urlscan.io logo urlscan.io
SecurityTrails logo

www.tpaction.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://confirmcabinet.com/
Effective URL: https://www.tpaction.com/confirm
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On November 19 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 6 countries across 31 domains to perform 60 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.tpaction.com.
TLS certificate: Issued by WE1 on November 5th 2024. Valid for: 3 months.
This is the only time www.tpaction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
2 26 188.114.97.3 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 35.234.162.151 396982 (GOOGLE-CL...)
1 18.173.154.105 16509 (AMAZON-02)
2 157.240.252.13 32934 (FACEBOOK)
2 157.240.252.35 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
1 142.250.184.232 15169 (GOOGLE)
17 22 34.91.165.80 396982 (GOOGLE-CL...)
1 2600:9000:237... 16509 (AMAZON-02)
2 3 46.228.174.117 56396 (Amobee Am...)
1 76.223.111.18 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 35.158.90.35 16509 (AMAZON-02)
1 1 18.158.175.202 16509 (AMAZON-02)
2 2 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 2 51.178.195.217 16276 (OVH OVH SAS)
1 2 54.78.254.47 16509 (AMAZON-02)
1 3.218.41.45 14618 (AMAZON-AES)
1 69.192.160.219 16625 (AKAMAI-AS)
1 54.74.83.24 16509 (AMAZON-02)
1 34.253.42.51 16509 (AMAZON-02)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 1 172.217.16.194 15169 (GOOGLE)
1 1 142.250.184.226 15169 (GOOGLE)
1 1 142.250.185.132 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.89.210.122 29990 (ASN-APPNEX)
1 69.173.144.165 26667 (RUBICONPR...)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 172.217.18.2 15169 (GOOGLE)
60 27
1    3.33.251.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
confirmcabinet.com
26    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
tpaction.com
www.tpaction.com
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
1    18.173.154.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-105.muc50.r.cloudfront.net
a.smtrk.net
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
2    157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
22    34.91.165.80 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.165.91.34.bc.googleusercontent.com
um.simpli.fi
1    2600:9000:237d:c800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    46.228.174.117 (United Kingdom)

ASN56396 (Amobee Amobee EMEA Limited, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4280:e83d:a408:4752:98a8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    35.158.90.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-90-35.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    18.158.175.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-175-202.eu-central-1.compute.amazonaws.com
d.agkn.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
fei.pro-market.net
2    51.178.195.217 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip217.ip-51-178-195.eu
sync.smartadserver.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    3.218.41.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-41-45.compute-1.amazonaws.com
sync.bfmio.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    54.74.83.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-83-24.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    34.253.42.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-42-51.eu-west-1.compute.amazonaws.com
ce.lijit.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
www.googleadservices.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.it
2    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
26 tpaction.com
tpaction.com
www.tpaction.com
566 KB
24 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 5206
i.simpli.fi — Cisco Umbrella Rank: 4244
um.simpli.fi — Cisco Umbrella Rank: 878
13 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
288 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
433 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2185
2 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1526
315 B
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2363
909 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 550
d.agkn.com — Cisco Umbrella Rank: 758
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 470
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 513
730 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
215 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
77 KB
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 525
264 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
239 B
1 google.it
www.google.it — Cisco Umbrella Rank: 28358
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
24 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
23 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
98 B
1 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 973
223 B
1 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
265 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 2213
27 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1532
421 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6784
175 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
140 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1246
378 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 574
236 B
1 smtrk.net
a.smtrk.net — Cisco Umbrella Rank: 38164
394 B
1 confirmcabinet.com
confirmcabinet.com
315 B
0 intentiq.com Failed
sync.intentiq.com Failed
60 31
Domain Requested by
25 www.tpaction.com 1 redirects www.tpaction.com
22 um.simpli.fi 17 redirects
4 www.googletagmanager.com www.tpaction.com
www.googletagmanager.com
2 ib.adnxs.com 1 redirects
2 loadm.exelator.com 1 redirects
2 sync.smartadserver.com 1 redirects
2 fei.pro-market.net 2 redirects
2 pixel.tapad.com 1 redirects
2 sync.1rx.io 2 redirects
2 region1.google-analytics.com www.googletagmanager.com
2 www.facebook.com www.tpaction.com
2 connect.facebook.net www.tpaction.com
connect.facebook.net
1 cm.g.doubleclick.net
1 us-u.openx.net
1 pixel.rubiconproject.com
1 www.google.it
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 idsync.rlcdn.com
1 ce.lijit.com
1 bcp.crwdcntrl.net
1 stags.bluekai.com
1 sync.bfmio.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 eb2.3lift.com
1 sync.targeting.unrulymedia.com
1 s.ad.smaato.net
1 i.simpli.fi tag.simpli.fi
1 a.smtrk.net www.tpaction.com
1 tag.simpli.fi www.tpaction.com
1 tpaction.com 1 redirects
1 confirmcabinet.com 1 redirects
0 sync.intentiq.com Failed
60 36

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
Subject Issuer Validity Valid
tpaction.com
WE1		 2024-11-05 -
2025-02-03		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-13 -
2025-12-14		 a year crt.sh
a.smtrk.net
Amazon RSA 2048 M02		 2024-04-14 -
2025-05-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-28 -
2024-11-26		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.tpaction.com/confirm
Frame ID: 108C5C9B53595FF180F53E0145DA9F23
Requests: 58 HTTP requests in this frame

Frame: https://www.tpaction.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: B9D410BFBC9D2400B3E622C74F5DE638
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://confirmcabinet.com/ HTTP 307
    https://confirmcabinet.com/ HTTP 301
    https://tpaction.com/confirm HTTP 301
    https://www.tpaction.com/confirm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

