responsivefr.groupmackay.com Open in urlscan Pro
52.179.3.249 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-eu.mimecast.com/s/UBxGC6BKc0GJKpycMtDdV?domain=venduegaranti.com
Effective URL:
http://responsivefr.groupmackay.com/pp_32
Submission Tags: falconsandbox
Submission: On February 03 via api (February 3rd 2021, 4:03:43 am UTC) from US

Summary HTTP 58 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 30 domains to perform 58 HTTP transactions. The main IP is 52.179.3.249, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is responsivefr.groupmackay.com.

This is the only time responsivefr.groupmackay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	91.220.42.215 91.220.42.215	42427 (MIMECAST-UK) (MIMECAST-UK)
1 1	40.76.50.119 40.76.50.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 14	52.179.3.249 52.179.3.249	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:2e00:6:9a19:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	44.236.216.146 44.236.216.146	16509 (AMAZON-02) (AMAZON-02)
2	143.204.174.39 143.204.174.39	16509 (AMAZON-02) (AMAZON-02)
16 22	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:1f18:612... 2600:1f18:612b:4200:cb3:5c60:7c23:c0c7	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	18.133.35.94 18.133.35.94	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.39 13.225.78.39	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1	3.229.46.71 3.229.46.71	14618 (AMAZON-AES) (AMAZON-AES)
1	92.123.150.214 92.123.150.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.253.109.165 34.253.109.165	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
58	33

2 91.220.42.215 (United Kingdom) 2 redirects

ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com

protect-eu.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.76.50.119 (Washington, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: ns2.consulnet.com

www.venduegaranti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.179.3.249 (Washington, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

responsivefr.groupmackay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:2e00:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.236.216.146 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-216-146.us-west-2.compute.amazonaws.com

310154ab-a3ef-4b95-9fb9-31e366a3fe8a.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.174.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-174-39.lhr50.r.cloudfront.net

capture-api.reachlocalservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 159.253.128.183 (Amsterdam, Netherlands) 16 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:cb3:5c60:7c23:c0c7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.133.35.94 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-35-94.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-39.fra2.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.46.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-46-71.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.150.214 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-214.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.109.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.11 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	simpli.fi 16 redirects i.simpli.fi um.simpli.fi	15 KB
14	groupmackay.com 2 redirects responsivefr.groupmackay.com	1 MB
6	doubleclick.net 4 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	4 KB
3	pro-market.net 2 redirects fei.pro-market.net pbid.pro-market.net	1 KB
3	google.de www.google.de	332 B
3	google.com 1 redirects www.google.com	530 B
3	gstatic.com fonts.gstatic.com	33 KB
3	rlets.com cdn.rlets.com 310154ab-a3ef-4b95-9fb9-31e366a3fe8a.rlets.com	43 KB
2	openx.net 1 redirects us-u.openx.net	480 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	968 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	977 B
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	tapad.com 1 redirects pixel.tapad.com	907 B
2	reachlocalservices.com capture-api.reachlocalservices.com	556 B
2	facebook.com www.facebook.com	406 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	92 KB
2	googleadservices.com 1 redirects www.googleadservices.com	12 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	mimecast.com 2 redirects protect-eu.mimecast.com	1 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	adnxs.com ib.adnxs.com	1 KB
1	rlcdn.com idsync.rlcdn.com	66 B
1	bluekai.com stags.bluekai.com	741 B
1	bfmio.com sync.bfmio.com	421 B
1	intentiq.com sync.intentiq.com
1	agkn.com 1 redirects aa.agkn.com	323 B
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	venduegaranti.com 1 redirects www.venduegaranti.com	311 B
58	30

	Domain	Requested by
22	um.simpli.fi	16 redirects
14	responsivefr.groupmackay.com	2 redirects responsivefr.groupmackay.com
3	cm.g.doubleclick.net	3 redirects
3	www.google.de	responsivefr.groupmackay.com
3	www.google.com	1 redirects responsivefr.groupmackay.com
3	fonts.gstatic.com	fonts.googleapis.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	us-u.openx.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	ce.lijit.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	capture-api.reachlocalservices.com	cdn.rlets.com
2	www.facebook.com	responsivefr.groupmackay.com
2	www.google-analytics.com	responsivefr.groupmackay.com www.google-analytics.com
2	connect.facebook.net	responsivefr.groupmackay.com connect.facebook.net
2	i.simpli.fi	responsivefr.groupmackay.com i.simpli.fi
2	www.googleadservices.com	1 redirects responsivefr.groupmackay.com
2	cdn.rlets.com	responsivefr.groupmackay.com cdn.rlets.com
2	fonts.googleapis.com	responsivefr.groupmackay.com
2	protect-eu.mimecast.com	2 redirects
1	pixel.rubiconproject.com
1	ib.adnxs.com
1	idsync.rlcdn.com
1	stags.bluekai.com
1	sync.bfmio.com
1	pbid.pro-market.net
1	sync.intentiq.com
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	310154ab-a3ef-4b95-9fb9-31e366a3fe8a.rlets.com	cdn.rlets.com
1	www.venduegaranti.com	1 redirects
58	34

This site contains links to these domains. Also see Links.

