438 B
Image
General
Full URL
https://tags.bluekai.com/site/33302?id=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.209.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 07 Mar 2023 12:18:19 GMT
content-length
62
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame AD2A
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
  • https://c1.adform.net/serving/cookie/match?party=1066&cid=547b6407-2b8c-4500-b236-98dfd5db1b52
35 B
590 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=1066&cid=547b6407-2b8c-4500-b236-98dfd5db1b52
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Date
Tue, 07 Mar 2023 12:18:19 GMT
Server
MT3 569 46451a0 master zrh-pixel-x4 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://c1.adform.net/serving/cookie/match?party=1066&cid=547b6407-2b8c-4500-b236-98dfd5db1b52
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Tue, 07 Mar 2023 12:18:18 GMT
match
c1.adform.net/serving/cookie/ Frame AD2A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=2M0fJnYS1PzwgP5
35 B
599 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=1084&cid=2M0fJnYS1PzwgP5
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 12:18:19 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-00e9cdd216e437ef6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://c1.adform.net/serving/cookie/match?party=1084&cid=2M0fJnYS1PzwgP5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame AD2A
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
image.sbmx
global.ib-ibi.com/ Frame AD2A
0
72 B
Image
General
Full URL
https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_128_CBC
Server
216.46.185.182 Englewood, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
0.gif
id5-sync.com/s/10/ Frame AD2A
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/10/0.gif?puid=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 07 Mar 2023 12:18:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
/
dmp.adform.net/serving/cookie/match/ Frame AD2A
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=630481436
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=EgzB/thpqtYlx2ob2UyhHO
35 B
599 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=EgzB/thpqtYlx2ob2UyhHO
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
via
1.1 google
last-modified
Tue, 07 Mar 2023 12:18:19 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=EgzB/thpqtYlx2ob2UyhHO
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
um
sync.teads.tv/ Frame AD2A
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=119&uid=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-30.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Tue, 07 Mar 2023 12:18:19 GMT
pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
pixel.gif
sync.1dmp.io/ Frame AD2A
12 B
155 B
Image
General
Full URL
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software
elb /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:19 GMT
last-modified
Mon, 30 Jan 2023 18:57:34 GMT
server
elb
accept-ranges
bytes
etag
"63d8131e-c"
content-length
12
content-type
text/html
/
s.ad.smaato.net/c/ Frame AD2A
0
242 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=713663938463873976
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:3000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:19 GMT
cache-control
no-cache, must-revalidate
via
1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
HQJwlH4FuFqd_Bg3wc7MtkXBeCnhizPUn9LWUZAP_3bP5fy9_djZAQ==
x-cache
FunctionGeneratedResponse from cloudfront
match
