urlscan.io logo urlscan.io
SecurityTrails logo

prfctr.com Open in urlscan Pro
172.67.175.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clicktime.symantec.com/15x8xB89zZvG36Mt4N3Di?h=9dUpfC2d4WXyFr0VslhMRVzBrukc5wV1xqxXJwUFt1M=&u=https://go.sparkpostmail2...
Effective URL: https://prfctr.com/?listId=132594&email=george@roycefunds.com
Submission: On December 02 via api from RU — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 22 domains to perform 25 HTTP transactions. The main IP is 172.67.175.97, located in United States and belongs to CLOUDFLARENET, US. The main domain is prfctr.com.
TLS certificate: Issued by WE1 on November 29th 2024. Valid for: 3 months.
This is the only time prfctr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.155.23.186 16509 (AMAZON-02)
1 1 35.84.76.121 16509 (AMAZON-02)
1 1 18.214.55.247 14618 (AMAZON-AES)
1 1 172.67.174.10 13335 (CLOUDFLAR...)
5 172.67.175.97 13335 (CLOUDFLAR...)
2 3.162.103.91 16509 (AMAZON-02)
13 16 3.93.98.248 14618 (AMAZON-AES)
1 3.210.51.198 14618 (AMAZON-AES)
1 157.240.229.1 32934 (FACEBOOK)
1 35.211.202.130 15169 (GOOGLE)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
2 2 52.223.40.198 16509 (AMAZON-02)
2 2 64.233.180.155 15169 (GOOGLE)
1 2 104.18.27.193 13335 (CLOUDFLAR...)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 107.178.254.65 396982 (GOOGLE-CL...)
1 69.173.146.5 26667 (RUBICONPR...)
1 2 35.244.159.8 396982 (GOOGLE-CL...)
1 64.202.112.63 23352 (SERVERCEN...)
1 207.65.37.184 62713 (AS-PUBMATIC)
1 2 69.147.65.252 14196 (YAHOO-CHA)
1 141.226.224.48 200478 (TABOOLA-A...)
1 2 35.71.139.29 16509 (AMAZON-02)
1 2 68.67.160.26 29990 (ASN-APPNEX)
1 44.223.154.245 14618 (AMAZON-AES)
25 18
1    35.155.23.186 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-23-186.us-west-2.compute.amazonaws.com
clicktime.symantec.com
1    35.84.76.121 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-76-121.us-west-2.compute.amazonaws.com
go.sparkpostmail2.com
1    18.214.55.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-55-247.compute-1.amazonaws.com
trk.investmentwheel.com
1    172.67.174.10 (United States)

ASN13335 (CLOUDFLARENET, US)
go.scanned-safe.net
5    172.67.175.97 (United States)

ASN13335 (CLOUDFLARENET, US)
prfctr.com
2    3.162.103.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-103-91.iad61.r.cloudfront.net
s.adroll.com
16    3.93.98.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-98-248.compute-1.amazonaws.com
d.adroll.com
1    3.210.51.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-51-198.compute-1.amazonaws.com
x.adroll.com
1    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
1    35.211.202.130 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com
x.bidswitch.net
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    64.233.180.155 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f155.1e100.net
cm.g.doubleclick.net
2    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    207.65.37.184 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    69.147.65.252 (United States)

ASN14196 (YAHOO-CHA, US)
PTR: e2-bmr.ycpi.cha.yahoo.com
ups.analytics.yahoo.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
sync.taboola.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    68.67.160.26 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    44.223.154.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-223-154-245.compute-1.amazonaws.com
x.adroll.com
Apex Domain
Subdomains		 Transfer
20 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3645
d.adroll.com — Cisco Umbrella Rank: 1673
x.adroll.com — Cisco Umbrella Rank: 3549
48 KB
5 prfctr.com
prfctr.com
147 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 470
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
982 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
594 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 525
530 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
826 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 607
2 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
1 KB
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1304
364 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 886
584 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 897
360 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
1 KB
1 pippio.com
pippio.com — Cisco Umbrella Rank: 805
569 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 393
183 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
61 KB
1 scanned-safe.net
go.scanned-safe.net
722 B
1 investmentwheel.com
trk.investmentwheel.com
554 B
1 sparkpostmail2.com
go.sparkpostmail2.com — Cisco Umbrella Rank: 277203
465 B
1 symantec.com
clicktime.symantec.com — Cisco Umbrella Rank: 201475
735 B
25 22
Domain Requested by
16 d.adroll.com 13 redirects s.adroll.com
5 prfctr.com prfctr.com
3 pixel.tapad.com 2 redirects
2 ib.adnxs.com 1 redirects
2 eb2.3lift.com 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 us-u.openx.net 1 redirects
2 idsync.rlcdn.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 cm.g.doubleclick.net 2 redirects
2 match.adsrvr.org 2 redirects
2 x.adroll.com s.adroll.com
2 s.adroll.com prfctr.com
s.adroll.com
1 sync.taboola.com
1 image2.pubmatic.com
1 sync.outbrain.com
1 pixel.rubiconproject.com
1 pippio.com
1 x.bidswitch.net
1 connect.facebook.net s.adroll.com
1 go.scanned-safe.net 1 redirects
1 trk.investmentwheel.com 1 redirects
1 go.sparkpostmail2.com 1 redirects
1 clicktime.symantec.com 1 redirects
25 24

This site contains no links.