Domain
search.immobilierinfomontreal.com
www.groupmackay.com
groupemackay.sharepoint.com
consulnet.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.rlets.com Amazon	`2021-01-29` - `2022-02-27`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.reachlocalservices.com DigiCert SHA2 High Assurance Server CA	`2018-01-26` - `2021-02-03`	3 years	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.intentiq.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.pro-market.net Gandi Standard SSL CA 2	`2020-07-22` - `2022-08-20`	2 years	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.bfmio.com Amazon	`2020-06-14` - `2021-07-14`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://responsivefr.groupmackay.com/pp_32
Frame ID: BBB44CA885E024B300604E805AEAD81C
Requests: 56 HTTP requests in this frame

Frame: https://310154ab-a3ef-4b95-9fb9-31e366a3fe8a.rlets.com/static/storage.html
Frame ID: 2ABDC6843AE4E7536CE8D09BAE53B85F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://protect-eu.mimecast.com/s/UBxGC6BKc0GJKpycMtDdV?domain=venduegaranti.com HTTP 307
https://protect-eu.mimecast.com/redirect/eNo9Udtq4zAQ_RWjhz7FjizHaW0IbQl96oVeCIUlYLTyEKuxJCONatKy_95xki0IMef... HTTP 307
http://www.venduegaranti.com/?utm_source=WiseStamp&utm_medium=email&utm_term=&utm_content=&utm_campaign=s... HTTP 302
http://responsivefr.groupmackay.com/redir.asp?T=44611476&page=pp_32.asp HTTP 302
http://responsivefr.groupmackay.com/pp_32.asp HTTP 301
http://responsivefr.groupmackay.com/pp_32 Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

58
Requests

74 %
HTTPS

42 %
IPv6

30
Domains

34
Subdomains

33
IPs

6
Countries

1251 kB
Transfer

1652 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://search.immobilierinfomontreal.com/
Title: Propriétés à vendre

Search URL Search Domain Scan URL

URL: http://www.groupmackay.com/_home_page
Title: English

Search URL Search Domain Scan URL

URL: https://groupemackay.sharepoint.com/
Title: Accès Courtier

Search URL Search Domain Scan URL

URL: https://consulnet.com/dmca/
Title: Avis DMCA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-eu.mimecast.com/s/UBxGC6BKc0GJKpycMtDdV?domain=venduegaranti.com HTTP 307
https://protect-eu.mimecast.com/redirect/eNo9Udtq4zAQ_RWjhz7FjizHaW0IbQl96oVeCIUlYLTyEKuxJCONatKy_95xki0IMefonNFcvplXA7KaqXHodOi03d2oGLpR7iFTzrAZ651idT5jnmRixiDolvBlUS1EIcRixtDgk2uBknBekkEPFBaLTJQiy-kUnMhhcpE9-p5eO8Sh3s6383Ecs0-wbYSd9NKinj7dzq8jmia46BWs3nWAN5RmuJhIA62OZgVG6v5IIHizOkbKWQSLZ0AGqXd2FeiSGD1QETB1even2dznVSp4s17n4rZoBM-rXPCrhjdxP-VbpNRJKnJRLEW1LKupfklTYCcDQammVOsO1H7z-kAEDQ2dAa9Ok_gVBtt6wtLK_vAF_uZ_kEHMAqjoNR6gjUqidvY8cQ87AuQavENQmJLWaANKBjxLQvz7QYKN7fUe-kMik-dpfXXyCnVS8mWZlvwyT14igE0epT-w454eXbS0B3Zuk_37Ab0epCI HTTP 307
http://www.venduegaranti.com/?utm_source=WiseStamp&utm_medium=email&utm_term=&utm_content=&utm_campaign=signature HTTP 302
http://responsivefr.groupmackay.com/redir.asp?T=44611476&page=pp_32.asp HTTP 302
http://responsivefr.groupmackay.com/pp_32.asp HTTP 301
http://responsivefr.groupmackay.com/pp_32 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://fonts.googleapis.com/css?family=Open+Sans HTTP 307
https://fonts.googleapis.com/css?family=Open+Sans

Request Chain 5

http://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700 HTTP 307
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700

Request Chain 10

http://connect.facebook.net/en_US/fbevents.js HTTP 307
https://connect.facebook.net/en_US/fbevents.js

Request Chain 36

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=993F31157AD94EF080B4108F1C5B5A56

Request Chain 37

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=993F31157AD94EF080B4108F1C5B5A56 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=993F31157AD94EF080B4108F1C5B5A56

Request Chain 38

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=993F31157AD94EF080B4108F1C5B5A56 HTTP 302
https://um.simpli.fi/aa_px?sk=164851003686000065524

Request Chain 40

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=993F31157AD94EF080B4108F1C5B5A56

Request Chain 43

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=993F31157AD94EF080B4108F1C5B5A56;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=993F31157AD94EF080B4108F1C5B5A56;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm&google_sc HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOKzicAUWgnU-e_yV0wuvyc&google_cver=1

Request Chain 44

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=993F31157AD94EF080B4108F1C5B5A56&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=993F31157AD94EF080B4108F1C5B5A56&j=0&xl8blockcheck=1

Request Chain 46

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=993F31157AD94EF080B4108F1C5B5A56

Request Chain 47

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=993F31157AD94EF080B4108F1C5B5A56

Request Chain 48

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=993F31157AD94EF080B4108F1C5B5A56 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=993F31157AD94EF080B4108F1C5B5A56

Request Chain 49

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=993F31157AD94EF080B4108F1C5B5A56 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=993F31157AD94EF080B4108F1C5B5A56&dnr=1

Request Chain 50

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=993F31157AD94EF080B4108F1C5B5A56

Request Chain 51

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1612324995057&cv=7&fst=1612324995057&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=847370894&cv=7&fst=1612324995057&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=gyAaYO64Bp6ttge0zZHIAw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=847370894&cv=7&fst=1612324995057&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gyAaYO64Bp6ttge0zZHIAw&cid=CAQSKQCNIrLMvqed_zTzzo1o44KwnwM5H3CIm1T7ywn_E9tqAaQR8wBHB-Uq&random=2643579428 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=847370894&cv=7&fst=1612324995057&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gyAaYO64Bp6ttge0zZHIAw&cid=CAQSKQCNIrLMvqed_zTzzo1o44KwnwM5H3CIm1T7ywn_E9tqAaQR8wBHB-Uq&random=2643579428&ipr=y