c1.adform.net/serving/cookie/ Frame AD2A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=713663938463873976&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEV...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=713663938463873976&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7B...
  • https://c1.adform.net/serving/cookie/match?party=2007&cid=44c8017e-c8b6-44e9-b350-0c501333d349
35 B
590 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=2007&cid=44c8017e-c8b6-44e9-b350-0c501333d349
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 12:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

date
Tue, 07 Mar 2023 12:18:19 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://c1.adform.net/serving/cookie/match?party=2007&cid=44c8017e-c8b6-44e9-b350-0c501333d349
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
713663938463873976
match.contentexchange.me/adform/ Frame AD2A
0
49 B
Image
General
Full URL
https://match.contentexchange.me/adform/713663938463873976?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:19 GMT
content-length
0
server
nginx/1.16.1
xuid
eb2.3lift.com/ Frame AD2A
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=713663938463873976&dongle=AD20
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame AD2A
Redirect Chain
  • https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=713663938463873976
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 12:18:19 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
put
e1.emxdgt.com/ Frame AD2A
0
0

plf
c1.adform.net/imatch/ Frame AD2A
0
384 B
Image
General
Full URL
https://c1.adform.net/imatch/plf?name=plfl
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=713663938463873976&agencyId=7384&advertiserId=2112077&src=tp&rnd=705056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 67A1
600 B
624 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 10:11:03 GMT
x-content-type-options
nosniff
age
353235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 10 Mar 2023 10:11:03 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 67A1
530 B
554 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 01:00:41 GMT
x-content-type-options
nosniff
age
472657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 09 Mar 2023 01:00:41 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 67A1
665 B
689 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 01:23:22 GMT
x-content-type-options
nosniff
age
557696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 08 Mar 2023 01:23:22 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 67A1
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:22:37 GMT
x-content-type-options
nosniff
age
402941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 20:22:37 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 67A1
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 09:20:14 GMT
x-content-type-options
nosniff
age
529084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 09:20:14 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 67A1
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 08:57:56 GMT
x-content-type-options
nosniff
age
444022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 08:57:56 GMT
payload
www.google.com/recaptcha/api2/ Frame 67A1
42 KB
42 KB
Image
General
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AFY_a8XnxVQN19K0Zj_ipH2LOuXEbBcuvkpUTYCVfc9V5KkZ1T1etIfHveaOn7fC7cNYYQA_iikuw8XeRntlKqBvh0Nd6mY-IuQtF_MFe3UOtoycHUofQR58eEbulNwmWSrMyX6qjiCOY_kxCWmclWVNJIoYjpLa_3uk99nuhVjzXmmiiXmpYfJgOKcKt4HubEuXMEffeOVLAJ6NWGS9cIZ6B4MnU5g4ww&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a2aa02249919174ddf5c5a4224951387d58217af1a0e398e9c5d18222a909e47