Subject Issuer Validity Valid
prfctr.com
WE1		 2024-11-29 -
2025-02-27		 3 months crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M03		 2024-09-08 -
2025-10-07		 a year crt.sh
*.adroll.com
Amazon RSA 2048 M02		 2024-07-03 -
2025-07-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-10 -
2024-12-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://prfctr.com/?listId=132594&email=george@roycefunds.com
Frame ID: DDD0BEC16184E0D836AE202073E7938F
Requests: 24 HTTP requests in this frame

Frame: https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS
Frame ID: 88537CAB68066014D40D47201F6C0766
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://clicktime.symantec.com/15x8xB89zZvG36Mt4N3Di?h=9dUpfC2d4WXyFr0VslhMRVzBrukc5wV1xqxXJwUFt1M=&u=https... HTTP 307
    https://go.sparkpostmail2.com/f/a/zmNlBUM0wgilU1eLMmWqBg~~/AASACgA~/RgRpL5KEP4QPAWh0dHA6Ly90cmsuaW52ZXN0bW... HTTP 302
    http://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7t99tqg8edjbykp6br9n34m4fimy1p78e6mpdl2... HTTP 307
    https://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7t99tqg8edjbykp6br9n34m4fimy1p78e6mpdl2... HTTP 307
    http://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7t99tqg8edjbykp6br9n34m4fimy1p78e6mpdl2... HTTP 302
    https://go.scanned-safe.net/prefs/george@roycefunds.com/132594 HTTP 302
    https://prfctr.com/?listId=132594&email=george@roycefunds.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