Request Chain 52

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=993F31157AD94EF080B4108F1C5B5A56 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=993F31157AD94EF080B4108F1C5B5A56&__user_check__=1&sync_id=bd9af434-65d4-11eb-afdf-1a27ea404f06

Request Chain 53

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=993F31157AD94EF080B4108F1C5B5A56

Request Chain 54

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=993F31157AD94EF080B4108F1C5B5A56&expires=365

Request Chain 55

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=993F31157AD94EF080B4108F1C5B5A56 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=993F31157AD94EF080B4108F1C5B5A56

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESENxhd70rHnwMoMA48WnQeNA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=993F31157AD94EF080B4108F1C5B5A56 HTTP 302
https://um.simpli.fi/g_match?id=

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request pp_32 Show response
responsivefr.groupmackay.com/
Redirect Chain

https://protect-eu.mimecast.com/s/UBxGC6BKc0GJKpycMtDdV?domain=venduegaranti.com
https://protect-eu.mimecast.com/redirect/eNo9Udtq4zAQ_RWjhz7FjizHaW0IbQl96oVeCIUlYLTyEKuxJCONatKy_95xki0IMefonNFcvplXA7KaqXHodOi03d2oGLpR7iFTzrAZ651idT5jnmRixiDolvBlUS1EIcRixtDgk2uBknBekkEPFBaLTJQi...
http://www.venduegaranti.com/?utm_source=WiseStamp&utm_medium=email&utm_term=&utm_content=&utm_campaign=signature
http://responsivefr.groupmackay.com/redir.asp?T=44611476&page=pp_32.asp
http://responsivefr.groupmackay.com/pp_32.asp
http://responsivefr.groupmackay.com/pp_32

42 KB
42 KB

177ms
176ms

Document
text/html

52.179.3.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://responsivefr.groupmackay.com/pp_32
Protocol: HTTP/1.1
Server: 52.179.3.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 07af0a80416e127369a403417d547d67fa516f36493e3a1dceffdcb6b0aad556

Request headers

Host: responsivefr.groupmackay.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASP.NET_SessionId=qqra5jbzi535idcjmh0snay1; lang=FR; SwsHit=1; T0=314324367313183437346; T1=314324367313183437346
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private, max-age=1200
Content-Type: text/html; charset=utf-8
Expires: Wed, 03 Feb 2021 04:23:12 GMT
Last-Modified: Wed, 03 Feb 2021 04:03:12 GMT
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 03 Feb 2021 04:03:12 GMT
Content-Length: 42598

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /pp_32
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 03 Feb 2021 04:03:12 GMT
Content-Length: 123

GET
H/1.1 200
OK main.css
responsivefr.groupmackay.com/ 48 KB
48 KB 262ms
238ms Stylesheet
text/css 52.179.3.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://responsivefr.groupmackay.com/main.css
Requested by: Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32
Protocol: HTTP/1.1
Server: 52.179.3.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cadfa9bd19c4d88f63b34fbaf05d653d1cf26db9a5ac9c04b53b0bb0de3c4dd4

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 04:03:12 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/css; charset=utf-8
Cache-Control: private
Content-Length: 49171

GET
H3-Q050

200

css
fonts.googleapis.com/
Redirect Chain

http://fonts.googleapis.com/css?family=Open+Sans
https://fonts.googleapis.com/css?family=Open+Sans

2 KB
572 B

20ms
19ms

Stylesheet
text/css

2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 03:55:26 GMT
server: ESF
date: Wed, 03 Feb 2021 04:03:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Feb 2021 04:03:12 GMT

Redirect headers

Location: https://fonts.googleapis.com/css?family=Open+Sans
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK styles
responsivefr.groupmackay.com/bundles/site/flex/ 47 KB
47 KB 246ms
222ms Stylesheet
text/css 52.179.3.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://responsivefr.groupmackay.com/bundles/site/flex/styles?v=Xo2Tk8_zCG_nrJsd9H0diqfxB10cOg-KzpBlVQZ5eRI1
Requested by: Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32
Protocol: HTTP/1.1
Server: 52.179.3.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5e9d381c6fe1df6e6a0b9d2d93b38f3313f5ee52ab1f493e8a8413225450bb12

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 04:03:12 GMT
Last-Modified: Wed, 03 Feb 2021 04:03:12 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/css; charset=utf-8
Cache-Control: public
Content-Length: 47654
Expires: Thu, 03 Feb 2022 04:03:12 GMT

GET
H/1.1 200
OK scripts Show response
responsivefr.groupmackay.com/bundles/site/flex/ 245 KB
245 KB 242ms
219ms Script
text/javascript 52.179.3.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://responsivefr.groupmackay.com/bundles/site/flex/scripts?v=zomcn8_XU9E0bP95NBLRYao8vg3_yjLuc-6oR-Eatx41
Requested by: Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32
Protocol: HTTP/1.1
Server: 52.179.3.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8c1fc3cc9dd443284002eadcb07f556ab6ac2a595f32101327b317cdfb69702e

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 04:03:12 GMT
Last-Modified: Wed, 03 Feb 2021 04:03:12 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 250586
Expires: Thu, 03 Feb 2022 04:03:12 GMT

GET
H/1.1 200
OK mms.js Show response
cdn.rlets.com/capture_static/mms/ 2 KB
1 KB 19ms
6ms Script
application/javascript 2600:9000:21f3:2e00:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.rlets.com/capture_static/mms/mms.js
Requested by: Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32
Protocol: HTTP/1.1
Server: 2600:9000:21f3:2e00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58e4c040867bc9a8524708a16468bd6f5c71093803902b84aa08950a0568bab6