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:18 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43454
x-xss-protection
1; mode=block
expires
Tue, 07 Mar 2023 12:18:18 GMT
nr-1216.min.js
js-agent.newrelic.com/ Frame BB4D
38 KB
14 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/q4logincallback.aspx?error=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
via
1.1 varnish
date
Tue, 07 Mar 2023 12:18:18 GMT
x-amz-request-id
DTG7644JECJABMVN
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
euS7eCkMdWbl4V8M2iX9oNh7lzoJJ6pNDp8htbd6A2SccRDucE7sT+MmYPWrRq1/mmgkgTHuHHw=
x-served-by
cache-hhn-etou8220077-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1678191499.902299,VS0,VE0
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
205
4b6f7f959c
bam.nr-data.net/1/ Frame BB4D
49 B
397 B
Script
General
Full URL
https://bam.nr-data.net/1/4b6f7f959c?a=229922501&v=1216.487a282&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=974&ck=0&ref=https://www.definityfinancial.com/q4logincallback.aspx&ap=26&be=905&fe=909&dc=908&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1678191497947,%22n%22:0,%22f%22:748,%22dn%22:748,%22dne%22:748,%22c%22:748,%22ce%22:748,%22rq%22:749,%22rp%22:897,%22rpe%22:898,%22dl%22:899,%22di%22:908,%22ds%22:908,%22de%22:908,%22dc%22:909,%22l%22:909,%22le%22:909%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:18:19 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
49
x-served-by
cache-hhn-etou8220024-HHN
/
www.facebook.com/tr/
0
54 B
Image
General
Full URL
https://www.facebook.com/tr/?id=358685546026150&ev=Microdata&dl=https%3A%2F%2Fwww.definityfinancial.com%2FEnglish%2Foverview%2Fdefault.aspx&rl=&if=false&ts=1678191499219&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtHome%20%7C%20Definity%5Cn%22%2C%22meta%3Adescription%22%3A%22Definity%20Financial%20Corporation%20is%20the%20parent%20company%20to%20Economical%20Insurance%2C%20Sonnet%20Insurance%2C%20Family%20Insurance%20Solutions%2C%20and%20Petline%20Insurance.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.98&r=stable&ec=1&o=30&fbp=fb.1.1678191497711.1553309052&it=1678191497558&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/English/overview/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.definityfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 07 Mar 2023 12:18:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
4b6f7f959c
bam.nr-data.net/events/1/ Frame BB4D
24 B
354 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/4b6f7f959c?a=229922501&v=1216.487a282&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=10975&ck=0&ref=https://www.definityfinancial.com/q4logincallback.aspx
Requested by
Host: www.definityfinancial.com
URL: https://www.definityfinancial.com/q4logincallback.aspx?error=400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.definityfinancial.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 07 Mar 2023 12:18:28 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.definityfinancial.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-hhn-etou8220024-HHN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
e1.emxdgt.com
URL
https://e1.emxdgt.com/put?d=d52&uid=713663938463873976

Verdicts & Comments Add Verdict or Comment

