samfw.com Open in urlscan Pro
2606:4700:10::6816:30d3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://samfw.com/
Submission: On October 03 via manual (October 3rd 2024, 11:09:01 am UTC) from FI — Scanned from FI

Summary HTTP 237 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 68 IPs in 7 countries across 48 domains to perform 237 HTTP transactions. The main IP is 2606:4700:10::6816:30d3, located in United States and belongs to CLOUDFLARENET, US. The main domain is samfw.com. The Cisco Umbrella rank of the primary domain is 659954.
TLS certificate: Issued by WE1 on August 30th 2024. Valid for: 3 months.

This is the only time samfw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:10:... 2606:4700:10::6816:30d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
14	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
11	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	172.67.145.26 172.67.145.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.209.125 172.67.209.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2400:52e0:1e0... 2400:52e0:1e00::1081:1	60068 (CDN77 _) (CDN77 _)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	199.232.196.193 199.232.196.193	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	18.66.147.69 18.66.147.69	16509 (AMAZON-02) (AMAZON-02)
3	13.224.186.120 13.224.186.120	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
6	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	104.26.8.178 104.26.8.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 4	163.5.194.30 163.5.194.30	60558 (SECUREDSE...) (SECUREDSERVERS-EU)
1	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.124.64.248 3.124.64.248	16509 (AMAZON-02) (AMAZON-02)
25	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	2606:4700:440... 2606:4700:4400::6812:22b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::39 2a02:2638:3::39	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.31.92 18.245.31.92	16509 (AMAZON-02) (AMAZON-02)
1	13.33.173.196 13.33.173.196	16509 (AMAZON-02) (AMAZON-02)
4	23.215.23.172 23.215.23.172	16625 (AKAMAI-AS) (AKAMAI-AS)
2	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:272... 2600:9000:2724:3a00:a:e047:754:afe1	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:223... 2600:9000:223c:2800:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a01:4f8:272:... 2a01:4f8:272:4e01::2	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 4	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
3	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
27	37.157.2.250 37.157.2.250	198622 (ADFORM) (ADFORM)
7	18.66.102.9 18.66.102.9	16509 (AMAZON-02) (AMAZON-02)
1 1	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
12	172.67.184.158 172.67.184.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2.19.126.149 2.19.126.149	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.185.142 142.250.185.142	() ()
237	68

24 2606:4700:10::6816:30d3 (United States)

ASN13335 (CLOUDFLARENET, US)

samfw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.145.26 (United States)

ASN13335 (CLOUDFLARENET, US)

mifirm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

ipsw.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

lgrom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

iccid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.209.125 (United States)

ASN13335 (CLOUDFLARENET, US)

vanced.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1081:1 (Germany)

ASN60068 (CDN77 _, GB)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.232.196.193 (United States) 3 redirects

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.147.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-69.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.26.8.178 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 163.5.194.30 (Amsterdam, Netherlands) 1 redirects

ASN60558 (SECUREDSERVERS-EU, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.64.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-64-248.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::39 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-92.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.173.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-173-196.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.215.23.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-23-172.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:3a00:a:e047:754:afe1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:2800:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
setupad-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:272:4e01::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d0935063c26ce10cd8c11bf009516a4b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 37.157.2.250 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.102.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-9.fra56.r.cloudfront.net