60
Requests

68 %
HTTPS

18 %
IPv6

31
Domains

36
Subdomains

27
IPs

6
Countries

940 kB
Transfer

2218 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://confirmcabinet.com/ HTTP 307
    https://confirmcabinet.com/ HTTP 301
    https://tpaction.com/confirm HTTP 301
    https://www.tpaction.com/confirm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://www.tpaction.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.tpaction.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Request Chain 33
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D1C18B6498204CCBA41E914E8BFB983D
Request Chain 34
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/D1C18B6498204CCBA41E914E8BFB983D HTTP 302
  • https://sync.1rx.io/usersync/simplifi/D1C18B6498204CCBA41E914E8BFB983D?zcc=1&cb=1732006984772 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e83bb665-7904-4eaa-a748-924b9a46144e-003
Request Chain 35
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=D1C18B6498204CCBA41E914E8BFB983D&dongle=yf3
Request Chain 36
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=D1C18B6498204CCBA41E914E8BFB983D
Request Chain 37
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=D1C18B6498204CCBA41E914E8BFB983D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D1C18B6498204CCBA41E914E8BFB983D
Request Chain 38
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=D1C18B6498204CCBA41E914E8BFB983D HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1732006984777&ip=192.145.127.221&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216603105071001135327 HTTP 302
  • https://um.simpli.fi/aa_px?sk=216603105071001135327 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 39
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D1C18B6498204CCBA41E914E8BFB983D
Request Chain 42
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=D1C18B6498204CCBA41E914E8BFB983D;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=D1C18B6498204CCBA41E914E8BFB983D;mimetype=img;sr HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Request Chain 43
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C18B6498204CCBA41E914E8BFB983D&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C18B6498204CCBA41E914E8BFB983D&j=0&xl8blockcheck=1
Request Chain 45
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=D1C18B6498204CCBA41E914E8BFB983D
Request Chain 46
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=D1C18B6498204CCBA41E914E8BFB983D
Request Chain 47
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D1C18B6498204CCBA41E914E8BFB983D
Request Chain 48
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=D1C18B6498204CCBA41E914E8BFB983D
Request Chain 49
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=D1C18B6498204CCBA41E914E8BFB983D
Request Chain 50
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1732006984458&cv=7&fst=1732006984458&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=69900203&cv=7&fst=1732006984458&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMIm53A6IToiQMVlJqDBx3bkgtYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy50cGFjdGlvbi5jb20v HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=69900203&cv=7&fst=1732006984458&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMIm53A6IToiQMVlJqDBx3bkgtYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy50cGFjdGlvbi5jb20v&is_vtc=1&cid=CAQSGwCa7L7d4uXivpTshBTUUeUoZ75TfGECeYjOOw&random=3479370236 HTTP 302
  • https://www.google.it/pagead/1p-conversion/1026675585/?random=69900203&cv=7&fst=1732006984458&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMIm53A6IToiQMVlJqDBx3bkgtYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy50cGFjdGlvbi5jb20v&is_vtc=1&cid=CAQSGwCa7L7d4uXivpTshBTUUeUoZ75TfGECeYjOOw&random=3479370236&ipr=y
Request Chain 52
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=D1C18B6498204CCBA41E914E8BFB983D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD1C18B6498204CCBA41E914E8BFB983D
Request Chain 53
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D1C18B6498204CCBA41E914E8BFB983D&expires=365
Request Chain 54
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=D1C18B6498204CCBA41E914E8BFB983D

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request confirm
www.tpaction.com/
Redirect Chain
  • http://confirmcabinet.com/
  • https://confirmcabinet.com/
  • https://tpaction.com/confirm
  • https://www.tpaction.com/confirm
30 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
ef9e8235fa6db634cd68152164f49136b4cb33077c348eeec32ba457988523a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=31536000, stale-while-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e4f065c6ef0f164-CDG
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Tue, 19 Nov 2024 09:03:03 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
priority
u=0,i
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732006983&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=fDT5S7MJuNv1QAzCq4TlXO4d4Eag7y9tqK%2FyPtp4ILE%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732006983&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=fDT5S7MJuNv1QAzCq4TlXO4d4Eag7y9tqK%2FyPtp4ILE%3D
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=41636&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5077&recv_bytes=4930&delivery_rate=1376&cwnd=12000&unsent_bytes=0&cid=1311d2fba57e8de9&ts=488&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
via
1.1 vegur
x-nextjs-cache
HIT
x-powered-by
Next.js

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8e4f065c0e88f164-CDG
content-length
167
content-type
text/html
date
Tue, 19 Nov 2024 09:03:03 GMT
expires
Tue, 19 Nov 2024 10:03:03 GMT
location
https://www.tpaction.com/confirm
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SGeExCLymVFK9UNFbFJKggEFT73jfUBQl7PZ%2Fu%2BJvnzqzyzBqkE2Sncfd5na38b2as37TqlVe%2BiWNVPuaouZgKmhe1cThHkMhQkoLLShBOV7I8arm7gSadKtTzpByIE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=40319&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4116&recv_bytes=4355&delivery_rate=74130&cwnd=12000&unsent_bytes=0&cid=1311d2fba57e8de9&ts=66&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		316 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9Z0NNF0MGG
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b652e834f1ac03ee8dcb6985754d95fb846da8ab92d80746eb1596f877aec6e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 19 Nov 2024 09:03:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 09:03:03 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108138
x-xss-protection
0
server
Google Tag Manager
de62bca0-3d2d-013b-567e-0cc47a1f72a4
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/de62bca0-3d2d-013b-567e-0cc47a1f72a4
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
151.162.234.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
0b3d7bfd1bef9030e23949ab9a662846c4d2d448ac67e3d10c628ea13e75e04c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

x-request-id
GAlTLNGevI8lWErteJcB
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Tue, 19 Nov 2024 09:03:03 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
openresty
3ef65885b8a3f237.css
www.tpaction.com/_next/static/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/css/3ef65885b8a3f237.css
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
482c4e1afdb32aef06bc81934de7d0e9e8072538f2d7c450a72312accca62525

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"7037-1920b825d90"
age
5192779
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1726814204&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=GGTjRz%2Fq%2Bqf87Ljzt4AwZg%2ByUN4RihZI1eA3qy385H0%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41360&sent=26&recv=20&lost=0&retrans=0&sent_bytes=16071&recv_bytes=5889&delivery_rate=278487&cwnd=12000&unsent_bytes=0&cid=1311d2fba57e8de9&ts=573&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Thu, 19 Sep 2024 18:19:06 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
priority
u=0,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1726814204&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=GGTjRz%2Fq%2Bqf87Ljzt4AwZg%2ByUN4RihZI1eA3qy385H0%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f065f299cf164-CDG
x-powered-by
Express
server
cloudflare
webpack-91e3b91fa763359f.js
www.tpaction.com/_next/static/chunks/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/webpack-91e3b91fa763359f.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
953352169158762199934ddbb3eecd26c79cda968b48becbffd325040f01db21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1476-1920b825d90"
age
5149965
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1726857018&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2F04BHt%2BaMznJUZadlReywJn0fvyB7jBpASUQqAT0TaU%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41360&sent=35&recv=28&lost=0&retrans=0&sent_bytes=21373&recv_bytes=8264&delivery_rate=278487&cwnd=12000&unsent_bytes=0&cid=1311d2fba57e8de9&ts=595&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Thu, 19 Sep 2024 18:19:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1726857018&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2F04BHt%2BaMznJUZadlReywJn0fvyB7jBpASUQqAT0TaU%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f065f59cdf164-CDG
x-powered-by
Express
server
cloudflare
framework-4c3194704528425d.js
www.tpaction.com/_next/static/chunks/ 		137 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/framework-4c3194704528425d.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f4003166721fe2a3d37daee2b042bb3ebe0dde68c0276a73c6abab7ef947836b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"225e3-192da1d9200"
age
519033
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731487950&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Ai5d1RE%2FkJXQvAfLg0iUGVTStDXkhj5oS9LeE6F3h1I%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41360&sent=39&recv=28&lost=0&retrans=0&sent_bytes=25020&recv_bytes=8264&delivery_rate=278487&cwnd=12000&unsent_bytes=0&cid=1311d2fba57e8de9&ts=595&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Tue, 29 Oct 2024 21:10:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731487950&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Ai5d1RE%2FkJXQvAfLg0iUGVTStDXkhj5oS9LeE6F3h1I%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f065f59cff164-CDG
x-powered-by
Express
server
cloudflare
main-b016cec00d83af63.js
www.tpaction.com/_next/static/chunks/ 		104 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/main-b016cec00d83af63.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dc61cd7c58c7c670d393823d573ca27ce97cc2ba9a23a318d3712534baebf352