186 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 boolean| credentialless object| Q4Login object| Q4Blizzard object| Q4Tracker object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| FooTable object| cookieconsent object| Mustache function| moment function| SmoothScroll function| Waypoint function| numeral object| JSZipUtils function| Cookies function| saveAs function| FileSaver object| Highcharts function| JSZip object| q4Defaults string| GoogleAnalyticsObject function| ga object| dataLayer object| theForm function| __doPostBack object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| GetViewType function| GetRevisionNumber function| GetLanguageId function| GetVersionNumber function| GetPoweredBy function| GetViewDate function| GetSignature object| google_tag_manager function| fbq function| _fbq function| twq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk object| _adftrack string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_OnSubmit string| languageLink function| setSearchLabel function| setAccessiblity object| $q4Nav string| breadcrumbClass string| breadcrumbTemplate function| breadcrumbData function| disableScroll2 function| enableScroll2 function| setMobileDropdownEvents object| google_optimize function| resizeVideo function| launchLightbox boolean| accordionIsMoving number| accordionSpeed function| toggleAria function| isPdf function| onYouTubeIframeAPIReady boolean| _already_called_lintrk function| onLoad__ctrl0_ctl30_recaptcha function| onSubmit__ctrl0_ctl30_recaptcha object| quickLinks string| quickLinksTemplate object| q4App object| $submit function| hasOwnProperty function| getCookie object| $sidebar object| vidyardEmbed function| setImmediate function| clearImmediate object| VidyardV4 object| Vidyard object| Adform object| KJUR object| adf object| Page_ValidationSummaries object| Page_Validators object| _ctrl0_ctl30_validationsummary object| _ctrl0_ctl30_regexEmailValidator1 object| _ctrl0_ctl30_reqvalEmailValidator1 object| _ctrl0_ctl30_cusvalMailingListsValidator object| _ctrl0_ctl30_cusvalRecaptcha object| _ctrl0_ctl30_ctl19 boolean| Page_ValidationActive function| ValidatorOnSubmit object| x string| x1 string| x2 object| regeneratorRuntime object| twttr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| _originalDoPostBack function| gtag function| initApp object| recaptcha object| closure_lm_996486

95 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJBLKW0R6sj79xYf8_P_ZXKacJYMfjR31lbRkc0g2ATzOz4TYYHOhSm6E8yPVrBAO8E9so7CxlYfLd19tNJbkv0
.www.definityfinancial.com/ Name: __cf_bm
Value: BGTBLJzfkvIosdxZ2siegn1JuzRtXJ2J4f59w_F8fTA-1678191495-0-AUdoB5//QcCTTwNJxfi7ewFK8j0RSErqTtelI4F79kk53VP1iAIfZWYdOoXGnp1q2ewRFVo3SSolDRiSoKJryZU=
www.definityfinancial.com/ Name: __uxq412__ses.4dd4
Value: *
www.definityfinancial.com/ Name: __uxq412__id.4dd4
Value: 13862f8f-5751-4ba3-92bc-928446ad1109.1678191497.1.1678191497.1678191497.1d970535-6694-408c-bb24-c4ce0799400b
.definityfinancial.com/ Name: _gid
Value: GA1.2.553035014.1678191497
.definityfinancial.com/ Name: _gat
Value: 1
.definityfinancial.com/ Name: _gcl_au
Value: 1.1.258139497.1678191497
.definityfinancial.com/ Name: _gat_UA-196243751-1
Value: 1
www.definityfinancial.com/ Name: sp
Value: f1be75e3-042c-40b7-8467-0f32d37df30f
.definityfinancial.com/ Name: _ga_XJX4793JW4
Value: GS1.1.1678191497.1.0.1678191497.0.0.0
.definityfinancial.com/ Name: _fbp
Value: fb.1.1678191497711.1553309052
www.definityfinancial.com/ Name: ln_or
Value: eyI0MDMzMjA5IjoiZCJ9
.twitter.com/ Name: personalization_id
Value: "v1_jI+z9FSEdR/vlDrQQaEX8w=="
.t.co/ Name: muc_ads
Value: 647a836d-d820-45f1-8212-4ff4c0b6ca91
.adform.net/ Name: C
Value: 1
.definityfinancial.com/ Name: _ga
Value: GA1.2.773869995.1678191497
.linkedin.com/ Name: UserMatchHistory
Value: AQK80D7LsJ2w5QAAAYa8AhM1S7-o056ohMN1dUlZ1SST_3ybZM_eGW6K2kGlqO2e649XY-ESGyJoqw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIXSOxd_IlS7AAAAYa8AhM1wMQQ_4A737Y2lXVAe0u-v6dmZ1yjcNjKJtdYUuyQ9VT1IsEan7qTo4cHAf_3Pg