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 22:15:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Oct 2020 17:59:11 GMT
Server: AmazonS3
Age: 27360
ETag: W/"1322886c8952dd472d4eb8a5261ebb22"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: lt8lqWGvyRHrcrc-CmaXf-rr3OCsXQyVM45UNxWwzK_MwP0uUGbtTQ==

GET
H3-Q050

200

css
fonts.googleapis.com/
Redirect Chain

http://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700

7 KB
773 B

19ms
18ms

Stylesheet
text/css

2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700

Requested by

Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f06c5f18584e8d94f0b4997820910454e00e752f9ef1d317075879769e197529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 03:39:51 GMT
server: ESF
date: Wed, 03 Feb 2021 04:03:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Feb 2021 04:03:12 GMT

Redirect headers

Location: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 86ms
66ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32

Protocol

HTTP/1.1

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

8507ad985164664889a51ea60056de3430816b39e23d481c6d5aa18e449ce622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 03 Feb 2021 04:03:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2893495987429245152
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 11886
X-XSS-Protection: 0
Expires: Wed, 03 Feb 2021 04:03:12 GMT

GET
H/1.1 200
OK Francois_Mackay_french__1_.png
responsivefr.groupmackay.com/myfiles/ 540 KB
541 KB 140ms
140ms Image
image/png 52.179.3.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://responsivefr.groupmackay.com/myfiles/Francois_Mackay_french__1_.png
Requested by: Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32
Protocol: HTTP/1.1
Server: 52.179.3.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 86095475a5cbbc2615191e2ba985c983f93658fbcb2ec34178322034566384ae

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 04:03:13 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: private, max-age=2592000
Content-Length: 553221
Expires: Fri, 05 Mar 2021 04:03:13 GMT

GET
H/1.1 200
OK dpx.js Show response
i.simpli.fi/ 3 KB
4 KB 65ms
45ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

http://i.simpli.fi/dpx.js?cid=1705&action=100&segment=105099&m=1

Requested by

Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32

Protocol

HTTP/1.1

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Wed, 03 Feb 2021 04:03:13 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3095
x-request-id: FmAhCeeo0JjqfQMH8dTB
Expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
responsivefr.groupmackay.com/Scripts/Owl-slider/ 39 KB
40 KB 151ms
150ms Script
application/javascript 52.179.3.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://responsivefr.groupmackay.com/Scripts/Owl-slider/owl.carousel.min.js
Requested by: Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32
Protocol: HTTP/1.1
Server: 52.179.3.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e04e2b4e27ae9881b1e161954cc00ba16c8c3a0ce73a179824756353efd6c481

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 04:03:13 GMT
Last-Modified: Mon, 29 Oct 2018 14:21:59 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "549c32c1926fd41:0"
Content-Type: application/javascript
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 40402

GET
H2

200

fbevents.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/fbevents.js
https://connect.facebook.net/en_US/fbevents.js

91 KB
23 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: ltzaYunTCB8Gip+JJbM1rudwoRVCN5Nu0SUdcbAQMaAPbX7/el+Tg+7hNuy3kp5H9h9EyIg4Oso/wZtZFDO9IQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 03 Feb 2021 04:03:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/fbevents.js
Non-Authoritative-Reason: HSTS

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1052691315/ 2 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1052691315/?random=1612324993193&cv=9&fst=1612324993193&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=listing_id%3DREPLACE_WITH_VALUE%3Blisting_pagetype%3DREPLACE_WITH_VALUE%3Blisting_totalvalue%3DREPLACE_WITH_VALUE&frm=0&url=http%3A%2F%2Fresponsivefr.groupmackay.com%2Fpp_32&tiba=Vendue%20Garanti!&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0c4b3d149af0fa70e792039abe1eceb4c94701281375e907d77c3f918766f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
File can not be found on server flexbg.jpg
responsivefr.groupmackay.com/myfiles/ 1 KB
1 KB 621ms
621ms Image
text/html 52.179.3.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://responsivefr.groupmackay.com/myfiles/flexbg.jpg
Requested by: Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32
Protocol: HTTP/1.1
Server: 52.179.3.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 04:03:13 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Cache-Control: private
Content-Length: 1245

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 11 KB
11 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://responsivefr.groupmackay.com
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 15:31:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:35 GMT
server: sffe
age: 217933
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11052
x-xss-protection: 0
expires: Mon, 31 Jan 2022 15:31:00 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
responsivefr.groupmackay.com/content/common/fonts/ 63 KB
63 KB 128ms
127ms Font
font/woff2 52.179.3.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://responsivefr.groupmackay.com/content/common/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/bundles/site/flex/styles?v=Xo2Tk8_zCG_nrJsd9H0diqfxB10cOg-KzpBlVQZ5eRI1
Protocol: HTTP/1.1
Server: 52.179.3.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Origin: http://responsivefr.groupmackay.com
Referer: http://responsivefr.groupmackay.com/bundles/site/flex/styles?v=Xo2Tk8_zCG_nrJsd9H0diqfxB10cOg-KzpBlVQZ5eRI1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 04:03:13 GMT
Last-Modified: Tue, 08 Dec 2020 20:08:02 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "7316dd59dcdd61:0"
Content-Type: font/woff2
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 64464

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://responsivefr.groupmackay.com
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:40:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:47 GMT
server: sffe
age: 562969
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10996
x-xss-protection: 0
expires: Thu, 27 Jan 2022 15:40:24 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2950
date: Wed, 03 Feb 2021 03:14:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 03 Feb 2021 05:14:03 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/880874726/ 2 KB
2 KB 100ms
86ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/880874726/?random=1612324993261&cv=9&fst=1612324993193&num=2&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=listing_id%3DREPLACE_WITH_VALUE%3Blisting_pagetype%3DREPLACE_WITH_VALUE%3Blisting_totalvalue%3DREPLACE_WITH_VALUE&frm=0&url=http%3A%2F%2Fresponsivefr.groupmackay.com%2Fpp_32&tiba=Vendue%20Garanti!&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f6677d4068eeff051fd805de7c0173d57f6ed13e8da793420aedee50cc91974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://responsivefr.groupmackay.com
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 17:21:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:42 GMT
server: sffe
age: 124908
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10968
x-xss-protection: 0
expires: Tue, 01 Feb 2022 17:21:25 GMT