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"19f69-192da1d9200"
age
480533
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731526450&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jnt3aEioTIv6%2FPBPMetEDb9rGzQVcntWPE2gaqxFe8w%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41360&sent=42&recv=28&lost=0&retrans=0&sent_bytes=28165&recv_bytes=8264&delivery_rate=278487&cwnd=12000&unsent_bytes=0&cid=1311d2fba57e8de9&ts=596&x=1", cfExtPri, cfHdrFlush;dur=15
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Tue, 29 Oct 2024 21:10:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731526450&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jnt3aEioTIv6%2FPBPMetEDb9rGzQVcntWPE2gaqxFe8w%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f065f59d1f164-CDG
x-powered-by
Express
server
cloudflare
_app-ead8f8f424145109.js
www.tpaction.com/_next/static/chunks/pages/ 		261 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/pages/_app-ead8f8f424145109.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1fa0c7a0e7317c4b54085816c7b1009d713ca30bbdede012d331633e9d8d2f80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"41472-192da1d9200"
age
373730
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731633253&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=9bJNB%2BDrhSQl0z4fGfNq5kZDDzcezvKLpsolGeuyDYQ%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41360&sent=42&recv=28&lost=0&retrans=0&sent_bytes=28165&recv_bytes=8264&delivery_rate=278487&cwnd=12000&unsent_bytes=0&cid=1311d2fba57e8de9&ts=599&x=1", cfExtPri, cfHdrFlush;dur=12
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Tue, 29 Oct 2024 21:10:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731633253&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=9bJNB%2BDrhSQl0z4fGfNq5kZDDzcezvKLpsolGeuyDYQ%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f065f59d2f164-CDG
x-powered-by
Express
server
cloudflare
7983-25a5c3e929cdd1e6.js
www.tpaction.com/_next/static/chunks/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/7983-25a5c3e929cdd1e6.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ba5b9fcd0fc8b49b9362f5946ef96cd37ada5af89dbe25f34a6907d557fca72c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"47d9-192da1d9200"
age
392605
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731614378&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=yYmQPQan6CfLSS3kj8vPP7QM%2FGX8l1ks5Q1uVZq4WtU%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41360&sent=42&recv=28&lost=0&retrans=0&sent_bytes=28165&recv_bytes=8264&delivery_rate=278487&cwnd=12000&unsent_bytes=0&cid=1311d2fba57e8de9&ts=596&x=1", cfExtPri, cfHdrFlush;dur=37
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Tue, 29 Oct 2024 21:10:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731614378&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=yYmQPQan6CfLSS3kj8vPP7QM%2FGX8l1ks5Q1uVZq4WtU%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f065f59d3f164-CDG
x-powered-by
Express
server
cloudflare
_error-785ef34ba449b508.js
www.tpaction.com/_next/static/chunks/pages/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/pages/_error-785ef34ba449b508.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
203a503931d93e5397cc929fd89c1a664cb0acf3e6695a3f9413150b01f956f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"2e98-192da1d9200"
age
314682
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731692300&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Yf7xOi3wf288I1jNOPhohrRZZQLRMRuSL%2Be7DQecTZ8%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41360&sent=42&recv=28&lost=0&retrans=0&sent_bytes=28165&recv_bytes=8264&delivery_rate=278487&cwnd=12000&unsent_bytes=0&cid=1311d2fba57e8de9&ts=596&x=1", cfExtPri, cfHdrFlush;dur=37
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Tue, 29 Oct 2024 21:10:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731692300&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Yf7xOi3wf288I1jNOPhohrRZZQLRMRuSL%2Be7DQecTZ8%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f065f59d4f164-CDG
x-powered-by
Express
server
cloudflare
_buildManifest.js
www.tpaction.com/_next/static/t0Vj5FsbQJIZiCgnhO-uU/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/t0Vj5FsbQJIZiCgnhO-uU/_buildManifest.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7a48d17ab5f32b5895f144370f1f2b16236587cedcbe143a09ccee048705c7e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"16de-192da1d9200"
age
1769118
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730237865&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BEwXlJ%2BUBbp3siy2naoE26jNbxkih88PPfS9wRafMKg%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41360&sent=42&recv=28&lost=0&retrans=0&sent_bytes=28165&recv_bytes=8264&delivery_rate=278487&cwnd=12000&unsent_bytes=0&cid=1311d2fba57e8de9&ts=596&x=1", cfExtPri, cfHdrFlush;dur=37
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Tue, 29 Oct 2024 21:10:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730237865&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BEwXlJ%2BUBbp3siy2naoE26jNbxkih88PPfS9wRafMKg%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f065f59d6f164-CDG
x-powered-by
Express
server
cloudflare
_ssgManifest.js
www.tpaction.com/_next/static/t0Vj5FsbQJIZiCgnhO-uU/ 		841 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/t0Vj5FsbQJIZiCgnhO-uU/_ssgManifest.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5aa294dff77717b8eb0f1d1656a2bf4ef512090eae0ea32e4a6013ccc6106143