.linkedin.com/ Name: bcookie
Value: "v=2&e3727437-e575-419f-82e3-eed2cf5d1521"
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2926:u=1:x=1:i=1678191498:t=1678277898:v=2:sig=AQFS_xAUQhHoKxXJgWirqE-SZsLkmyMD"
login.q4inc.com/ Name: did
Value: s%3Av0%3A24a4bc00-bce2-11ed-8420-2fc00be3c544.t9LTEoHLeImbnUEhmgPsOOsR%2FoqJxDknDLlIUi%2Fipww
.www.linkedin.com/ Name: bscookie
Value: "v=1&202303071218185ffef54e-5978-44a7-8df9-5f6659a0f9c4AQE8YiZbJmB4eGXMmMM6ATqw5YlCLYer"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzgxOTE0OTg7MjswMjH0+9gKPrWC5z1CyuW3od/UFjQtMS/Ng6VVBZEULoYZAg==
.adform.net/ Name: uid
Value: 713663938463873976
.adform.net/ Name: CM
Value: 1|1
.adform.net/ Name: CM14
Value: 1678277898_1678191498_1_Hu7u4e4e4R7u7u4REREeERERERHhERA
.seadform.net/ Name: uid
Value: 713663938463873976
.adscale.de/ Name: uu
Value: b21f327255ce4ba58c4a7262faa7b56f
.adscale.de/ Name: cct
Value: 1678191498843
.ih.adscale.de/ Name: tu
Value: 4#156920456#42~713663938463873976~466164~0~0
.bidswitch.net/ Name: tuuid
Value: 228d3b9a-b7e2-4289-a3e8-95e9ae5f5350
.bidswitch.net/ Name: c
Value: 1678191498
.bidswitch.net/ Name: tuuid_lu
Value: 1678191498
.casalemedia.com/ Name: CMID
Value: ZAcrikcIdlBXYEOmANiFNAAA
.casalemedia.com/ Name: CMPS
Value: 3393
.casalemedia.com/ Name: CMPRO
Value: 3393
.yahoo.com/ Name: A3
Value: d=AQABBIorB2QCELgmR535sGy9sK5i93jZSiIFEgEBAQF9CGQRZAAAAAAA_eMAAA&S=AQAAAsywulQqYN1qrPg5VtjzRiw
.360yield.com/ Name: tuuid
Value: d8ff1df1-cb38-4172-afaa-2fb1eb45efdc
.360yield.com/ Name: tuuid_lu
Value: 1678191498
.analytics.yahoo.com/ Name: IDSYNC
Value: 1760~2ado
.360yield.com/ Name: um
Value: !42,XSWB4dRIAqINP0ADiMZk-0GRxKBQCK6TJy0VEUbEsPI,1679401098
.360yield.com/ Name: umeh
Value: !42,0,1740399498,-1
.eyeota.net/ Name: SERVERID
Value: 21391~DM
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 713663938463873976
.ads.stickyadstv.com/ Name: UID
Value: 7f82c81fecd9fbeeaf0c39d19d7996c
.3lift.com/ Name: tluid
Value: 414613224276434253487
.semasio.net/ Name: SEUNCY
Value: B47146EDF853AC19
cm.adsafety.net/ Name: UID
Value: CM120230307125682335b56781d2b31e
.adsafety.net/ Name: cm_uid
Value: CM120230307125682335b56781d2b31e
.onaudience.com/ Name: cookie
Value: daa319ce678e59c7
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-713663938463873976&KRTB&23263-713663938463873976
.pubmatic.com/ Name: PugT
Value: 1678191499
.doubleclick.net/ Name: IDE
Value: AHWqTUn2ui-9Zk9jswQe_AyvWIVnfvSSGdkjCF60Y6Is_ldI1IS1Arz-53NC-NBCvRs
.krxd.net/ Name: _kuid_
Value: Pa5gVwhC
.adnxs.com/ Name: uuid2
Value: 2837535589818544212
.adnxs.com/ Name: anj
Value: dTM7k!M4/YErk#WF']wIg2C$Sm=L-g!]tbPl1MO?+q([.UbWgS_)m$gZ9Te5VFdMZ_+/#!8pov6%jUcE!_6-zQEVk`!'N9hCnY3/
.onaudience.com/ Name: done_redirects147
Value: 1
.demdex.net/ Name: demdex
Value: 84124440580976971823530850555194619632
.adfarm1.adition.com/ Name: UserID1
Value: 7207777604643715217
.dpm.demdex.net/ Name: dpm
Value: 84124440580976971823530850555194619632
.w55c.net/ Name: wfivefivec
Value: 2M0fJnYS1PzwgP5
.w55c.net/ Name: matchadform
Value: 5
.agkn.com/ Name: ab
Value: 0001%3Aw%2BFC9Qf9YK91EaHfZ3tpKgHd9Csv%2FClR
.bluekai.com/ Name: bku
Value: aG/99/LgOtHrZ2Xx
.bluekai.com/ Name: bkpa
Value: KJy9/xeKd02pSUHknp1p1p90wtkAwEzh1pRt1pApmext1pQl1pAlBQ19k5//sy==
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.weborama.fr/ Name: AFFICHE_W
Value: ZopxmmfbU8Jm98
.mathtag.com/ Name: uuid
Value: 547b6407-2b8c-4500-b236-98dfd5db1b52
tags.adsafety.net/ Name: UID
Value: eae2527176c61399441488e3c60f0859