48 %
HTTPS

0 %
IPv6

22
Domains

24
Subdomains

18
IPs

2
Countries

251 kB
Transfer

555 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clicktime.symantec.com/15x8xB89zZvG36Mt4N3Di?h=9dUpfC2d4WXyFr0VslhMRVzBrukc5wV1xqxXJwUFt1M=&u=https://go.sparkpostmail2.com/f/a/zmNlBUM0wgilU1eLMmWqBg HTTP 307
    https://go.sparkpostmail2.com/f/a/zmNlBUM0wgilU1eLMmWqBg~~/AASACgA~/RgRpL5KEP4QPAWh0dHA6Ly90cmsuaW52ZXN0bWVudHdoZWVsLmNvbS8_eHRsPTNna3I2Zzg2Y3Y4dGFicndjM3o0dHNrNGgyZWI0MXljN3Q5OXRxZzhlZGpieWtwNmJyOW4zNG00ZmlteTFwNzhlNm1wZGwyb3VtaGhwb2dvYjh2dW82ZDFjeHc2ZnYweTJsZDh3Z2cxdjhuZm9ka2lxa2YwazU1ZTlwaGlxbzJ6NGVoMmNqb2Z5Nml6N2xqancwaTJkbnpwM3hoazNqcyZlaT1nZW9yZ2VAcm95Y2VmdW5kcy5jb20mX19zdG1wPXNudWV0ZiZfX29ubHQ9aCZlbWFpbD1nZW9yZ2VAcm95Y2VmdW5kcy5jb21XA3NwY0IKZ0aEDU1nFfceGFIVZ2VvcmdlQHJveWNlZnVuZHMuY29tWAQAAABo HTTP 302
    http://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7t99tqg8edjbykp6br9n34m4fimy1p78e6mpdl2oumhhpogob8vuo6d1cxw6fv0y2ld8wgg1v8nfodkiqkf0k55e9phiqo2z4eh2cjofy6iz7ljjw0i2dnzp3xhk3js&ei=george@roycefunds.com&__stmp=snuetf&__onlt=h&email=george@roycefunds.com HTTP 307
    https://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7t99tqg8edjbykp6br9n34m4fimy1p78e6mpdl2oumhhpogob8vuo6d1cxw6fv0y2ld8wgg1v8nfodkiqkf0k55e9phiqo2z4eh2cjofy6iz7ljjw0i2dnzp3xhk3js&ei=george@roycefunds.com&__stmp=snuetf&__onlt=h&email=george@roycefunds.com HTTP 307
    http://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7t99tqg8edjbykp6br9n34m4fimy1p78e6mpdl2oumhhpogob8vuo6d1cxw6fv0y2ld8wgg1v8nfodkiqkf0k55e9phiqo2z4eh2cjofy6iz7ljjw0i2dnzp3xhk3js&ei=george@roycefunds.com&__stmp=snuetf&__onlt=h&email=george@roycefunds.com HTTP 302
    https://go.scanned-safe.net/prefs/george@roycefunds.com/132594 HTTP 302
    https://prfctr.com/?listId=132594&email=george@roycefunds.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://d.adroll.com/cm/b/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y
Request Chain 11
  • https://d.adroll.com/cm/experian/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4ac61890-3367-4b7a-bad6-a2737d74361b%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4ac61890-3367-4b7a-bad6-a2737d74361b%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0529f747-6c20-4016-9c2e-eb1b044de7ff&ttd_puid=4ac61890-3367-4b7a-bad6-a2737d74361b%2C%2C
Request Chain 12
  • https://d.adroll.com/cm/g/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=oHckPAcfMOx_0j10nE8iPw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=oHckPAcfMOx_0j10nE8iPw&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in
Request Chain 13
  • https://d.adroll.com/cm/index/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&expiration=1764642376 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&expiration=1764642376&C=1
Request Chain 14
  • https://d.adroll.com/cm/l/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=a077243c071f30ec7fd23d749c4f223f HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogYTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2YQABoNCMi1tLoGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=b3bcc866720f20fcf39ab579f242b4cc6ed41762d2501077cb46edced6c0b25c791426b5417dce21&_=2
Request Chain 15
  • https://d.adroll.com/cm/n/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&expires=365
Request Chain 16
  • https://d.adroll.com/cm/o/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=a077243c071f30ec7fd23d749c4f223f&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=a077243c071f30ec7fd23d749c4f223f&gdpr=0&gdpr_consent=&cc=1
Request Chain 17
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 18
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 19
  • https://d.adroll.com/cm/r/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Request Chain 20
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y
Request Chain 21
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Request Chain 22
  • https://d.adroll.com/cm/x/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
prfctr.com/
Redirect Chain
  • https://clicktime.symantec.com/15x8xB89zZvG36Mt4N3Di?h=9dUpfC2d4WXyFr0VslhMRVzBrukc5wV1xqxXJwUFt1M=&u=https://go.sparkpostmail2.com/f/a/zmNlBUM0wgilU1eLMmWqBg
  • https://go.sparkpostmail2.com/f/a/zmNlBUM0wgilU1eLMmWqBg~~/AASACgA~/RgRpL5KEP4QPAWh0dHA6Ly90cmsuaW52ZXN0bWVudHdoZWVsLmNvbS8_eHRsPTNna3I2Zzg2Y3Y4dGFicndjM3o0dHNrNGgyZWI0MXljN3Q5OXRxZzhlZGpieWtwNmJyO...
  • http://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7t99tqg8edjbykp6br9n34m4fimy1p78e6mpdl2oumhhpogob8vuo6d1cxw6fv0y2ld8wgg1v8nfodkiqkf0k55e9phiqo2z4eh2cjofy6iz7ljjw0i2dnzp3xhk3js&e...
  • https://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7t99tqg8edjbykp6br9n34m4fimy1p78e6mpdl2oumhhpogob8vuo6d1cxw6fv0y2ld8wgg1v8nfodkiqkf0k55e9phiqo2z4eh2cjofy6iz7ljjw0i2dnzp3xhk3js&...
  • http://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7t99tqg8edjbykp6br9n34m4fimy1p78e6mpdl2oumhhpogob8vuo6d1cxw6fv0y2ld8wgg1v8nfodkiqkf0k55e9phiqo2z4eh2cjofy6iz7ljjw0i2dnzp3xhk3js&e...
  • https://go.scanned-safe.net/prefs/george@roycefunds.com/132594
  • https://prfctr.com/?listId=132594&email=george@roycefunds.com
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prfctr.com/?listId=132594&email=george@roycefunds.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99c10d759f9d7b8a54061e4d310bacfa9386dd2ff0ef4b4c103f700d94361968