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"349-192da1db140"
age
1769118
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730237865&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BEwXlJ%2BUBbp3siy2naoE26jNbxkih88PPfS9wRafMKg%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41360&sent=42&recv=28&lost=0&retrans=0&sent_bytes=28165&recv_bytes=8264&delivery_rate=278487&cwnd=12000&unsent_bytes=0&cid=1311d2fba57e8de9&ts=597&x=1", cfExtPri, cfHdrFlush;dur=37
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Tue, 29 Oct 2024 21:10:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730237865&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BEwXlJ%2BUBbp3siy2naoE26jNbxkih88PPfS9wRafMKg%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f065f59d7f164-CDG
x-powered-by
Express
server
cloudflare
visit-our-website.svg
www.tpaction.com/static/images/error/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tpaction.com/static/images/error/visit-our-website.svg
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8ea2e7970ed7582ddf7a438b51ca68f655464e33eb4e03737ec42dfe8bd2339a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"18f2-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42450&sent=204&recv=76&lost=0&retrans=0&sent_bytes=206443&recv_bytes=11643&delivery_rate=1636619&cwnd=88500&unsent_bytes=0&cid=1311d2fba57e8de9&ts=782&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=2,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f065f29a1f164-CDG
x-powered-by
Express
server
cloudflare
gtm.js
www.googletagmanager.com/ 		209 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MZDSTCQ
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8942f998c676afa7209d6f603100ce9504a6c9d854829ae12e1ac07774201cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 19 Nov 2024 09:03:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 09:03:03 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77152
x-xss-protection
0
server
Google Tag Manager
trk
a.smtrk.net/ 		0
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.smtrk.net/trk?t=s&i=654d3469fb401ef534c01be6&p=t,i,x&s=33870813776546dc7a7e0ffd6897631a&r=&u=https%3A//www.tpaction.com/confirm
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-105.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
private, no-cache, no-store
x-amz-apigw-id
BfIbUHrcvHcEN7Q=
x-amzn-trace-id
Root=1-673c5448-2cd6164e7b053d4c5eaec63a;Parent=58ff285e3a58fd0c;Sampled=0;Lineage=1:a0059c7e:0
x-amzn-requestid
f9d6bb14-c343-4122-a2d0-603b97d999af
via
1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
U1JiJsqap4yg_Te5MLL-XP8WIFX2_mAp2PE4KHXL2_JJ2z9Dp-diCQ==
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
application/javascript
x-amz-cf-pop
MUC50-P3
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LW4drFfZ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 19 Nov 2024 09:03:03 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LW4drFfZ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=4430, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
CDtT1HD5GXccT+v2TCQVgjqo56kd11FyMdZinbzWs0AFB6pIcmQXcTzqUrsO1nEIP/vqHMejLKSHKVxgkBzbOg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
biden.png
www.tpaction.com/static/images/error/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tpaction.com/static/images/error/biden.png
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8c08d65bd879c3f99a00092f923e56e2e0c17c5ff9d2730dba6caf3473afd4e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"277a0-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40463&sent=231&recv=80&lost=0&retrans=0&sent_bytes=236561&recv_bytes=11829&delivery_rate=2252357&cwnd=88500&unsent_bytes=0&cid=1311d2fba57e8de9&ts=825&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f065f9a78f164-CDG
x-powered-by
Express
server
cloudflare
typography-arrengement-cut.png
www.tpaction.com/static/images/error/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tpaction.com/static/images/error/typography-arrengement-cut.png
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
41cfd9913f732e06dff8e4e97db64c80da6a122147e2cc915f9d01ece26ba927

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"63be-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40463&sent=208&recv=80&lost=0&retrans=0&sent_bytes=209906&recv_bytes=11829&delivery_rate=2252357&cwnd=88500&unsent_bytes=0&cid=1311d2fba57e8de9&ts=822&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f065f9a7cf164-CDG
x-powered-by
Express
server
cloudflare
ProximaNova-Bold.otf
www.tpaction.com/static/fonts/proxima-nova/ 		62 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/static/fonts/proxima-nova/ProximaNova-Bold.otf
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/_next/static/css/3ef65885b8a3f237.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.tpaction.com
Referer
https://www.tpaction.com/_next/static/css/3ef65885b8a3f237.css

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"f940-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730238228&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=qfnDecEuwG16%2FAvSuLUxWIW2NaUbc3fCaETGC15zvEk%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40491&sent=289&recv=81&lost=0&retrans=0&sent_bytes=305606&recv_bytes=11873&delivery_rate=412837&cwnd=95700&unsent_bytes=0&cid=1311d2fba57e8de9&ts=836&x=1", cfExtPri, cfHdrFlush;dur=30
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
font/otf
vary
Accept-Encoding
priority
u=0,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730238228&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=qfnDecEuwG16%2FAvSuLUxWIW2NaUbc3fCaETGC15zvEk%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f065faa9ff164-CDG
x-powered-by
Express
server
cloudflare
ProximaNova-Light.otf
www.tpaction.com/static/fonts/proxima-nova/ 		61 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/static/fonts/proxima-nova/ProximaNova-Light.otf
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/_next/static/css/3ef65885b8a3f237.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.tpaction.com
Referer
https://www.tpaction.com/_next/static/css/3ef65885b8a3f237.css

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"f5f8-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40491&sent=289&recv=81&lost=0&retrans=0&sent_bytes=305606&recv_bytes=11873&delivery_rate=412837&cwnd=95700&unsent_bytes=0&cid=1311d2fba57e8de9&ts=839&x=1", cfExtPri, cfHdrFlush;dur=27
date
Tue, 19 Nov 2024 09:03:03 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
font/otf
vary
Accept-Encoding
priority
u=0,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f065faaa5f164-CDG
x-powered-by
Express
server
cloudflare
814122570866359
connect.facebook.net/signals/config/ 		78 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/814122570866359?v=2.9.177&r=stable&domain=www.tpaction.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
a37ab350ffeadb81b9757ac1ac538ccbcc1327964f0396fd8c25aab23e9de98c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-nq2niDO8' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 19 Nov 2024 09:03:03 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-nq2niDO8' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=77, mss=1232, tbw=70956, tp=67, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
4rvOb8/8KC4uQMtHXwWKds8OpFWKSprIyLKn4NTbVdAz01lyuDzy6ljs59fIiQc7n+sTTDJ8sOliqpkN30LvxQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
15978
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=814122570866359&ev=PageView&dl=https%3A%2F%2Fwww.tpaction.com%2Fconfirm&rl=&if=false&ts=1732006983995&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1732006983989.317467280439413285&cs_est=true&ler=empty&cdl=API_unavailable&it=1732006983835&coo=false&rqm=GET
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4514, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=814122570866359&ev=PageView&dl=https%3A%2F%2Fwww.tpaction.com%2Fconfirm&rl=&if=false&ts=1732006983995&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1732006983989.317467280439413285&cs_est=true&ler=empty&cdl=API_unavailable&it=1732006983835&coo=false&rqm=FGET
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438913354573160849"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
EAGF71FRXOsbJ7R6N0xoXkfo8ORVTAmYJdLQHCmkqKJQQeoqWXJqO2YgPSma8SfxGgsVqotWhEeZE/b9ONjKZw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438913354573160849", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4882, tp=13, tpl=0, uplat=185, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
main.js
www.tpaction.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame B9D4
Redirect Chain
  • https://www.tpaction.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.tpaction.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
704dacd1f1da3ce325aff00255aa10554715909bef960f3693924edb42210c5e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LwUKEqji68%2BwwQnGGKa8KCtNAP67zx5co8bEwytGwAEBdpiPgCCC3gMrmYIVr2Uw7n9xyAT2YVwfoU4fpEU%2FwnH7qWQ%2F7ImvrNph8QOH9vjzXonAip6YJZoqDeoHrFJyeMGC"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e4f06635f7ef164-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50155&sent=456&recv=115&lost=0&retrans=0&sent_bytes=493252&recv_bytes=15267&delivery_rate=60684&cwnd=138300&unsent_bytes=0&cid=1311d2fba57e8de9&ts=1242&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IBPBPeDxtdYQaGyk7fOAlcAgTrDv2Xbv8kAsXYHOzYP%2Fd2uhp%2Byib6%2F3p71rZdeqPGvPmGStWDernExOYKRNbddQJHuR9g5LY8qlxANzF29Q4tcvTi79SbC7WvlaBiNSSoPD"}],"group":"cf-nel","max_age":604800}
cf-ray
8e4f06628e26f164-CDG
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=51566&sent=450&recv=108&lost=0&retrans=0&sent_bytes=489661&recv_bytes=13349&delivery_rate=1322487&cwnd=138300&unsent_bytes=0&cid=1311d2fba57e8de9&ts=1108&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:04 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
7506.f86382382d907a79.js
www.tpaction.com/_next/static/chunks/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/7506.f86382382d907a79.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/_next/static/chunks/webpack-91e3b91fa763359f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b23ab26f5a076e99e7180e56de17b618d393d02082997b9896bae78a90090b14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"11e6-191e32a7058"
age
5594613
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1726412370&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=c%2By8b%2FRodYewAiDLHV3w86P1OersTJvhyEBUrDQmAZE%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=51566&sent=452&recv=109&lost=0&retrans=0&sent_bytes=490393&recv_bytes=13677&delivery_rate=1322487&cwnd=138300&unsent_bytes=0&cid=1311d2fba57e8de9&ts=1136&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:04 GMT
last-modified
Wed, 11 Sep 2024 22:18:15 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1726412370&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=c%2By8b%2FRodYewAiDLHV3w86P1OersTJvhyEBUrDQmAZE%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f0662be6cf164-CDG
x-powered-by
Express
server
cloudflare
js
www.googletagmanager.com/gtag/ 		316 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9Z0NNF0MGG&l=dataLayer&cx=c&gtm=45He4be0v9116452991za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZDSTCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4875c60f5468dc7a33738e070c6ce95de37e73fe35402b5e8baa85c92c209d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 19 Nov 2024 09:03:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108303
x-xss-protection
0
server
Google Tag Manager
tpaction-appicon.svg
www.tpaction.com/static/images/common/ 		111 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tpaction.com/static/images/common/tpaction-appicon.svg
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d44a5a0d4e63d11b8b8e3329b2848247499e0b325d4ef2b3c888359256ec1008