tags.adsafety.net/ Name: DID
Value: eae2527176c61399441488e3c60f0859
tags.adsafety.net/ Name: IDT
Value: 100
tags.adsafety.net/ Name: cookie_ver
Value: 2
tags.adsafety.net/ Name: block_reset
Value: 1
.adsafety.net/ Name: ct_uid
Value: eae2527176c61399441488e3c60f0859
.adsafety.net/ Name: ct_did
Value: eae2527176c61399441488e3c60f0859
.adsafety.net/ Name: ct_idt
Value: 100
.audrte.com/ Name: arcki2
Value: a0lADVesDPnSmyC3H6nBgZ8Fg!20220908!1678191499644!ip#217.114.218.20
.audrte.com/ Name: arcki2_adform
Value: 713663938463873976!20220908!1678191499648
.tapad.com/ Name: TapAd_TS
Value: 1678191499700
.tapad.com/ Name: TapAd_DID
Value: 44c8017e-c8b6-44e9-b350-0c501333d349
cm.adsafety.net/ Name: permanent
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
ads.smartstream.tv/ Name: DID
Value: eae2527176c61399441488e3c60f0859
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
ads.smartstream.tv/ Name: cm_uid
Value: CM120230307125682335b56781d2b31e
.e-volution.ai/ Name: v_usr
Value: 567568a6-2381-4f3b-ae4e-0182f4ec3c6a
.audrte.com/ Name: arcki2_ddp2
Value: a0lADVesDPnSmyC3H6nBgZ8Fg!20220908!1678191499829
cm.adsafety.net/ Name: cache0
Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaODA2UVVDUUlrRnVrUHBxNVFNeVg3VkZJaDJib1dFOUdlV0ZMR1podVZyT09qeUNxRGw3ZUFKb0Z1b1VrVmp0cjRuRFRuZ3BKVUM4TFg0YzViNmJLeks5Y2Vub01LS2tzVzhyU3JvQXBGUmdJUlFwdXhUZjM5UTRIRERuek5WVXM2WFo1SXFsZWlvdzA0TnZqSjJ0WlFUNml1NjQwakRReDY3aDdKRTRVWVF5OXRxaHFCOXRRZWRKd0xGaG9jbXk0UiswQmVWY1phRTdPRnBCWWdDdFltR1RtK3MweGFxQ29saWVtUE9YdDNmOStYMUpxQUJPMnZXcUdnTWsrRHV4MCt6THVJTm9HMkgrWU8wMmtJSGVhMFpzMHp2N3BMNzBkci9FQU9iM0RYR2tKZllCd2ZhQmo2NFBCMDQ5dVFKYVR0SzNlVkxWbmJwc0ZxZkNOMmd0YTVRakRSbUh0YjlwL0w0QWVFeUFaYXJ5SFZSdnBwd1lQcHQ3UDdZZk1veEZnelpzMG1ER0g5bVR0VGl4bTNkeU1DNzV3bFViQVcvZnBWZWZib010M2d0d056ZDVybGQ1TFVxUjNlNmQxVDZsOSt2enh4RFhKdU5NS2wzdzRKTEgvWkFjRk81Y0VnNUdxaXpGd0xBcDh6NDlpRkJZcTZBRWppR2YzdWtIeEk1VHNHdHBGMGtUMkdDNVIwVHUxWnNmR0RrbFlNVklIcmxFNldkbEJ2TWFlaWt2U1VKNTRjWEluQTB3bEdPOUNVK3o2S2JnL1ZZMU5McHlQbGlkTzE1Y2w0ZXNGZ0pIb3plNEZGOXVSTytMQWZGNUtkc2ZTQlVnV2lrRTl3Y3ZzZGNXRHlGVkxrcXFMUDJ6WEt2UE51elJUMWs9

2 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/398366.gif?partner_uid=713663938463873976
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=713663938463873976/gdpr=/gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12019998.fls.doubleclick.net
a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
adservice.google.de
analytics.twitter.com
api.adrtx.net
auth.platform.q4inc.com
bam.nr-data.net
beacon.krxd.net
c1.adform.net
cdn.linkedin.oribi.io
cdn.vidyard.com
cm.adsafety.net
cm.g.doubleclick.net
cm.smartstream.tv
connect.facebook.net
d1azc1qln24ryf.cloudfront.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
js-agent.newrelic.com
load77.exelator.com
loada.exelator.com
loadm.exelator.com
login.q4inc.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
play.vidyard.com
pm.w55c.net
pro.ip-api.com
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s28.q4cdn.com
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
static.ads-twitter.com
sync.1dmp.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.teads.tv
t.co
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
widgets.q4app.com
www.definityfinancial.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
x.bidswitch.net
e1.emxdgt.com
104.244.42.3
104.244.42.69
104.96.129.75
109.206.161.21
13.107.42.14
13.224.189.93
13.224.194.107
13.32.110.41
13.32.121.78
139.162.141.41
141.94.170.77
141.95.33.111
142.251.39.6
15.197.193.217
151.101.1.181
151.101.2.137
162.159.129.11
162.247.243.29
172.217.19.98
18.196.192.213