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8eb7def8d85f3702-YYZ
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 02:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FQZuya9t4KYHp%2BQt7UeFUyInwLH9oj5aB2Ms%2BNRsjC3FrMwWTFCCTSHZXZ2PKkG5AD6qaD2p6pk512CS6XLxZEgXyna2EJvrsPI0SVyT5dNjJn17YMieGMMvT1%2FP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=31088&min_rtt=23261&rtt_var=13173&sent=15&recv=12&lost=2&retrans=2&sent_bytes=5215&recv_bytes=4614&delivery_rate=556&cwnd=8400&unsent_bytes=0&cid=204732811d2a0d67&ts=217&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8eb7def60f9eac8a-YYZ
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 02:26:14 GMT
expires
Mon, 02 Dec 2024 02:36:13 GMT
location
https://prfctr.com/?listId=132594&email=george@roycefunds.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6cGGVHFB1OhfvPE1e7lIES0FQ5gsV12rTIDnJhoE5m60GCRyGD54M%2Fr0bJJ2kTdSeJYOSsWv2okJTkudHUHa%2FF%2Bj0PQrzMLdsUdzhWQY14dOfpeS3s71JdST%2BbpLarlHPbw%2BsN3H"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=24074&min_rtt=23523&rtt_var=4659&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4185&recv_bytes=4515&delivery_rate=545&cwnd=12000&unsent_bytes=0&cid=ea2e886b0245aba6&ts=304&x=1" cfHdrFlush;dur=0
vary
User-Agent
jquery-3.6.0.min.js
prfctr.com/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prfctr.com/js/jquery-3.6.0.min.js
Requested by
Host: prfctr.com
URL: https://prfctr.com/?listId=132594&email=george@roycefunds.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/?listId=132594&email=george@roycefunds.com

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
274
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2BMWxEaSQbLplWgngXtm7m63nvZdzmDiIwFZbSOh%2Bhjmkikbw9PGxwk%2FT%2BCyx4XwMcXn9O0qpZigCKaIUY2jzgycsLMNCpIyXhM%2F35pIAfPt%2Fqup1nkIy80FX3TK"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb7def9d9763702-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29541&min_rtt=23261&rtt_var=10089&sent=21&recv=17&lost=2&retrans=2&sent_bytes=10204&recv_bytes=5754&delivery_rate=157064&cwnd=8400&unsent_bytes=0&cid=204732811d2a0d67&ts=272&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 02:26:14 GMT
content-type
application/javascript
last-modified
Mon, 10 May 2021 20:40:52 GMT
vary
Accept-Encoding
priority
u=1,i=?0
ajax-loader.gif
prfctr.com/images/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prfctr.com/images/ajax-loader.gif?rand=1495815905
Requested by
Host: prfctr.com
URL: https://prfctr.com/?listId=132594&email=george@roycefunds.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8491a487c4cc4fb7fd43d0cde567907ef48fd13b39df64da05e8e179b5bfad2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/?listId=132594&email=george@roycefunds.com

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QmAwtR2p5tqIsCu57gc%2FXb54JMCAYmGfFQ1SZseQEVmVg6OzEb9mvgaAiWoIkSFkQZs0Y%2F3kpzfYyvR00M5VpoGkahWS9RsMJG%2BlZehZLlhSrpdxEMQK22zYfoGd"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb7def9d9793702-YYZ
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37663&min_rtt=23261&rtt_var=11721&sent=48&recv=30&lost=6&retrans=6&sent_bytes=40924&recv_bytes=6367&delivery_rate=257085&cwnd=6720&unsent_bytes=0&cid=204732811d2a0d67&ts=368&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
106039
date
Mon, 02 Dec 2024 02:26:14 GMT
content-type
image/gif
last-modified
Mon, 10 May 2021 20:40:52 GMT
vary
Accept-Encoding
priority
u=2,i
email-decode.min.js
prfctr.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prfctr.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: prfctr.com
URL: https://prfctr.com/?listId=132594&email=george@roycefunds.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/?listId=132594&email=george@roycefunds.com

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"6740aa56-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=agUV%2FSdIc0uiAgiYPBJv5MinHe%2FZja5uSOFI%2BGOFUOAu0BmMh6uDtqfaGHezcuT5iPgqNFDIcM6xnbuvtx1vXU4LrV5YE4pCk4jkOF98AjoD0KBGfqFuB7w0xJAB"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8eb7def9d97a3702-YYZ
expires
Wed, 04 Dec 2024 02:26:14 GMT
date
Mon, 02 Dec 2024 02:26:14 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 15:59:18 GMT
server
cloudflare
vary
Accept-Encoding
roundtrip.js
s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/roundtrip.js
Requested by
Host: prfctr.com
URL: https://prfctr.com/?listId=132594&email=george@roycefunds.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-91.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78f8c2de532c0e5071f69ef0572aab838c84157703427ab35e883f23696e0681