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"1bde0-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730237865&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BEwXlJ%2BUBbp3siy2naoE26jNbxkih88PPfS9wRafMKg%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49622&sent=474&recv=131&lost=0&retrans=0&sent_bytes=502096&recv_bytes=32503&delivery_rate=75906&cwnd=138300&unsent_bytes=0&cid=1311d2fba57e8de9&ts=1416&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:04 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=3,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730237865&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BEwXlJ%2BUBbp3siy2naoE26jNbxkih88PPfS9wRafMKg%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f06635f78f164-CDG
x-powered-by
Express
server
cloudflare
app-store.svg
www.tpaction.com/static/images/common/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tpaction.com/static/images/common/app-store.svg
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e51f0a777985badcec155b88b2d589fbf3eabcf4160da05f40c000e057b2d181

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"2464-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731062361&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uK8tpfchlMGuHyaIrkE3Mi%2B9Q%2F5Sn9obG9BhH04ZJLY%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49622&sent=548&recv=131&lost=0&retrans=0&sent_bytes=590728&recv_bytes=32503&delivery_rate=75906&cwnd=138300&unsent_bytes=0&cid=1311d2fba57e8de9&ts=1424&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:04 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=3,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731062361&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uK8tpfchlMGuHyaIrkE3Mi%2B9Q%2F5Sn9obG9BhH04ZJLY%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f06635f7bf164-CDG
x-powered-by
Express
server
cloudflare
google-play.svg
www.tpaction.com/static/images/common/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tpaction.com/static/images/common/google-play.svg
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6addd74fbf99d8e3bd9b7c03634801373e700d475759905a964b5659b302cefd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"13c6-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730237866&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Dml7ghkurlb4%2FUWaOL11Qacvoo3%2Be7ZIG6YUqsaP6ps%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49622&sent=471&recv=131&lost=0&retrans=0&sent_bytes=499296&recv_bytes=32503&delivery_rate=75906&cwnd=138300&unsent_bytes=0&cid=1311d2fba57e8de9&ts=1410&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:04 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=3,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730237866&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Dml7ghkurlb4%2FUWaOL11Qacvoo3%2Be7ZIG6YUqsaP6ps%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f06635f7df164-CDG
x-powered-by
Express
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9Z0NNF0MGG&gtm=45je4be0v871649596za200zb9116452991&_p=1732006983543&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=505936501.1732006984&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732006984&sct=1&seg=0&dl=https%3A%2F%2Fwww.tpaction.com%2Fconfirm&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1484
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Z0NNF0MGG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.tpaction.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
text/plain
server
Golfe2
8e4f065c6ef0f164
www.tpaction.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B9D4 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e4f065c6ef0f164
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2F2faOduoBQzisSTjJllDEb5F01Mh%2BxTiFVsloddzjt69RTz07T598w8kpZAsxKwkQGn1yH7u0tVn4Y3el43u4ME%2BgF5hFFyDaBkZuR%2FLZ9jkK17sLjKwA%2BBPP151Oh7HFjM"}],"group":"cf-nel","max_age":604800}
cf-ray
8e4f066458d7f164-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49622&sent=470&recv=131&lost=0&retrans=0&sent_bytes=498131&recv_bytes=32503&delivery_rate=75906&cwnd=138300&unsent_bytes=0&cid=1311d2fba57e8de9&ts=1407&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
p
i.simpli.fi/ 		798 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=393551&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/de62bca0-3d2d-013b-567e-0cc47a1f72a4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
151.162.234.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
11740448f96c7b860118c266ea869078e23c1e640ee3248fbb638ac286dedcc1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
openresty
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=1232969258&rv=4be0&tag_exp=101925629~102067555~102067808~102077855&u=AAAAAAAAAAAAAACA&h=Ag&gtm=45He4be0v9116452991za200&ccid=116452991&cid=GTM-MZDSTCQ&l=L814.S3.Y49.B16.E319.I874.EC6.TC1.HTC0~gtm.init.S0.V0.E59~gtm.js.S0.V0.E86.TS5cl.TI8.TE1~gtm.dom.S1.V1.E53~gtm.scrollDepth.S0.V0.E16~gtm.load.S0.V0.E0~gtm.init_consent.S9.V8.E69
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Tue, 19 Nov 2024 09:03:04 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
favicon.ico
www.tpaction.com/static/favicon/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/static/favicon/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e8714ccc46aa301e89e111ad8bec176b1b1a28fa6b5cb9a8be8c3a034875a672