18.198.69.109
18.66.112.77
18.66.97.118
185.167.164.39
185.64.190.80
185.80.39.216
185.86.138.151
185.89.210.90
185.89.211.12
193.135.9.127
193.234.225.88
199.232.16.157
2.18.79.139
2001:4860:4802:32::36
216.46.185.182
23.35.209.176
23.35.209.30
2600:9000:211a:3000:1b:5138:8a40:93a1
2600:9000:225e:6e00:2:53b2:240:93a1
2620:1ec:21::14
2a00:1450:400d:802::2002
2a00:1450:400d:803::2004
2a00:1450:400d:804::2003
2a00:1450:400d:805::2002
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2003
2a00:1450:400d:80d::2008
2a02:26f0:11a::6867:4832
2a02:6ea0:f400::4
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a0b:4d07:401::1
3.122.30.166
3.126.56.137
3.127.178.105
3.65.89.114
34.111.113.62
34.255.210.6
34.98.64.218
35.190.24.218
35.244.174.68
37.157.2.247
37.157.5.141
37.157.6.254
46.137.131.3
46.19.11.36
52.0.191.77
52.213.180.231
52.218.26.67
52.30.48.43
52.58.237.138
54.220.166.58
62.141.38.122
69.173.144.139
69.173.144.165
76.223.111.18
77.243.60.138
80.85.85.173
85.114.159.93
87.242.89.90
92.123.37.164
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0963a3a45d7b2998b677067b5bd8378817758ec0973f3fa1d1a13ea7f1a9ed19
0976ff87bf115f4fc16a30bc2ed128f3658f792a92382ac80c6871003dfac379
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cd3da3143e23537800f2e78e16ca191b6eb6bd2fc5e186745e0521f7dc1a3f0
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
1104af4ec5fd522b923898ae46be7a55bc7d62350d291b231400efb27e4de913
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e1087874174af97be4996b958d8cbd472e5f0efe849481408ea25fc44c55ee9
2234c10509f7ed245592c4456c11bc033e3036ccef641e6c78499e76b538fea6
251608debcc583dc67ca45af8f39cb97c4522ae7bd8649be552553fd8f2c3181
25da29519e67617333fd51b4099041cad1604bd924480a7c9feac9ec1df22edb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28f7171e64b188c70d6bab2b90164bcdf64735d2f7addce229c148daec8af61f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ac627d9e5b7eab2dae4b7fc28e8d383c20f614606ebb294410f1ec3ad183cd9
2b595138d7f0fff065bce5b2d8cd71c13843340e420ad4c43f04213b38ba2d93
2c16499f38c26c457d23697caba5743d623dc7318463c6a8c0ff39d15552fedb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3480996958f1616d4e126e2f1c6b0e2ec21ac672d5f6dc81873f8d123fe8d5cf
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
375a51a691270f1e41af679a671c6e07f4057d0d7287f7777982624c1ac55ce1
39cf9e3f1a2549cc9f2b00d18c954329c035b0500e89b09bd16aee32cad28eb7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7
4753a7fd3784f3b95fca05d374c0af7232e66501aa9b69eb4b90cc7f6c1dbef3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eebfb782bd1274127af7e0237c2873d2b16487b464d46703612279837c4ad16
4f926bb1da1f8ef66097de2d153bdd55e90f1502e8acb39c9ea5304c5ec56718
50212c23863cdd10dbc0a7e32c3a4b0bd051152902805115e8571b3b4c77a8ff
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5506c0ee0d14f185f9864aa92ebf85caf3e7225c8401b375cffc25e8c4435fcb
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5624122d7b5604eb5ee4f280f6d672adcfc31a456beb4b54432dda0e00ee9672
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59aeb89c50a0e4ba6fa7ca4c150b956f7e06a461ac3e092e6c9ccb10fdccf1e1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60871c745ee14ae9b1e1c892da0b30fd3d1695fbffc0a1fa49974a2c4bd86061
62e5d4c16451d3bf8a5b81e16afc396417e15bd8085f5b2ceb9cc235eab67a88
64aa36d5c3b2ae0f81afd36bc0aa665884010659a5ed4fe68e0723378dc2a6b2
64deea8d3844605b4884ce523931c6582ee35e02eec9c531047a8201cc768a58
65cbd6e94f20fb94d3ec0056f83acc671c297967feccf5eca95281401b605566
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bdb53e52d34362ef53a9dac0189ac48183f5f91ef18575796450c8084c2b17b