GET
H/1.1 200
OK getkey Show response
responsivefr.groupmackay.com/api/general/ 160 B
412 B 127ms
127ms XHR
text/html 52.179.3.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://responsivefr.groupmackay.com/api/general/getkey
Requested by: Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/bundles/site/flex/scripts?v=zomcn8_XU9E0bP95NBLRYao8vg3_yjLuc-6oR-Eatx41
Protocol: HTTP/1.1
Server: 52.179.3.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 237402ae70aa21217777b959002981383920404c66300fae2e8374217d1bdcf5

Request headers

Accept: */*
Referer: http://responsivefr.groupmackay.com/pp_32
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 04:03:13 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Content-Length: 160
Expires: -1

GET
H/1.1 200
OK email.png
responsivefr.groupmackay.com/content/images/social2/ 1 KB
2 KB 242ms
223ms Image
image/png 52.179.3.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://responsivefr.groupmackay.com/content/images/social2/email.png
Requested by: Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32
Protocol: HTTP/1.1
Server: 52.179.3.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1e2e8dd9e97824cfbc66a2edd2fba0c1c6ae8bb44202c7f1abb64e3df8ac38b1

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 04:03:13 GMT
Last-Modified: Mon, 29 Oct 2018 14:22:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "ba89abc8926fd41:0"
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 1282

GET
H/1.1 200
OK facebook.png
responsivefr.groupmackay.com/content/images/social2/ 1 KB
1 KB 253ms
126ms Image
image/png 52.179.3.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://responsivefr.groupmackay.com/content/images/social2/facebook.png
Requested by: Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32
Protocol: HTTP/1.1
Server: 52.179.3.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6fcbb2431e862e037ea85e2de7c60a90b6f349f164ecd4da87bee14154aa335d

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 04:03:13 GMT
Last-Modified: Mon, 29 Oct 2018 14:22:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "3b5ec1c8926fd41:0"
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 1232

GET
H/1.1 200
OK twitter.png
responsivefr.groupmackay.com/content/images/social2/ 1 KB
2 KB 239ms
222ms Image
image/png 52.179.3.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://responsivefr.groupmackay.com/content/images/social2/twitter.png
Requested by: Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32
Protocol: HTTP/1.1
Server: 52.179.3.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0dee8c5e0e93fcac87732c88ea06d7b9d93c70a280b25d5cce50614e2b3a0fb6

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 04:03:13 GMT
Last-Modified: Mon, 29 Oct 2018 14:22:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "4447cdc8926fd41:0"
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 1366

GET
H2 200 3ef4b959fb931e366a3fe8a.js Show response
cdn.rlets.com/capture_configs/310/154/aba/ 164 KB
42 KB 678ms
664ms Script
text/javascript 2600:9000:21f3:2e00:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rlets.com/capture_configs/310/154/aba/3ef4b959fb931e366a3fe8a.js
Requested by: Host: cdn.rlets.com
URL: http://cdn.rlets.com/capture_static/mms/mms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2e00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dac3c4d86546bb14404c310ac77c3378432ca50e94cae7b5176cb3e75446a9de

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:03:14 GMT
content-encoding: gzip
last-modified: Sat, 23 Jan 2021 00:39:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"9b95fe8c8183e7b4e6737645d14e3754"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-amz-cf-id: 1F31E0gsErC3N1-Vei9KAU5y7I1TLSrHrngHDK8CfHhXboNhLtiSmA==

GET
H2 200 /
www.google.com/pagead/1p-user-list/1052691315/ 42 B
138 B 22ms
21ms Image
image/gif 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1052691315/?random=1612324993193&cv=9&fst=1612324800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=listing_id%3DREPLACE_WITH_VALUE%3Blisting_pagetype%3DREPLACE_WITH_VALUE%3Blisting_totalvalue%3DREPLACE_WITH_VALUE&frm=0&url=http%3A%2F%2Fresponsivefr.groupmackay.com%2Fpp_32&tiba=Vendue%20Garanti!&fmt=3&is_vtc=1&random=1208186479&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1052691315/ 42 B
154 B 20ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1052691315/?random=1612324993193&cv=9&fst=1612324800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=listing_id%3DREPLACE_WITH_VALUE%3Blisting_pagetype%3DREPLACE_WITH_VALUE%3Blisting_totalvalue%3DREPLACE_WITH_VALUE&frm=0&url=http%3A%2F%2Fresponsivefr.groupmackay.com%2Fpp_32&tiba=Vendue%20Garanti!&fmt=3&is_vtc=1&random=1208186479&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 923291307758176 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 108ms
107ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/923291307758176?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c304d0ffaa82983e61467aa155af0f38a0b12a2190e0cde5394aefe6614b609b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: kIITjnU8/XGbmQorXC/ngPHKP3i07N7Z70nBjkR9/mEWBl+012/Vrrjo2YX95irv+0ZjcIDYyaqeXDJtbRlhYQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 03 Feb 2021 04:03:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1801431161
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
74 B 13ms
12ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1425425781&t=pageview&_s=1&dl=http%3A%2F%2Fresponsivefr.groupmackay.com%2Fpp_32&ul=en-us&de=UTF-8&dt=Vendue%20Garanti!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=106444292&gjid=1649175137&cid=937388387.1612324993&tid=UA-78831666-2&_gid=1506203863.1612324993&_r=1&_slc=1&z=1103287374