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"47e-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731614380&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=vwp9tWOO%2FunHJ6mU0FCdyv%2BSXQ6uA3Y8v3cFdzpn2Pw%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41170&sent=553&recv=141&lost=0&retrans=0&sent_bytes=594775&recv_bytes=33730&delivery_rate=1520456&cwnd=138300&unsent_bytes=0&cid=1311d2fba57e8de9&ts=1664&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:04 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/x-icon
vary
Accept-Encoding
priority
u=1,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731614380&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=vwp9tWOO%2FunHJ6mU0FCdyv%2BSXQ6uA3Y8v3cFdzpn2Pw%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f0664e966f164-CDG
x-powered-by
Express
server
cloudflare
/
s.ad.smaato.net/c/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D1C18B6498204CCBA41E914E8BFB983D
0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D1C18B6498204CCBA41E914E8BFB983D
Protocol
H2
Server
2600:9000:237d:c800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

via
1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
cache-control
no-cache, must-revalidate
x-cache
Miss from cloudfront
x-amz-cf-id
oGJaeyJKx0-2wTIeoSmARlrpTbEYbP6qsnW7hB1M2mvrlk_RoqyCOw==
date
Tue, 19 Nov 2024 09:03:04 GMT
x-amz-cf-pop
MUC50-P2
server
CloudFront

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D1C18B6498204CCBA41E914E8BFB983D
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:03:04 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
RX-e83bb665-7904-4eaa-a748-924b9a46144e-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/D1C18B6498204CCBA41E914E8BFB983D
  • https://sync.1rx.io/usersync/simplifi/D1C18B6498204CCBA41E914E8BFB983D?zcc=1&cb=1732006984772
  • https://sync.targeting.unrulymedia.com/csync/RX-e83bb665-7904-4eaa-a748-924b9a46144e-003
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-e83bb665-7904-4eaa-a748-924b9a46144e-003
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (Amobee Amobee EMEA Limited, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Tue, 19 Nov 2024 09:03:04 GMT
content-length
43

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-e83bb665-7904-4eaa-a748-924b9a46144e-003
date
Tue, 19 Nov 2024 09:03:04 GMT
pragma
no-cache
content-type
text/html
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=D1C18B6498204CCBA41E914E8BFB983D&dongle=yf3
37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=D1C18B6498204CCBA41E914E8BFB983D&dongle=yf3
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://eb2.3lift.com/xuid?mid=7969&xuid=D1C18B6498204CCBA41E914E8BFB983D&dongle=yf3
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:03:04 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=D1C18B6498204CCBA41E914E8BFB983D
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=D1C18B6498204CCBA41E914E8BFB983D
Protocol
H2
Server
2600:1f18:612b:4280:e83d:a408:4752:98a8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 19 Nov 2024 09:03:05 GMT
content-type
image/gif
server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://simplifi.partners.tremorhub.com/sync?UISF=D1C18B6498204CCBA41E914E8BFB983D
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:03:04 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=D1C18B6498204CCBA41E914E8BFB983D
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D1C18B6498204CCBA41E914E8BFB983D
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D1C18B6498204CCBA41E914E8BFB983D
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
image/png
server
Jetty(11.0.13)

Redirect headers

strict-transport-security
max-age=31536000
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D1C18B6498204CCBA41E914E8BFB983D
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Tue, 19 Nov 2024 09:03:04 GMT
server
Jetty(11.0.13)
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=D1C18B6498204CCBA41E914E8BFB983D
  • https://d.agkn.com/pixel/10751/?che=1732006984777&ip=192.145.127.221&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216603105071001135327
  • https://um.simpli.fi/aa_px?sk=216603105071001135327
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
34.91.165.80 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.165.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
43
date
Tue, 19 Nov 2024 09:03:05 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
location
/empty.gif
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:03:05 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D1C18B6498204CCBA41E914E8BFB983D
0
0
pubmatic
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.165.80 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.165.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:03:04 GMT
access-control-allow-origin
*
content-length
43
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
freewheel
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.165.80 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.165.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:03:04 GMT
access-control-allow-origin
*
content-length
43
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
getuid
sync.smartadserver.com/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=D1C18B6498204CCBA41E914E8BFB983D;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=D1C18B6498204CCBA41E914E8BFB983D;mimetype=img;sr
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid]
  • https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Protocol
H2
Server
51.178.195.217 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip217.ip-51-178-195.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

date
Tue, 19 Nov 2024 09:03:04 GMT
content-length
0

Redirect headers

cache-control
no-cache,no-store
location
https://sync.smartadserver.com:443/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Tue, 19 Nov 2024 09:03:04 GMT
pragma
no-cache
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C18B6498204CCBA41E914E8BFB983D&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C18B6498204CCBA41E914E8BFB983D&j=0&xl8blockcheck=1
0
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C18B6498204CCBA41E914E8BFB983D&j=0&xl8blockcheck=1
Protocol
H2
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-cache
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Tue, 19 Nov 2024 09:03:04 GMT
x-powered-by
Undertow/1
server
nginx
access-control-allow-credentials
true

Redirect headers

cache-control
no-cache
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C18B6498204CCBA41E914E8BFB983D&j=0&xl8blockcheck=1
access-control-allow-credentials
true
content-length
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
image/gif
x-powered-by
Undertow/1
server
nginx
yahoo
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.165.80 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.165.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:03:04 GMT
access-control-allow-origin
*
content-length
43
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=D1C18B6498204CCBA41E914E8BFB983D
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=D1C18B6498204CCBA41E914E8BFB983D
Protocol
HTTP/1.1
Server
3.218.41.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-41-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

Date
Tue, 19 Nov 2024 09:03:04 GMT
Connection
keep-alive

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://sync.bfmio.com/sync?pid=141&uid=D1C18B6498204CCBA41E914E8BFB983D
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:03:04 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=D1C18B6498204CCBA41E914E8BFB983D
27 B
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=D1C18B6498204CCBA41E914E8BFB983D
Protocol
HTTP/1.1
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Tue, 19 Nov 2024 09:03:04 GMT
Content-Length
27
Date
Tue, 19 Nov 2024 09:03:04 GMT
AK-GRN
0.0ca02417.1732006984.305b037a
Content-Type
text/html

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://stags.bluekai.com/site/29931?id=D1C18B6498204CCBA41E914E8BFB983D
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:03:04 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
tpid=D1C18B6498204CCBA41E914E8BFB983D
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D1C18B6498204CCBA41E914E8BFB983D
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D1C18B6498204CCBA41E914E8BFB983D
Protocol
H2
Server
54.74.83.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-83-24.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-cache
pragma
no-cache
expires
0
access-control-allow-origin
*
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
49
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
image/gif
x-server
10.45.8.70
server
Jetty(9.4.38.v20210224)