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
kTovR.NpyXP3GBeJbr.lC4H5sVMzU8eD
Etag
W/"758ef16c53a848ca88a00ad7c3cd5aad"
Age
2410
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
t0juChCrYQ0XS7l48ywhwnkyFKg4JsiwAdN1LeaSLDl4xvq5Zyw6rg==
Date
Mon, 02 Dec 2024 01:46:06 GMT
Content-Type
text/javascript; charset=utf-8
Vary
accept-encoding
Last-Modified
Mon, 25 Nov 2024 11:25:57 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 e2e847b082ff9d1bdd61dc9c27ca0786.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
IAD61-P1
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
FLABZ4S7ABGLXDGDZPXVMS
d.adroll.com/consent/check/ 		578 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/FLABZ4S7ABGLXDGDZPXVMS?flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&_s=15deb4818f337c95d0eab93b120f274e&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.98.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-98-248.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
6630411f81f04e966b964d5047b79624ce385764517f7769491ceb350602f5a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
content-length
578
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:16 GMT
pragma
no-cache
content-type
application/javascript
server
nginx/1.22.1
favicon.ico
prfctr.com/ 		10 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://prfctr.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7761483e556bbf26810f227776329b90378df64532f222b412a4922276afb4c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/?listId=132594&email=george@roycefunds.com

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
10
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uKJrPJu2bGtAlbe2ryk0Y%2FL0MlZS%2FeECqL56Qfq4680IzKxfc14KdoqRo6KneAw4lahOJoYl7ReWlM0y%2BtUb0cwxC8O%2FLpdURU%2BEZPo77FJg5tKY2NJ534i3ia4R"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb7df02bcea3702-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=214489&min_rtt=23261&rtt_var=81931&sent=174&recv=100&lost=19&retrans=19&sent_bytes=172916&recv_bytes=10127&delivery_rate=3849&cwnd=5068&unsent_bytes=0&cid=204732811d2a0d67&ts=1692&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 02:26:16 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
iframe_content.html
x.adroll.com/pxl/ Frame 8853 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/roundtrip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.210.51.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-51-198.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://prfctr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
ad-auction-allowed
true
content-encoding
zstd
content-length
427
content-type
text/html
date
Mon, 02 Dec 2024 02:26:16 GMT
last-modified
Mon, 25 Nov 2024 21:07:41 GMT
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/roundtrip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-9jJS5Bpc' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 02:26:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-9jJS5Bpc' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4450, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
yvixnlciJmaT73tc7ZBnf6kpZFyxIlBvTaaIDR5OiVUk0l3lWODB8yqfQLTGT5EXQY1LfRe0hRh1/lnEI+COSw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
sendrolling.js
s.adroll.com/j/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-91.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
CK4cMX5vZLEnRrAtBOR1tfE4_uNanswm
Etag
W/"4a64112c69b3c4b3f104f38d9547a094"
Age
116
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
RJE4V72PvQyp4tViSFydPccZDqnqi9fQFLr-VaEjRJZSjVUaxZ91nQ==
Date
Mon, 02 Dec 2024 02:24:21 GMT
Content-Type
text/javascript
Vary
accept-encoding
Last-Modified
Mon, 30 Sep 2024 21:10:57 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=300, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 e2e847b082ff9d1bdd61dc9c27ca0786.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
IAD61-P1
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
KPUNFH3A2VCZZEYDM5FE54
d.adroll.com/segment/FLABZ4S7ABGLXDGDZPXVMS/ 		42 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/segment/FLABZ4S7ABGLXDGDZPXVMS/KPUNFH3A2VCZZEYDM5FE54?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&cookie=&adroll_s_ref=&keyw=&p0=1307&adroll_external_data=&xa4=1&adroll_version=2.0
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.98.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-98-248.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

x-rule-type
p
access-control-expose-headers
X-Advertisable-Eid, X-Attribution-Url, X-Segment-Eid, X-Segment-Display-Name, X-Segment-Name, X-Conversion-Currency, X-Conversion-Value, X-Rule, X-Rule-Type, X-Organization-Eid, X-Pixel-Eid
x-organization-eid
CIGMIDPO7FGD5FYVX3XA3Y
access-control-allow-methods
GET
x-segment-eid
LHLSFAYJMNBIZK4NL2JOCW
x-advertisable-eid
FLABZ4S7ABGLXDGDZPXVMS
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:16 GMT
x-pixel-eid
KPUNFH3A2VCZZEYDM5FE54
content-type
image/gif
x-attribution-url
https%3A%2F%2Fx.adroll.com%2Fattribution%2Ftrigger%3Ffpc%3D8f1dfba0bbacf1eec68e5cb4dacca9a7%26advertisable_eid%3DFLABZ4S7ABGLXDGDZPXVMS%26conversion_type%3DPageView%26conversion_value%3D0.0%26currency%3DEUR%26flg%3D1%26pv%3D11720652091.81581%26arrfrr%3Dhttps%253A%252F%252Fprfctr.com%252F%253FlistId%253D132594%2526email%253Dgeorge%2540roycefunds.com
access-control-allow-headers
Content-Type, *
x-segment-display-name
Visitors to Unsegmented Pages
cache-control
no-store, no-cache, must-revalidate
access-control-request-methods
GET
pragma
no-cache
x-conversion-currency
EUR
access-control-allow-credentials
true
x-conversion-value
0.0
access-control-allow-origin
https://prfctr.com
x-segment-name
*
content-length
42
server
nginx/1.22.1
x-rule
*
sync
x.bidswitch.net/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds...
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=44&user_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y
Protocol
H2
Server
35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.202.211.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Mon, 02 Dec 2024 02:26:16 GMT
content-type
image/gif