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://responsivefr.groupmackay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/880874726/ 42 B
89 B 20ms
19ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/880874726/?random=1612324993261&cv=9&fst=1612324800000&num=2&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=listing_id%3DREPLACE_WITH_VALUE%3Blisting_pagetype%3DREPLACE_WITH_VALUE%3Blisting_totalvalue%3DREPLACE_WITH_VALUE&frm=0&url=http%3A%2F%2Fresponsivefr.groupmackay.com%2Fpp_32&tiba=Vendue%20Garanti!&fmt=3&is_vtc=1&random=4262433531&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/880874726/ 42 B
89 B 19ms
18ms Image
image/gif 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/880874726/?random=1612324993261&cv=9&fst=1612324800000&num=2&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=listing_id%3DREPLACE_WITH_VALUE%3Blisting_pagetype%3DREPLACE_WITH_VALUE%3Blisting_totalvalue%3DREPLACE_WITH_VALUE&frm=0&url=http%3A%2F%2Fresponsivefr.groupmackay.com%2Fpp_32&tiba=Vendue%20Garanti!&fmt=3&is_vtc=1&random=4262433531&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=923291307758176&ev=PageView&dl=http%3A%2F%2Fresponsivefr.groupmackay.com%2Fpp_32&rl=&if=false&ts=1612324993437&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1612324993436.1419571121&it=1612324993305&coo=false&rqm=GET

Requested by

Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:03:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Feb 2021 04:03:13 GMT

GET
H2 200 storage.html
310154ab-a3ef-4b95-9fb9-31e366a3fe8a.rlets.com/static/ Frame 2ABD 0
0 550ms
178ms Document
text/html 44.236.216.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://310154ab-a3ef-4b95-9fb9-31e366a3fe8a.rlets.com/static/storage.html
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/310/154/aba/3ef4b959fb931e366a3fe8a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.216.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-216-146.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: 310154ab-a3ef-4b95-9fb9-31e366a3fe8a.rlets.com
:scheme: https
:path: /static/storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://responsivefr.groupmackay.com/pp_32
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://responsivefr.groupmackay.com/pp_32

Response headers

date: Wed, 03 Feb 2021 04:03:14 GMT
content-type: text/html
content-length: 1997
last-modified: Fri, 18 Dec 2020 19:58:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=923291307758176&ev=Microdata&dl=http%3A%2F%2Fresponsivefr.groupmackay.com%2Fpp_32&rl=&if=false&ts=1612324994940&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Vendue%20Garanti!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1612324993436.1419571121&it=1612324993305&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: responsivefr.groupmackay.com
URL: http://responsivefr.groupmackay.com/pp_32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:03:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Feb 2021 04:03:14 GMT

GET
H2 200 p Show response
i.simpli.fi/ 757 B
2 KB 98ms
33ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_2783864476054922._hp

Requested by

Host: i.simpli.fi
URL: http://i.simpli.fi/dpx.js?cid=1705&action=100&segment=105099&m=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

c7f31618cfa808435c52de7580884b60078a2e4114cd91282fb2a16a97b1bb0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
date: Wed, 03 Feb 2021 04:03:15 GMT
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 originCountry
capture-api.reachlocalservices.com/ Frame 0
0 472ms
407ms Other
application/json 143.204.174.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Protocol: H2
Server: 143.204.174.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-174-39.lhr50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://responsivefr.groupmackay.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 03 Feb 2021 04:03:15 GMT
x-amzn-requestid: fb134e18-6da8-48a3-b5e4-237c6d6cd45e
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: aJoEiEqJvHcFSgg=
access-control-allow-methods: GET,OPTIONS
x-cache: Miss from cloudfront
via: 1.1 42a90eee92b9e5976aea125e8f9d2f9a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-C1
x-amz-cf-id: gUkNkmuu3F1DjkOJPAvA5vGpg8ZKhD5IsOeL5qVcVLXAHIM1ldsFew==

GET
H2 200 originCountry Show response
capture-api.reachlocalservices.com/ 35 B
556 B 432ms
432ms XHR
application/json 143.204.174.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/310/154/aba/3ef4b959fb931e366a3fe8a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.174.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-174-39.lhr50.r.cloudfront.net
Software: /
Resource Hash: 881cbf104b04cdf6c61ac3a34695fb5251b5aeafe7716162e1d9a632ceaf23fb

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 03 Feb 2021 04:03:15 GMT
via: 1.1 42a90eee92b9e5976aea125e8f9d2f9a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-C1
x-amzn-requestid: a47d3654-d384-4ab2-a939-63626765781c
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-601a2083-24cd75f1747b18e73efc179f;Sampled=0
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: aJoEmGsFvHcFyJA=
content-length: 35
x-amz-cf-id: KYjp6p3lagYx4tUdLINid4GjYOZrAJ_N0GMLPUOKdsNLSuO_KFwhPw==
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=993F31157AD94EF080B4108F1C5B5A56

43 B
183 B

273ms
87ms

Image
image/gif

2600:1f18:612b:4200:cb3:5c60:7c23:c0c7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=993F31157AD94EF080B4108F1C5B5A56
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:cb3:5c60:7c23:c0c7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:03:15 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=993F31157AD94EF080B4108F1C5B5A56
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 02 Feb 2021 04:03:15 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=993F31157AD94EF080B4108F1C5B5A56
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=993F31157AD94EF080B4108F1C5B5A56

95 B
426 B

25ms
25ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=993F31157AD94EF080B4108F1C5B5A56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:03:15 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Wed, 03 Feb 2021 04:03:15 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=993F31157AD94EF080B4108F1C5B5A56
alt-svc: clear
content-length: 0