setupad-hai-tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.132 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.184.158 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.126.149 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-149.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.142 (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	adform.net 1 redirects adx.adform.net — Cisco Umbrella Rank: 6462 track.adform.net — Cisco Umbrella Rank: 5808 s1.adform.net — Cisco Umbrella Rank: 12796 cm.adform.net — Cisco Umbrella Rank: 1528	471 KB
24	samfw.com samfw.com — Cisco Umbrella Rank: 659954	677 KB
18	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192	218 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 d0935063c26ce10cd8c11bf009516a4b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 163	272 KB
13	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2602 setupad-hai-tagan.adlightning.com	100 KB
12	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 8059	188 KB
7	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	305 KB
6	imgur.com 3 redirects i.imgur.com — Cisco Umbrella Rank: 8556	1 KB
5	3lift.com 1 redirects tlx.3lift.com — Cisco Umbrella Rank: 535 eb2.3lift.com — Cisco Umbrella Rank: 415	1 KB
5	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 www.google.com — Cisco Umbrella Rank: 3	69 KB
5	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 522 cdn.id5-sync.com — Cisco Umbrella Rank: 994	30 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 345 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 651 aax.amazon-adsystem.com — Cisco Umbrella Rank: 457	88 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1096	106 KB
4	openx.net rtb.openx.net — Cisco Umbrella Rank: 556 u.openx.net — Cisco Umbrella Rank: 743 setupad-d.openx.net — Cisco Umbrella Rank: 89869	290 B
4	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 777	309 B
4	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 53378	5 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
4	criteo.com gum.criteo.com — Cisco Umbrella Rank: 461 bidder.criteo.com — Cisco Umbrella Rank: 745	584 B
3	setupad.com node.setupad.com — Cisco Umbrella Rank: 64718	721 B
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1450 a.ad.gt — Cisco Umbrella Rank: 1552	5 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 3596 mp.4dex.io — Cisco Umbrella Rank: 3227	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	275 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 776	44 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1011	26 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 917	561 B
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 267 acdn.adnxs.com — Cisco Umbrella Rank: 613	1 KB
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 8337 invstatic101.creativecdn.com — Cisco Umbrella Rank: 2648	2 KB
2	gstatic.com www.gstatic.com	28 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 17164	5 KB
2	mifirm.net mifirm.net	9 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	84 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	4 KB
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2737	459 B
1	adtelligent.com s.adtelligent.com — Cisco Umbrella Rank: 5459
1	google.fi www.google.fi — Cisco Umbrella Rank: 40150	455 B
1	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 6925	9 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1183	7 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2261	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3694	4 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1601	12 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1583	239 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
1	vanced.me vanced.me	2 KB
1	iccid.info iccid.info	4 KB
1	lgrom.com lgrom.com	908 B
1	ipsw.pro ipsw.pro	14 KB
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 49176	124 KB
237	48

	Domain	Requested by
27	s1.adform.net	tagan.adlightning.com samfw.com s1.adform.net
24	samfw.com	samfw.com static.cloudflareinsights.com
21	track.adform.net	tagan.adlightning.com samfw.com s1.adform.net
14	pagead2.googlesyndication.com	samfw.com pagead2.googlesyndication.com tagan.adlightning.com
12	fonts.cdnfonts.com	s1.adform.net fonts.cdnfonts.com
11	securepubads.g.doubleclick.net	samfw.com securepubads.g.doubleclick.net tagan.adlightning.com
7	setupad-hai-tagan.adlightning.com	tagan.adlightning.com
7	cdnjs.cloudflare.com	samfw.com cdnjs.cloudflare.com
6	googleads.g.doubleclick.net	www.googletagmanager.com tagan.adlightning.com
6	tagan.adlightning.com	stpd.cloud tagan.adlightning.com
6	i.imgur.com	3 redirects samfw.com
4	eb2.3lift.com	1 redirects stpd.cloud
4	secure.cdn.fastclick.net	tagan.adlightning.com secure.cdn.fastclick.net
4	adx.adform.net	stpd.cloud s1.adform.net
4	prebid.a-mo.net	1 redirects stpd.cloud
4	prebid-stag.setupad.net	stpd.cloud samfw.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	id5-sync.com	stpd.cloud cdn.id5-sync.com
3	node.setupad.com	stpd.cloud
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net tagan.adlightning.com
3	c.amazon-adsystem.com	stpd.cloud c.amazon-adsystem.com
3	gum.criteo.com	stpd.cloud tagan.adlightning.com
3	www.googletagmanager.com	samfw.com www.googletagmanager.com
2	tpc.googlesyndication.com	tagan.adlightning.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	u.openx.net	stpd.cloud
2	www.google.com	samfw.com tagan.adlightning.com
2	static.criteo.net	tagan.adlightning.com stpd.cloud
2	tags.crwdcntrl.net	tagan.adlightning.com
2	lb.eu-1-id5-sync.com	stpd.cloud cdn.id5-sync.com
2	www.gstatic.com	samfw.com
2	script.4dex.io	stpd.cloud script.4dex.io
2	images.dmca.com	samfw.com
2	mifirm.net	samfw.com
2	connect.facebook.net	samfw.com connect.facebook.net
2	cdn.jsdelivr.net	samfw.com stpd.cloud
1	setupad-d.openx.net	stpd.cloud
1	acdn.adnxs.com	stpd.cloud
1	cm.adform.net	1 redirects
1	a.ad.gt	tagan.adlightning.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	d0935063c26ce10cd8c11bf009516a4b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s.adtelligent.com	stpd.cloud
1	www.google.fi	samfw.com
1	connectid.analytics.yahoo.com	tagan.adlightning.com
1	invstatic101.creativecdn.com	tagan.adlightning.com
1	cdn-ima.33across.com	tagan.adlightning.com
1	oa.openxcdn.net	tagan.adlightning.com
1	cdn.prod.uidapi.com	tagan.adlightning.com
1	cdn.id5-sync.com	tagan.adlightning.com
1	cdn.hadronid.net	samfw.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	tagan.adlightning.com
1	cadmus.script.ac	script.4dex.io
1	rtb.openx.net	stpd.cloud
1	bidder.criteo.com	stpd.cloud
1	mp.4dex.io	stpd.cloud
1	tlx.3lift.com	stpd.cloud
1	ib.adnxs.com	stpd.cloud
1	prebid-eu.creativecdn.com	stpd.cloud
1	td.doubleclick.net	www.googletagmanager.com
1	fonts.googleapis.com	samfw.com
1	static.cloudflareinsights.com	samfw.com
1	vanced.me	samfw.com
1	iccid.info	samfw.com
1	lgrom.com	samfw.com
1	ipsw.pro	samfw.com
1	stpd.cloud	samfw.com
237	68