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://x.bidswitch.net/sync?dsp_id=44&user_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y
content-length
96
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:16 GMT
pragma
no-cache
server
nginx/1.22.1
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://d.adroll.com/cm/experian/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roy...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4ac61890-3367-4b7a-bad6-a2737d74361b%252C%252C&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4ac61890-3367-4b7a-bad6-a2737d74361b%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0529f747-6c20-4016-9c2e-eb1b044de7ff&ttd_puid=4ac61890-3367-4b7a-bad6-a2737d74361b%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0529f747-6c20-4016-9c2e-eb1b044de7ff&ttd_puid=4ac61890-3367-4b7a-bad6-a2737d74361b%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Mon, 02 Dec 2024 02:26:17 GMT
content-type
image/png
server
Jetty(11.0.13)

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0529f747-6c20-4016-9c2e-eb1b044de7ff&ttd_puid=4ac61890-3367-4b7a-bad6-a2737d74361b%2C%2C
content-length
359
date
Mon, 02 Dec 2024 02:26:17 GMT
server
Kestrel
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds...
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=oHckPAcfMOx_0j10nE8iPw
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=oHckPAcfMOx_0j10nE8iPw&google_tc=
  • https://d.adroll.com/cm/g/in
42 B
821 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Server
3.93.98.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-98-248.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-result
g.-1.-1.-1
content-length
42
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:17 GMT
content-type
image/gif
server
nginx/1.22.1

Redirect headers

cache-control
no-cache, must-revalidate
location
https://d.adroll.com/cm/g/in
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
225
date
Mon, 02 Dec 2024 02:26:16 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycef...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&expiration=1764642376
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&expiration=1764642376&C=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&expiration=1764642376&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BK2bnXo8N%2BVtWudVddjLoKeIOdw3j5gcAVUWHrSNVucj%2FDR24p0rhlO5G4EOnfZW%2FgDGzELxTMvhsg99UrMF9HVr4G5QpzvISOmaVKYW4fepyxA0h6xpXw2uPyzjoPiFNdx4vJ4PmAXOig%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Mon, 02 Dec 2024 02:26:16 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8eb7df06283239d7-YYZ
content-length
43
server
cloudflare

Redirect headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2dce57Cff3C865QTq4wmbUN2jStJNJc3EKVqdIkbG1d6kc230gTV57ttS%2Bs3ohJ4CuQVCjPgExkBzgIBkhpVw4zXa%2FcOYMCxis5aVnNHO5ihLRIIzXy47l1Vxw1fAEK20u8m%2FV6u9QeCWg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Mon, 02 Dec 2024 02:26:16 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
location
/rum?cm_dsp_id=105&external_user_id=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&expiration=1764642376&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8eb7df05bfa139d7-YYZ
content-length
0
server
cloudflare
sync
pippio.com/api/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds...
  • https://idsync.rlcdn.com/377928.gif?partner_uid=a077243c071f30ec7fd23d749c4f223f
  • https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogYTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2YQABoNCMi1tLoGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=b3bcc866720f20fcf39ab579f242b4cc6ed41762d2501077cb46edced6c0b25c791426b5417dce21&_=2
42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=5324&it=1&iv=b3bcc866720f20fcf39ab579f242b4cc6ed41762d2501077cb46edced6c0b25c791426b5417dce21&_=2
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Mon, 02 Dec 2024 02:26:17 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://pippio.com/api/sync?pid=5324&it=1&iv=b3bcc866720f20fcf39ab579f242b4cc6ed41762d2501077cb46edced6c0b25c791426b5417dce21&_=2
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Mon, 02 Dec 2024 02:26:16 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds...
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&expires=365
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&expires=365
Protocol
HTTP/1.1
Server
69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
207e6e3bf58d030312efc0c602ea89b7
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&expires=365
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:16 GMT
pragma
no-cache
server
nginx/1.22.1
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds...
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=a077243c071f30ec7fd23d749c4f223f&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=a077243c071f30ec7fd23d749c4f223f&gdpr=0&gdpr_consent=&cc=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537103138&val=a077243c071f30ec7fd23d749c4f223f&gdpr=0&gdpr_consent=&cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
149.88.16.228
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 02 Dec 2024 02:26:16 GMT
content-type
image/gif
vary
Accept
server
OXGW/0.0.0