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=993F31157AD94EF080B4108F1C5B5A56
https://um.simpli.fi/aa_px?sk=164851003686000065524

43 B
409 B

30ms
30ms

Image
image/gif

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164851003686000065524

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 02 Feb 2021 04:03:15 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:15 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://um.simpli.fi/aa_px?sk=164851003686000065524
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 103ms
30ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 02 Feb 2021 04:03:15 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=993F31157AD94EF080B4108F1C5B5A56

0
0

95ms
28ms

Image
text/html

13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=993F31157AD94EF080B4108F1C5B5A56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=993F31157AD94EF080B4108F1C5B5A56
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 02 Feb 2021 04:03:15 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 104ms
31ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 02 Feb 2021 04:03:15 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 31ms
29ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 02 Feb 2021 04:03:15 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=993F31157AD94EF080B4108F1C5B5A56;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=993F31157AD94EF080B4108F1C5B5A56;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm&google_sc
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOKzicAUWgnU-e_yV0wuvyc&google_cver=1

43 B
389 B

17ms
14ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOKzicAUWgnU-e_yV0wuvyc&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8eee:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOKzicAUWgnU-e_yV0wuvyc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=993F31157AD94EF080B4108F1C5B5A56&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=993F31157AD94EF080B4108F1C5B5A56&j=0&xl8blockcheck=1

0
751 B

118ms
118ms

Image
text/plain

18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=993F31157AD94EF080B4108F1C5B5A56&j=0&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:03:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Wed, 03 Feb 2021 04:03:15 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=993F31157AD94EF080B4108F1C5B5A56&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 32ms
30ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 02 Feb 2021 04:03:15 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=993F31157AD94EF080B4108F1C5B5A56

0
421 B

401ms
97ms

Image
text/plain

3.229.46.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=993F31157AD94EF080B4108F1C5B5A56
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.46.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-46-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 03 Feb 2021 04:03:14 GMT

Redirect headers

date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=993F31157AD94EF080B4108F1C5B5A56
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 02 Feb 2021 04:03:15 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=993F31157AD94EF080B4108F1C5B5A56

62 B
741 B

240ms
176ms

Image
image/gif

92.123.150.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=993F31157AD94EF080B4108F1C5B5A56
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.150.214 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-150-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 04:03:15 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: a175
Content-Type: image/gif

Redirect headers

date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=993F31157AD94EF080B4108F1C5B5A56
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 02 Feb 2021 04:03:15 GMT

GET
H2

200

tpid=993F31157AD94EF080B4108F1C5B5A56
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=993F31157AD94EF080B4108F1C5B5A56
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=993F31157AD94EF080B4108F1C5B5A56

49 B
712 B

52ms
52ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=993F31157AD94EF080B4108F1C5B5A56
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:15 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.30.29
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:15 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=993F31157AD94EF080B4108F1C5B5A56
cache-control: no-cache
x-server: 10.45.19.129
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=993F31157AD94EF080B4108F1C5B5A56
https://ce.lijit.com/merge?pid=2&3pid=993F31157AD94EF080B4108F1C5B5A56&dnr=1

0
433 B

35ms
35ms

Image
text/plain

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=993F31157AD94EF080B4108F1C5B5A56&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 04:03:15 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 04:03:15 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=993F31157AD94EF080B4108F1C5B5A56&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=993F31157AD94EF080B4108F1C5B5A56

0
66 B

83ms
25ms

Image
text/plain

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=993F31157AD94EF080B4108F1C5B5A56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:03:15 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=993F31157AD94EF080B4108F1C5B5A56
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 02 Feb 2021 04:03:15 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1612324995057&cv=7&fst=1612324995057&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=847370894&cv=7&fst=1612324995057&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
https://www.google.com/pagead/1p-conversion/1026675585/?random=847370894&cv=7&fst=1612324995057&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
https://www.google.de/pagead/1p-conversion/1026675585/?random=847370894&cv=7&fst=1612324995057&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...

42 B
89 B

20ms
20ms

Image
image/gif

2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=847370894&cv=7&fst=1612324995057&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gyAaYO64Bp6ttge0zZHIAw&cid=CAQSKQCNIrLMvqed_zTzzo1o44KwnwM5H3CIm1T7ywn_E9tqAaQR8wBHB-Uq&random=2643579428&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=847370894&cv=7&fst=1612324995057&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gyAaYO64Bp6ttge0zZHIAw&cid=CAQSKQCNIrLMvqed_zTzzo1o44KwnwM5H3CIm1T7ywn_E9tqAaQR8wBHB-Uq&random=2643579428&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=993F31157AD94EF080B4108F1C5B5A56
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=993F31157AD94EF080B4108F1C5B5A56&__user_check__=1&sync_id=bd9af434-65d4-11eb-afdf-1a27ea404f06

43 B
548 B

38ms
38ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=993F31157AD94EF080B4108F1C5B5A56&__user_check__=1&sync_id=bd9af434-65d4-11eb-afdf-1a27ea404f06
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 04:03:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 19
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 03 Feb 2021 04:03:15 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=993F31157AD94EF080B4108F1C5B5A56&__user_check__=1&sync_id=bd9af434-65d4-11eb-afdf-1a27ea404f06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 26
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=993F31157AD94EF080B4108F1C5B5A56

43 B
1 KB

96ms
29ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=993F31157AD94EF080B4108F1C5B5A56

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 04:03:15 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.236:80
AN-X-Request-Uuid: e326be56-678e-4910-a5d6-2664b0f4bf58
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://ib.adnxs.com/setuid?entity=66&code=993F31157AD94EF080B4108F1C5B5A56
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 02 Feb 2021 04:03:15 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=993F31157AD94EF080B4108F1C5B5A56&expires=365