This site contains links to these domains. Also see Links.

Domain
mifirm.net
ipsw.pro
lgrom.com
iccid.info
vanced.me
www.s-unlockserver.com
chimeratool.com
t.me
api.whatsapp.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
www.dmca.com

Subject Issuer	Validity	Valid
samfw.com WE1	`2024-08-30` - `2024-11-28`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
stpd.cloud WE1	`2024-09-06` - `2024-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-12` - `2024-10-10`	3 months	crt.sh
mifirm.net WE1	`2024-08-31` - `2024-11-29`	3 months	crt.sh
ipsw.pro WE1	`2024-09-17` - `2024-12-16`	3 months	crt.sh
lgrom.com WE1	`2024-09-13` - `2024-12-12`	3 months	crt.sh
iccid.info WE1	`2024-09-19` - `2024-12-18`	3 months	crt.sh
vanced.me WE1	`2024-09-27` - `2024-12-26`	3 months	crt.sh
images.dmca.com R10	`2024-08-30` - `2024-11-28`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M02	`2024-07-30` - `2025-08-27`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
script.4dex.io WE1	`2024-09-21` - `2024-12-21`	3 months	crt.sh
*.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
setupad.net WE1	`2024-09-04` - `2024-12-03`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
*.a-mo.net R11	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-24`	a year	crt.sh
mp.4dex.io WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
script.ac E6	`2024-08-21` - `2024-11-19`	3 months	crt.sh
*.eu-1-id5-sync.com R10	`2024-09-01` - `2024-11-30`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-07` - `2025-08-07`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
hadronid.net WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
id5-sync.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-21`	3 months	crt.sh
cdn.prod.uidapi.com E6	`2024-09-11` - `2024-12-10`	3 months	crt.sh
oa.openxcdn.net WR3	`2024-09-16` - `2024-12-15`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
invstatic101.creativecdn.com WR3	`2024-08-17` - `2024-11-15`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2024-06-04` - `2024-11-28`	6 months	crt.sh
*.google.fi WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2024-09-18` - `2024-12-17`	3 months	crt.sh
id.hadron.ad.gt WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2024-06-17` - `2025-07-19`	a year	crt.sh
a.ad.gt WE1	`2024-08-07` - `2024-11-05`	3 months	crt.sh
node.setupad.com R10	`2024-08-21` - `2024-11-19`	3 months	crt.sh
cdnfonts.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
cdn.adnxs.com R11	`2024-08-20` - `2024-11-18`	3 months	crt.sh

This page contains 28 frames:

Primary Page: https://samfw.com/
Frame ID: 122FD9D3720D5826F077C70510035CED
Requests: 126 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11479263759?random=1727953731228&cv=11&fst=1727953731228&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a10za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fsamfw.com%2F&hn=www.googleadservices.com&frm=0&tiba=Samsung%20Firmware%20Download%20-%20Lastest%20official%20firmware%20update&npa=0&pscdl=noapi&auid=1327328940.1727953731&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 732472D5C37A1E5288F4CA8722EA2AFB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html
Frame ID: 34E7B8A2D711042C84F3FBA8F91ED49A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1839315362497448&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1727953731&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsamfw.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727953730964&bpp=9&bdt=674&idt=365&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2980915087789&frm=20&pv=2&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95330278%2C95343454%2C31087565%2C95339678&oid=2&pvsid=951297560501306&tmod=1882632990&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=884
Frame ID: 4B2EF9E1A409BB3AC73F3E9582F0C1C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&abgtt=5&lmt=1727953731&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727953730964&bpp=3&bdt=675&idt=390&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2980915087789&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95330278%2C95343454%2C31087565%2C95339678&oid=2&pvsid=951297560501306&tmod=1882632990&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=895
Frame ID: 1F8832D6DE50EB843243A46AE5810EAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1839315362497448&output=html&h=90&slotname=4246061066&adk=2985700671&adf=2272196671&pi=t.ma~as.4246061066&w=970&abgtt=5&lmt=1727953731&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727953730964&bpp=6&bdt=674&idt=396&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2980915087789&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95330278%2C95343454%2C31087565%2C95339678&oid=2&pvsid=951297560501306&tmod=1882632990&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=905
Frame ID: 41DBADE5D8596A971E31ECB16D2D966D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1839315362497448&output=html&h=280&slotname=9436650906&adk=163764764&adf=1542529960&pi=t.ma~as.9436650906&w=1200&abgtt=5&fwrn=4&fwrnh=100&lmt=1727953731&rafmt=1&format=1200x280&url=https%3A%2F%2Fsamfw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727953730964&bpp=2&bdt=675&idt=464&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C970x90%2C970x90&nras=1&correlator=2980915087789&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95330278%2C95343454%2C31087565%2C95339678&oid=2&pvsid=951297560501306&tmod=1882632990&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=916
Frame ID: D9D3746F35DD82AE34D1AF1CFF6A7DE9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: E9628D8BC8FE30554CBD73C6D16CE8AD
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: CC25DED0F9BB3E02368E79C4C9A2278A
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=848151
Frame ID: 5E0AD47F498570F0A8C659C6DEE6D0D6
Requests: 1 HTTP requests in this frame

Frame: https://d0935063c26ce10cd8c11bf009516a4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5AA6CC3743C7E7B3C3BCF98BBBB94B69
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=samfw.com&gdpr=0&gdpr_consent=
Frame ID: DA9B6E0ECA77C74F8A20D7B70A567DDB
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: 1808416E02CDF09984700E070309237D
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Frame ID: 6C0A52053D02C212A09CCFBF0327FBDB
Requests: 25 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Frame ID: 9B8B55FC0DB7CD1A76DBCC63512A20F2
Requests: 19 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Frame ID: 685D1C0B87D59B85F9011590BC7C8E91
Requests: 17 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2155590/15069937/15069937.js?ADFassetID=15069937&bv=258
Frame ID: 648ED138A2F76B946C9311431CD52EAA
Requests: 10 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2155590/15068987/15068987.js?ADFassetID=15068987&bv=258
Frame ID: C583CE7EF8DB63DD5117C666A5C44FA2
Requests: 10 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2155590/15068990/15068990.js?ADFassetID=15068990&bv=258
Frame ID: 847F63C96A1E4F7B14F4A6A6664F8EC9
Requests: 10 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 20A5EBD0AA5FB86C1F12E77D027A113F
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 252B6A73F87CA083D6866204C2F896A3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A55D8E4D1F3A6336689E83FE0DA8A31C
Requests: 1 HTTP requests in this frame

Frame: https://setupad-d.openx.net/w/1.0/pd
Frame ID: C289BFEB3AD16678F0B85D1DFC4E6DFF
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: EDF580514F97D01BC7DE57933D957FC5
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 3D887659A12A458B1EC567950C8BB2C9
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 668E529300C81742FFD2D8DB0446E94C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: E26AB9670B55701793A9523861F587A2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FCA72F968F52F26ACCEB3C27546673F0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Samsung Firmware Download - Lastest official firmware update