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537103138&val=a077243c071f30ec7fd23d749c4f223f&gdpr=0&gdpr_consent=&cc=1
x-forwarded-for
149.88.16.228
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 02 Dec 2024 02:26:15 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
OXGW/0.0.0
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roy...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=&us_privacy=1---
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Mon, 02 Dec 2024 02:26:16 GMT
x-traceid
01ad84dcd48e63ecc842bfbe2b65db01

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=&us_privacy=1---
content-length
137
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:16 GMT
pragma
no-cache
server
nginx/1.22.1
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roy...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...
42 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
H2
Server
207.65.37.184 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 02 Dec 2024 02:26:16 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
content-length
212
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:16 GMT
pragma
no-cache
server
nginx/1.22.1
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds...
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Protocol
H2
Server
69.147.65.252 , United States, ASN14196 (YAHOO-CHA, US),
Reverse DNS
e2-bmr.ycpi.cha.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Mon, 02 Dec 2024 02:26:16 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=31536000
location
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Mon, 02 Dec 2024 02:26:16 GMT
content-type
text/html
server
ATS
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40royc...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y
0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

x-fastly-to-nlb-rtt
40045
date
Mon, 02 Dec 2024 02:26:17 GMT
server
nginx
access-control-allow-credentials
true

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:16 GMT
pragma
no-cache
server
nginx/1.22.1
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40r...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Mon, 02 Dec 2024 02:26:16 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
/xuid?ld=1&mid=4714&xuid=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Mon, 02 Dec 2024 02:26:16 GMT
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds...
  • https://ib.adnxs.com/setuid?entity=172&code=YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y
Protocol
H2
Server
68.67.160.26 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
149.88.16.228; 149.88.16.228; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
cef39ddb-7c63-443f-b131-691be10dfa1b
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 02 Dec 2024 02:26:16 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
149.88.16.228; 149.88.16.228; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
93008c44-9eac-4b6a-ab8d-771db577f13c
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 02 Dec 2024 02:26:16 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
trigger
x.adroll.com/attribution/ 		2 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.adroll.com/attribution/trigger?fpc=8f1dfba0bbacf1eec68e5cb4dacca9a7&advertisable_eid=FLABZ4S7ABGLXDGDZPXVMS&conversion_type=PageView&conversion_value=0.0&currency=EUR&flg=1&pv=11720652091.81581&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.223.154.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-223-154-245.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

content-length
2
date
Mon, 02 Dec 2024 02:26:16 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"15215475881411789570","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"15215475881411789570","filters":{"source_type":["navigation"]}}],"debug_key":"446605862024797883","debug_reporting":true,"filters":{"0":["FLABZ4S7ABGLXDGDZPXVMS"]}}
content-type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| setCookie function| getCookie string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| loading function| __adroll__ string| adroll_sid object| __adroll_consent_data object| dataLayer object| __adroll boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called function| fbq function| _fbq object| __adroll_pxl_assistant_track string| adroll_seg_eid string| adroll_rule_type function| __adroll_idem0