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
70b8f53d7a1646c331f487d955301c25b7e6846a298ca5319b51b13b9307c795
7744c4014632488b22e3c5f7befbcd63737b53dd3e8962491b22f3ad7aab0d62
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c1c47f5dc52848b3caad1d25d4a637bfb065b402e4e39e37a6aeb2a70f13bfd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861ad3ceed0c41bb7363410861e010621652f4670e25d8bcfa67d8a21a38f2e5
86b8242df573fa67adef74c57298a5c20870479af9df5afc37d6b281dc3f2160
88d2dd3fbf9e6e1a27fff2c10c2d2add31135e5936196d2ece2d96ff3be4940a
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2f31ff4a6da47d4f2bb33c6773658df0cbf10fe1aef2193194bed206db8abc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91dc4cbce55f9f23078fa77908a24a6bf63880b0c516361d2d9fed43dbfc6083
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
971020c6d474960c7322a5520583aced2efe471f8ffbb4987ebb44b248629ca7
9a178b5b095df341ad5779abcaf6a8e70a05547556ca6b51ad92157e3ff3110e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a28f7e58ec68292ae7717379a7965da89601a05ef3ebda359c2ee217a5eba7ae
a2aa02249919174ddf5c5a4224951387d58217af1a0e398e9c5d18222a909e47
a37a0cd08098fea28b8afd16177126a9e12adc01b1100eeddcdf74f641a44534
a50b8bbaff3dbbd53a5e591f402805de19bd23796b1c7008ca70fed59dad3f33
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ebf6037fd21e3d44a54eac5cd3fb416b7cd203aea47ac36a554a8543495ea8
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
b5c3b1b26ab70c18edf9dd2f40719975ee41f3df7f80ca913a64a2048279337a
b5f00036d74aeb7a055e96322248d897feeee3ddb0c5a7d4959cdcf8d227da14
b8985337c167aa4e6e5296ffa6fd288e65bcd4e0da8f82439726f961f6f733da
b8ff88a7e8929aa6842a0a31663d71e50c66679b7e225081f2c10b5bec45ca97
ba7f521100dc4dc111fc83b854f40376a916ef3bf6e35cf1987d9d9678023936
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf602814caceaf9f87b68a5b4e738df35f0702b029340227d5c68d440af68d86
c6a8c757c59b2df0c50814b344398dedb725eaf508722c9a22136defbb030cf6
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ce7dad344e74c98ee25de7eadc281e27cf3928ee17ae7f66b453e35f4b81a4f4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1b186bd97023274b1518744bcfd697e523dae9dfdc434deeb356f9ced3d2bf8
d46bc0e1a448b40635dc376fb87c0abf20e5895e7093cca509497657274db248
d81e135cea5a0d6219f662bc08274bab580524ffb5c2e7884a80245aafb37292
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc1b9457c7b4d376b605485ba3aa51f075d322ba4a90f7d697e5da0d42983ff5
dc6cc486f1f9097f3f5532a9c5eb42a5be34b15a05997771d065f68190b9e351
dc74a0054e45c0b08a01b50600340ca302c5500fdad9d4bb5d9dd24a0f5de43a
dc80ba256d0defd1ef2507933c86c2949ea0fd7271020e96bbf41b543800b9f6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e056093dd194e1558318663a22d5459ccaace80f56a3bb81aef48effc3db5195
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b5a613f72d2679e4934c0ad6abe861c0c3d8f8455ec834bf67cb7826d08085
e5d8f173096cda564d1786279fa903be57ef7449dba90ebbe642aa373c0025f5
eb011a6cfa6d3d95eaeb1e0eb03bdda3b39f73cce379444e3c29592f05cb857b
eb5bd0ad819c8373380c7540d5112df8e036076cdd15d8005a733d9a2ad8f903
ebc7a1f7bc2cf81033501e61cbd97e2b26fb75d9c454c285341c32f440622ede
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
efe025862957bb6882ce8d147042fda1073ba42e9abc4f4456231371b81ffc6c
f426a30534d35f7a7558d8592a1482aaa3245e4f24a5f9260e2a1e4124421e47
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5887f86b663207b454f64886611b8de47ecee244ebd6525fe2b4643bf08192f
f7ec85bdd0b5de19c3985f736db0d9f85b95434f2c09bcbfef3afc9844b36e3d
fc3213fa9594847b906c8c597372ede552a8d8a3c9d870650eddf8626ee09506