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D1C18B6498204CCBA41E914E8BFB983D
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:03:04 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=D1C18B6498204CCBA41E914E8BFB983D
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=D1C18B6498204CCBA41E914E8BFB983D
Protocol
H2
Server
34.253.42.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-42-51.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

expires
Fri, 20 Mar 2009 00:00:00 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 19 Nov 2024 09:03:04 GMT
pragma
no-cache
vary
Accept-Encoding
x-merge
GDPR Optout true

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://ce.lijit.com/merge?pid=2&3pid=D1C18B6498204CCBA41E914E8BFB983D
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:03:04 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=D1C18B6498204CCBA41E914E8BFB983D
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=D1C18B6498204CCBA41E914E8BFB983D
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 19 Nov 2024 09:03:04 GMT

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://idsync.rlcdn.com/419566.gif?partner_uid=D1C18B6498204CCBA41E914E8BFB983D
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:03:04 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
/
www.google.it/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1732006984458&cv=7&fst=1732006984458&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=69900203&cv=7&fst=1732006984458&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBs...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=69900203&cv=7&fst=1732006984458&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQ...
  • https://www.google.it/pagead/1p-conversion/1026675585/?random=69900203&cv=7&fst=1732006984458&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQI...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/pagead/1p-conversion/1026675585/?random=69900203&cv=7&fst=1732006984458&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMIm53A6IToiQMVlJqDBx3bkgtYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy50cGFjdGlvbi5jb20v&is_vtc=1&cid=CAQSGwCa7L7d4uXivpTshBTUUeUoZ75TfGECeYjOOw&random=3479370236&ipr=y
Protocol
H2
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 19 Nov 2024 09:03:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.it/pagead/1p-conversion/1026675585/?random=69900203&cv=7&fst=1732006984458&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMIm53A6IToiQMVlJqDBx3bkgtYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy50cGFjdGlvbi5jb20v&is_vtc=1&cid=CAQSGwCa7L7d4uXivpTshBTUUeUoZ75TfGECeYjOOw&random=3479370236&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 19 Nov 2024 09:03:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
spotx_match
um.simpli.fi/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.165.80 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.165.91.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin
*
date
Tue, 19 Nov 2024 09:03:04 GMT
x-content-type-options
nosniff
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=D1C18B6498204CCBA41E914E8BFB983D
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD1C18B6498204CCBA41E914E8BFB983D
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD1C18B6498204CCBA41E914E8BFB983D
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
192.145.127.221; 192.145.127.221; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
326b0f22-a979-42a9-b386-1fe2c3eb5409
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 19 Nov 2024 09:03:04 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD1C18B6498204CCBA41E914E8BFB983D
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
192.145.127.221; 192.145.127.221; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
1386c876-1b0e-4b66-92dd-5ceb45e95d73
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 19 Nov 2024 09:03:04 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D1C18B6498204CCBA41E914E8BFB983D&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D1C18B6498204CCBA41E914E8BFB983D&expires=365
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0c26bf0e0878be6b26493f33577d6373
Pragma
no-cache
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D1C18B6498204CCBA41E914E8BFB983D&expires=365
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:03:04 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=D1C18B6498204CCBA41E914E8BFB983D
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D1C18B6498204CCBA41E914E8BFB983D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
image/gif
vary
Accept
server
OXGW/0.0.0

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D1C18B6498204CCBA41E914E8BFB983D
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:03:04 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:03:04 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pixel
cm.g.doubleclick.net/ 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Tue, 19 Nov 2024 09:03:04 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
favicon.ico
www.tpaction.com/static/favicon/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/static/favicon/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e8714ccc46aa301e89e111ad8bec176b1b1a28fa6b5cb9a8be8c3a034875a672

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"47e-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731614380&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=vwp9tWOO%2FunHJ6mU0FCdyv%2BSXQ6uA3Y8v3cFdzpn2Pw%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41170&sent=553&recv=141&lost=0&retrans=0&sent_bytes=594775&recv_bytes=33730&delivery_rate=1520456&cwnd=138300&unsent_bytes=0&cid=1311d2fba57e8de9&ts=1664&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:04 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/x-icon
vary
Accept-Encoding
priority
u=1,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731614380&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=vwp9tWOO%2FunHJ6mU0FCdyv%2BSXQ6uA3Y8v3cFdzpn2Pw%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f0664e966f164-CDG
x-powered-by
Express
server
cloudflare
favicon-32x32.png
www.tpaction.com/static/favicon/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/static/favicon/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dc31209426b2bddf9bcac8bdf8ace49101154234b50d9f1645038c9599716499

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"474-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730265349&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=ydobsb1cLFU50xxPi3NROp2ADec%2Fg0i3DdG%2BlP9gosc%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40897&sent=556&recv=143&lost=0&retrans=0&sent_bytes=596048&recv_bytes=34606&delivery_rate=5192&cwnd=138300&unsent_bytes=0&cid=1311d2fba57e8de9&ts=1927&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:03:04 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=1,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730265349&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=ydobsb1cLFU50xxPi3NROp2ADec%2Fg0i3DdG%2BlP9gosc%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f06666b5ff164-CDG
x-powered-by
Express
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9Z0NNF0MGG&gtm=45je4be0v871649596za200zb9116452991&_p=1732006983543&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=505936501.1732006984&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732006984&sct=1&seg=0&dl=https%3A%2F%2Fwww.tpaction.com%2Fconfirm&dt=&en=scroll&epn.percent_scrolled=90&_et=6&tfd=6501
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Z0NNF0MGG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.tpaction.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 09:03:09 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D1C18B6498204CCBA41E914E8BFB983D

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer object| d string| s object| n object| e function| fbq function| _fbq object| webpackChunk_N_E object| sifi_att_42656 function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY function| _ object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