40 Cookies

Domain/Path Name / Value
.d.adroll.com/ Name: receive-cookie-deprecation
Value: 1
.adroll.com/ Name: receive-cookie-deprecation
Value: 1
.prfctr.com/ Name: __adroll_fpc
Value: 8f1dfba0bbacf1eec68e5cb4dacca9a7-1733106376372
.prfctr.com/ Name: __ar_v4
Value: %7CFLABZ4S7ABGLXDGDZPXVMS%3A20250001%3A1%7CKPUNFH3A2VCZZEYDM5FE54%3A20250001%3A1
.casalemedia.com/ Name: CMID
Value: Z00ayNHM6WsAAGznAWOUbwAA
.casalemedia.com/ Name: CMPS
Value: 3535
.casalemedia.com/ Name: CMPRO
Value: 3535
x.adroll.com/ Name: ar_debug
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBMgaTWcCEKfJ2FoW90EKYu1h2auxpWsFEgEBAQFsTmdWZyXaxyMA_eMAAA&S=AQAAAnLGq_E9f4UzF29lIkMLQhE
.adnxs.com/ Name: XANDR_PANID
Value: yEDYsHQO5gomJJXvaFifCEYLl1nuWfcHxmu0QL_DYW9qflR_rGxtlbZxwn4eEnZPKzLotca-Zo5pGBpqgGaxOZguxBeOs3mUGRySziAjKV0.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 2703355679107446600
.3lift.com/ Name: tluidp
Value: 4074220479134631310782
.3lift.com/ Name: tluid
Value: 4074220479134631310782
.analytics.yahoo.com/ Name: IDSYNC
Value: 1770~2m5e
.adnxs.com/ Name: anj
Value: dTM7k!M4/rD>6NRF']wIg2C%stsyMh!]tbPl@/@8$-^=$U_hsvYXs3pZm+'9Hs38CBLZs3?glp)<tFqSF5y3m_DVQ<^@h0VF?Qj2YvmmmBF`<G3If)y3KL9D3I?+8MR:p]
.openx.net/ Name: i
Value: db67b39e-1569-47b5-b697-d49046ddea77|1733106376
.pubmatic.com/ Name: KRTBCOOKIE_10
Value: 22808-YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&KRTB&22883-YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&KRTB&23504-YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y&KRTB&23615-YTA3NzI0M2MwNzFmMzBlYzdmZDIzZDc0OWM0ZjIyM2Y
.pubmatic.com/ Name: PugT
Value: 1733106376
.tapad.com/ Name: TapAd_TS
Value: 1733106376846
.tapad.com/ Name: TapAd_DID
Value: 4ac61890-3367-4b7a-bad6-a2737d74361b
.rlcdn.com/ Name: rlas3
Value: 6w6Vd2Vd6A6d8wtVw0yoCyclLywpcpgOfVict0WOSag=
.rubiconproject.com/ Name: audit_p
Value: 1|1gD/U7VcR/yZ5y6kj2KVWovA2HsFohQ4JwJbK5kJfx7sf3zahXrs4fqkUIJfaj0o7KSi3l34LeiM1KxoLazIt7kxm0k08nop+R4DB+iLIkEJdt26juuvtz3Tpd8PUtgpxpoCsQiAJ7B0aM1Emz+pe1aWKoesF+oOQHmLqf8ArKmSNFGJ9lYZUg5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/ Name: khaos
Value: M46ESEZ3-4-18FY
.rubiconproject.com/ Name: khaos_p
Value: M46ESEZ3-4-18FY
.rubiconproject.com/ Name: audit
Value: 1|1gD/U7VcR/yZ5y6kj2KVWovA2HsFohQ4JwJbK5kJfx7sf3zahXrs4fqkUIJfaj0o7KSi3l34LeiM1KxoLazIt7kxm0k08nop+R4DB+iLIkEJdt26juuvtz3Tpd8PUtgpxpoCsQiAJ7B0aM1Emz+pe1aWKoesF+oOQHmLqf8ArKmSNFGJ9lYZUg5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.rlcdn.com/ Name: pxrc
Value: CMi1tLoGEgUI6AcQABIFCOhHEAA=
.doubleclick.net/ Name: IDE
Value: AHWqTUkhr8YfUfXKXTd1_pYVZ5h_eU-KGc1GvaJP4uZPoxoVzhcex3LD0lV54s4POII
.d.adroll.com/ Name: __adroll
Value: a077243c071f30ec7fd23d749c4f223f-g_1733106377-a_1733106376
.adroll.com/ Name: __adroll_shared
Value: a077243c071f30ec7fd23d749c4f223f-g_1733106377-a_1733106376
.pippio.com/ Name: did
Value: Sbc6-15KO2_x6vNM
.pippio.com/ Name: didts
Value: 1733106377
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.adsrvr.org/ Name: TDID
Value: 0529f747-6c20-4016-9c2e-eb1b044de7ff
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwjgwPa616DJPRAFGAUgASgCMgsIyJW_5-2gyT0QBTgB
.taboola.com/ Name: t_gid
Value: a995bfb1-aa93-4ac1-98ad-f208a5d1fec6-tucte46a049
.taboola.com/ Name: t_pt_gid
Value: a995bfb1-aa93-4ac1-98ad-f208a5d1fec6-tucte46a049
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8090

1 Console Messages

Source Level URL
Text
network error URL: https://prfctr.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clicktime.symantec.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
go.scanned-safe.net
go.sparkpostmail2.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
match.adsrvr.org
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
prfctr.com
s.adroll.com
sync.outbrain.com
sync.taboola.com
trk.investmentwheel.com
ups.analytics.yahoo.com
us-u.openx.net
x.adroll.com
x.bidswitch.net
104.18.27.193
107.178.254.65
141.226.224.48
157.240.229.1
172.67.174.10
172.67.175.97
18.214.55.247
207.65.37.184
3.162.103.91
3.210.51.198
3.93.98.248
34.111.113.62
35.155.23.186
35.211.202.130
35.244.154.8
35.244.159.8
35.71.139.29
35.84.76.121
44.223.154.245
52.223.40.198
64.202.112.63
64.233.180.155
68.67.160.26
69.147.65.252
69.173.146.5
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6630411f81f04e966b964d5047b79624ce385764517f7769491ceb350602f5a9
7761483e556bbf26810f227776329b90378df64532f222b412a4922276afb4c7
78f8c2de532c0e5071f69ef0572aab838c84157703427ab35e883f23696e0681
8491a487c4cc4fb7fd43d0cde567907ef48fd13b39df64da05e8e179b5bfad2d
99c10d759f9d7b8a54061e4d310bacfa9386dd2ff0ef4b4c103f700d94361968
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e