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

237
Requests

97 %
HTTPS

41 %
IPv6

48
Domains

68
Subdomains

68
IPs

7
Countries

3251 kB
Transfer

8955 kB
Size

42
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://mifirm.net/
Title: MiFirm.net - Xiaomi Firmware

Search URL Search Domain Scan URL

URL: https://mifirm.net/f
Title: Remove FRP Tools

Search URL Search Domain Scan URL

URL: https://ipsw.pro/
Title: IPSW Pro - Apple Firmware

Search URL Search Domain Scan URL

URL: https://lgrom.com/
Title: LGROM.com - LG Firmware KDZ

Search URL Search Domain Scan URL

URL: https://iccid.info/
Title: ICCID.info - New ICCID

Search URL Search Domain Scan URL

URL: https://vanced.me/
Title: Vanced.me - Install Vanced

Search URL Search Domain Scan URL

URL: https://www.s-unlockserver.com/

Search URL Search Domain Scan URL

URL: https://chimeratool.com/en/docs/2024-samsung-exynos-update/?utm_source=samfw&utm_campaign=2024-legacy-exynos&utm_medium=banner

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https://samfw.com

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://samfw.com

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://samfw.com&text=Download%20Samsung%20Firmware&hashtags=samsungfirmware

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https://samfw.com&title=Download%20Samsung%20Firmware

Search URL Search Domain Scan URL

URL: https://t.me/samfw_mifirm
Title: Connect telegram channel

Search URL Search Domain Scan URL

URL: https://www.facebook.com/samfw.global/
Title: View our Facebook Fan Page

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@samfw.official
Title: View our Youtube channel

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=cf9a563f-9d66-4f15-8c75-9e3ec086657e&refurl=https://samfw.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://i.imgur.com/yIOeX2Z.jpg HTTP 302
https://i.imgur.com/removed.png

Request Chain 40

https://i.imgur.com/3hlryrq.jpg HTTP 302
https://i.imgur.com/removed.png

Request Chain 41

https://i.imgur.com/RvgYHYp.gif HTTP 302
https://i.imgur.com/removed.png

Request Chain 122

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=amx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=

Request Chain 123

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1

Request Chain 163

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=7070968462635868244

237 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
samfw.com/ 87 KB
19 KB 1205ms
1122ms Document
text/html 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a04036b41f1461de36539a5356ee2b2a7eed4945530c1b6b873bbff9c9a8b906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8ccc79f75dd88da7-HEL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 03 Oct 2024 11:08:50 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
samfw.com/assets/vendor/bootstrap/ 152 KB
28 KB 46ms
42ms Stylesheet
text/css 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/assets/vendor/bootstrap/bootstrap.min.css?v=4

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b27a73fe72c5c4ba18484e7717a330ca08b5bf1e126a51570b066b3de727b9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6408e1f0-260e8"
age: 5951
cf-ray: 8ccc79fe6da48da7-HEL
expires: Thu, 03 Oct 2024 21:29:39 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/css
last-modified: Wed, 08 Mar 2023 19:28:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 lazy.css
samfw.com/assets/css/ 47 KB
7 KB 45ms
41ms Stylesheet
text/css 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/assets/css/lazy.css

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6bc7c9009a7c835800ccb44258f197a071804b177f7ccf506c5be4e586a451d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=43200
content-encoding: br
cf-bgj: minify
etag: W/"5f75bb7a-bafa"
age: 5951
cf-cache-status: HIT
cf-ray: 8ccc79fe7da58da7-HEL
expires: Thu, 03 Oct 2024 21:29:39 GMT
cf-polished: origSize=47866
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/css
last-modified: Thu, 01 Oct 2020 11:20:26 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 demo.css
samfw.com/assets/css/ 5 KB
1 KB 66ms
62ms Stylesheet
text/css 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/assets/css/demo.css

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

726868fb1e3a84e3fcdfa52630aa9e70f6328750b335438a96fad8c5738b104d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=43200
content-encoding: br
cf-bgj: minify
etag: W/"60616c90-15e4"
age: 5951
cf-cache-status: HIT
cf-ray: 8ccc79fe7da68da7-HEL
expires: Thu, 03 Oct 2024 21:29:39 GMT
cf-polished: origSize=5604
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/css
last-modified: Mon, 29 Mar 2021 05:58:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 autocomplete.css
samfw.com/assets/css/ 658 B
357 B 47ms
44ms Stylesheet
text/css 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/assets/css/autocomplete.css