24 Cookies

Domain/Path Name / Value
.simpli.fi/ Name: suid
Value: D1C18B6498204CCBA41E914E8BFB983D
.tpaction.com/ Name: _fbp
Value: fb.1.1732006983989.317467280439413285
.tpaction.com/ Name: _ga
Value: GA1.1.505936501.1732006984
.tpaction.com/ Name: _ga_9Z0NNF0MGG
Value: GS1.1.1732006984.1.0.1732006984.0.0.0
.tpaction.com/ Name: cf_clearance
Value: 790jGrLBhaQwDx1SI3HB.IwK3U1eNqT6AmzAWy5xs6U-1732006984-1.2.1.1-T.5zNfI1YJlALT_RsF4echs5X4s.qDukee5aNVMpaedSyqvTte8yj99Rnv45QKjae14RA9nwuHdCImLJY9kreIUq6gwEudEHRnjRtinUjVmrUO0_3VB.uVXPVQO7eo5Ay4PEslNXy.n39glB64onWu5u3dmCWaeX9mJjI55LU0zV.7W6.UG3WhQXI2ij6D7K6OIa1U4TXVjn5ve.AIkJfYnRb.Y.9rlHRlXGphcfm6kGHZXn2DAe0FCY09oAixkV6WZsVT1FBAQOa5VuzowTmtX5TuUovh37YJ2uNI7bzlSACoi_rYdt3CDai1PLf3ZMxue8y2AytlX7MTZj4IPyyQlTJbl8pj063oCg1IYqozGird3w7iAlwJuEyWE.dhdl
.simpli.fi/ Name: uid_syncd_secure
Value: true
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tapad.com/ Name: TapAd_TS
Value: 1732006984737
.tapad.com/ Name: TapAd_DID
Value: e8e347e2-1fc0-4fd8-8d8c-b5a2b236cb15
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e83bb665-7904-4eaa-a748-924b9a46144e-003%22%7D
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.agkn.com/ Name: ab
Value: 0001%3AAxGLbwWTQjFdihYSIbshskJKHq2beGoW
.adnxs.com/ Name: XANDR_PANID
Value: vfHJQgk3wllZEemqLeuDSDC9tQZD0YsK15TlbXSAjtayDi3NcF1ofKWROu5eEkuNp6Xf1a-71QQw-KIUd8sS2gp_KDf6lEcE9qkaciUYQE8.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 5682804642645919643
.pro-market.net/ Name: anProfile
Value: "1oiaeshougskg+1+1f=1+1g=1+1j=45+rs=s+rt=20010AC8002400440000000000000018+s2=(sn6x54)+vm=24-D1C18B6498204CCBA41E914E8BFB983D"
.pro-market.net/ Name: anHistory
Value: "1oiaeshougskg+2+!#6wM%]#_}$"
.exelator.com/ Name: EE
Value: "b17eb3b35de364f66b63db5fd4dbf397"
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2C%snmSlc!]tbPl1N!7On*M$=BWXtl!MY]gk'wLfQBfMkzd]`i.0Vpe:?eLh/sHRkPAe>QR=oT/X%W#.wL4W1Qw2*daLdd
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHJ0Dw1yTjJ2DQl1djMJM3MLMnMOCXJNC3FJCUpzdjSfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYYEl%252BUWb6Is%252BQxUUpaQyLSopPBZ9ceBUA1v4rfQ%253D%253D"
.agkn.com/ Name: u
Value: C|0AAAAAAAALs8QyAAAAAAA
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e83bb665-7904-4eaa-a748-924b9a46144e-003%22%7D
.bfmio.com/ Name: __141_cid
Value: D1C18B6498204CCBA41E914E8BFB983D
.bfmio.com/ Name: __io_cid
Value: 2fd07e42ff35c64107daedcc67552bfb31ce2f4b

4 Console Messages

Source Level URL
Text
network error URL: https://www.tpaction.com/confirm
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/419566.gif?partner_uid=D1C18B6498204CCBA41E914E8BFB983D
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://stags.bluekai.com/site/29931?id=D1C18B6498204CCBA41E914E8BFB983D
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network error URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D1C18B6498204CCBA41E914E8BFB983D
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.smtrk.net
aa.agkn.com
bcp.crwdcntrl.net
ce.lijit.com
cm.g.doubleclick.net
confirmcabinet.com
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
pixel.rubiconproject.com
pixel.tapad.com
region1.google-analytics.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
stags.bluekai.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
tag.simpli.fi
tpaction.com
um.simpli.fi
us-u.openx.net
www.facebook.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
www.tpaction.com
sync.intentiq.com
142.250.184.226
142.250.184.232
142.250.185.132
157.240.252.13
157.240.252.35
172.217.16.194
172.217.18.2
18.158.175.202
18.173.154.105
185.89.210.122
188.114.97.3
2001:4860:4802:34::36
2600:1901:0:8eee::
2600:1f18:612b:4280:e83d:a408:4752:98a8
2600:9000:237d:c800:1b:5138:8a40:93a1
2a00:1450:4001:812::2003
2a00:1450:4001:831::2008
3.218.41.45
3.33.251.168
34.111.113.62
34.253.42.51
34.91.165.80
34.98.64.218
35.158.90.35
35.234.162.151
35.244.174.68
46.228.174.117
51.178.195.217
54.74.83.24
54.78.254.47
69.173.144.165
69.192.160.219
76.223.111.18
0b3d7bfd1bef9030e23949ab9a662846c4d2d448ac67e3d10c628ea13e75e04c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20
11740448f96c7b860118c266ea869078e23c1e640ee3248fbb638ac286dedcc1
1fa0c7a0e7317c4b54085816c7b1009d713ca30bbdede012d331633e9d8d2f80
203a503931d93e5397cc929fd89c1a664cb0acf3e6695a3f9413150b01f956f2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41cfd9913f732e06dff8e4e97db64c80da6a122147e2cc915f9d01ece26ba927
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
482c4e1afdb32aef06bc81934de7d0e9e8072538f2d7c450a72312accca62525
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4
5aa294dff77717b8eb0f1d1656a2bf4ef512090eae0ea32e4a6013ccc6106143
6addd74fbf99d8e3bd9b7c03634801373e700d475759905a964b5659b302cefd
704dacd1f1da3ce325aff00255aa10554715909bef960f3693924edb42210c5e
7a48d17ab5f32b5895f144370f1f2b16236587cedcbe143a09ccee048705c7e8
8942f998c676afa7209d6f603100ce9504a6c9d854829ae12e1ac07774201cb9
8c08d65bd879c3f99a00092f923e56e2e0c17c5ff9d2730dba6caf3473afd4e4
8ea2e7970ed7582ddf7a438b51ca68f655464e33eb4e03737ec42dfe8bd2339a
953352169158762199934ddbb3eecd26c79cda968b48becbffd325040f01db21
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a37ab350ffeadb81b9757ac1ac538ccbcc1327964f0396fd8c25aab23e9de98c
a4875c60f5468dc7a33738e070c6ce95de37e73fe35402b5e8baa85c92c209d6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b23ab26f5a076e99e7180e56de17b618d393d02082997b9896bae78a90090b14
b652e834f1ac03ee8dcb6985754d95fb846da8ab92d80746eb1596f877aec6e2
b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec
ba5b9fcd0fc8b49b9362f5946ef96cd37ada5af89dbe25f34a6907d557fca72c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d44a5a0d4e63d11b8b8e3329b2848247499e0b325d4ef2b3c888359256ec1008
dc31209426b2bddf9bcac8bdf8ace49101154234b50d9f1645038c9599716499
dc61cd7c58c7c670d393823d573ca27ce97cc2ba9a23a318d3712534baebf352
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51f0a777985badcec155b88b2d589fbf3eabcf4160da05f40c000e057b2d181
e8714ccc46aa301e89e111ad8bec176b1b1a28fa6b5cb9a8be8c3a034875a672
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9e8235fa6db634cd68152164f49136b4cb33077c348eeec32ba457988523a0
f4003166721fe2a3d37daee2b042bb3ebe0dde68c0276a73c6abab7ef947836b