0
239 B

123ms
29ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=993F31157AD94EF080B4108F1C5B5A56&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=993F31157AD94EF080B4108F1C5B5A56&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Tue, 02 Feb 2021 04:03:15 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=993F31157AD94EF080B4108F1C5B5A56
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=993F31157AD94EF080B4108F1C5B5A56

43 B
180 B

26ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=993F31157AD94EF080B4108F1C5B5A56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:15 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=993F31157AD94EF080B4108F1C5B5A56
date: Wed, 03 Feb 2021 04:03:15 GMT
via: 1.1 google
server: OXGW/16.202.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESENxhd70rHnwMoMA48WnQeNA&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=993F31157AD94EF080B4108F1C5B5A56
https://um.simpli.fi/g_match?id=

0
320 B

29ms
29ms

Image
text/plain

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://responsivefr.groupmackay.com/pp_32
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:03:15 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 02 Feb 2021 04:03:15 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 04:03:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.groupmackay.com/	1970-01-19 18:01:40	Name: _fbp Value: fb.1.1612324993436.1419571121
.groupmackay.com/	1970-01-19 15:53:31	Name: _gid Value: GA1.2.1506203863.1612324993
.groupmackay.com/	1970-01-20 09:23:16	Name: _ga Value: GA1.2.937388387.1612324993
310154ab-a3ef-4b95-9fb9-31e366a3fe8a.rlets.com/	1970-01-19 15:53:31	Name: test Value: test
.responsivefr.groupmackay.com/	1970-01-19 20:11:16	Name: T1 Value: 314324367313183437346
.responsivefr.groupmackay.com/	1970-01-19 15:53:31	Name: SwsHit Value: 1
.groupmackay.com/	1970-01-19 15:52:05	Name: _gat Value: 1
.responsivefr.groupmackay.com/	1970-01-19 15:53:31	Name: T0 Value: 314324367313183437346
responsivefr.groupmackay.com/	1969-12-31 23:59:59	Name: lang Value: FR
responsivefr.groupmackay.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: qqra5jbzi535idcjmh0snay1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

310154ab-a3ef-4b95-9fb9-31e366a3fe8a.rlets.com
aa.agkn.com
bcp.crwdcntrl.net
capture-api.reachlocalservices.com
cdn.rlets.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
pbid.pro-market.net
pixel.rubiconproject.com
pixel.tapad.com
protect-eu.mimecast.com
responsivefr.groupmackay.com
simplifi.partners.tremorhub.com
stags.bluekai.com
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
um.simpli.fi
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.venduegaranti.com
13.225.78.39
143.204.174.39
159.253.128.183
169.50.137.179
18.133.35.94
18.198.126.47
185.33.221.11
185.94.180.126
216.52.2.39
216.58.212.162
2600:1901:0:8eee::
2600:1f18:612b:4200:cb3:5c60:7c23:c0c7
2600:9000:21f3:2e00:6:9a19:88c0:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::200a
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:821::2002
2a00:1450:4001:824::200e
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.229.46.71
34.120.207.148
34.253.109.165
35.227.248.159
35.244.159.8
40.76.50.119
44.236.216.146
52.179.3.249
69.173.144.139
91.220.42.215
92.123.150.214
07af0a80416e127369a403417d547d67fa516f36493e3a1dceffdcb6b0aad556
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0dee8c5e0e93fcac87732c88ea06d7b9d93c70a280b25d5cce50614e2b3a0fb6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1e2e8dd9e97824cfbc66a2edd2fba0c1c6ae8bb44202c7f1abb64e3df8ac38b1
237402ae70aa21217777b959002981383920404c66300fae2e8374217d1bdcf5
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
58e4c040867bc9a8524708a16468bd6f5c71093803902b84aa08950a0568bab6
5e9d381c6fe1df6e6a0b9d2d93b38f3313f5ee52ab1f493e8a8413225450bb12
5f6677d4068eeff051fd805de7c0173d57f6ed13e8da793420aedee50cc91974
6fcbb2431e862e037ea85e2de7c60a90b6f349f164ecd4da87bee14154aa335d
8507ad985164664889a51ea60056de3430816b39e23d481c6d5aa18e449ce622
86095475a5cbbc2615191e2ba985c983f93658fbcb2ec34178322034566384ae
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
881cbf104b04cdf6c61ac3a34695fb5251b5aeafe7716162e1d9a632ceaf23fb
8c1fc3cc9dd443284002eadcb07f556ab6ac2a595f32101327b317cdfb69702e
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c4b3d149af0fa70e792039abe1eceb4c94701281375e907d77c3f918766f1a
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
c304d0ffaa82983e61467aa155af0f38a0b12a2190e0cde5394aefe6614b609b
c7f31618cfa808435c52de7580884b60078a2e4114cd91282fb2a16a97b1bb0f
cadfa9bd19c4d88f63b34fbaf05d653d1cf26db9a5ac9c04b53b0bb0de3c4dd4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
dac3c4d86546bb14404c310ac77c3378432ca50e94cae7b5176cb3e75446a9de
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e04e2b4e27ae9881b1e161954cc00ba16c8c3a0ce73a179824756353efd6c481
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06c5f18584e8d94f0b4997820910454e00e752f9ef1d317075879769e197529

responsivefr.groupmackay.com Open in urlscan Pro 52.179.3.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

74 %HTTPS

42 %IPv6

30 Domains

34 Subdomains

33 IPs

6 Countries

1251 kBTransfer

1652 kBSize

10 Cookies

4 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

responsivefr.groupmackay.com Open in urlscan Pro
52.179.3.249 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

74 %
HTTPS

42 %
IPv6

30
Domains

34
Subdomains

33
IPs

6
Countries

1251 kB
Transfer

1652 kB
Size

10
Cookies

58 HTTP transactions
0 data transactions