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c601c5cd461b4bfe66c31b39c6dfc040f4da907c942230c2d4bf09d86604e939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=43200
content-encoding: br
cf-bgj: minify
etag: W/"5db5cd10-3fb"
age: 5951
cf-cache-status: HIT
cf-ray: 8ccc79fe7da78da7-HEL
expires: Thu, 03 Oct 2024 21:29:39 GMT
cf-polished: origSize=1019
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/css
last-modified: Sun, 27 Oct 2019 17:00:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 flags.css
samfw.com/assets/css/ 10 KB
2 KB 62ms
59ms Stylesheet
text/css 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/assets/css/flags.css

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abc50021338ab4551b32de53540e77bf1f970e00d8d8c569780adacbf46a18a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=43200
content-encoding: br
cf-bgj: minify
etag: W/"5f7c422a-2851"
age: 5951
cf-cache-status: HIT
cf-ray: 8ccc79fe7da88da7-HEL
expires: Thu, 03 Oct 2024 21:29:39 GMT
cf-polished: origSize=10321
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/css
last-modified: Tue, 06 Oct 2020 10:08:42 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 100 KB
19 KB 131ms
65ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6421d693-4940"
age: 54897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ys9WPWNisi8wuCpfO%2FWNJVV82IYQyW7aCtJ7OzG0zCxS%2F9wQxOPrcRtXrqUCoLVAsNYnVLVB3HRT7%2BGWbc8QBJnJ%2BW4oTKVvvac4i2C3fpndZ7myEoAq2e7RkaxBV5NS%2FupVYIEW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 23 Sep 2025 11:08:50 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ccc79fedb7f930f-CPH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18752
server: cloudflare

GET
H3 200 font-awesome-animation.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome-animation/0.2.1/ 18 KB
2 KB 130ms
65ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome-animation/0.2.1/font-awesome-animation.min.css

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a4b03a6c128b46647ca81421d1b1db2577751a66b09c13677c8d753cac18c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-47d3"
age: 48559
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2FLLO2YcXt2tcwXzFtKQXpbG1sfik0%2FOhuJY2wsAJk9QzeI3Nznhwje%2BtJOPacHTJ0iDPQGVArGeTK16yoBScZwiJ%2FwtmLNtudbjcOXYttHCxH6H1GrmSjXirAZWJaddeu8BUCUc"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 23 Sep 2025 11:08:50 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ccc79fedb2d8f60-CPH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1424
server: cloudflare

GET
H3 200 toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/ 7 KB
3 KB 126ms
60ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.css

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "659946f6-a50"
age: 46148
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVu9MRhaWuM5yd95HQYAezZQFXDRpdtEELDKDbL0KV8lxpWpik2XBJzYKOkGIeOUMBAApkOmPj5gskWFomJ3JAN%2BPav1eOmsNfAHUe8uTdHBv0%2Ft%2FrIXBwixdNhB2Hb2UgAT4usf"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 23 Sep 2025 11:08:50 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 06 Jan 2024 13:26:30 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ccc79fedb80930f-CPH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2640
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
78 KB 242ms
79ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-163898725-1

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cdf0311fb121d948316b089ba5c004739cc8e7644bdc05c88c633181ad1b39d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 03 Oct 2024 11:08:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 78903
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
93 KB 328ms
165ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11479263759

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

140ad1b9cfaf3f8fe6858cb2f6ca09a3428811a8c769b7fe9dda5cb21b7206f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 03 Oct 2024 11:08:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 03 Oct 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 95013
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 209ms
83ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

73eac51eebe6b19992a67033fee54dbb97d5d33f4f45681c4c65cf71b566d74b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: br
etag: 4883660977705947178
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:08:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52523
x-xss-protection: 0
server: cafe

GET
H2 200 in-view.min.js Show response
cdn.jsdelivr.net/npm/in-view@0.6.1/dist/ 5 KB
3 KB 153ms
32ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls"
age: 1642142
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220112-FRA, cache-hel1410021-HEL
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2213
x-jsd-version: 0.6.1

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 105 KB
32 KB 206ms
79ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

cefe70262b9b05ab789ea370a235baa93acf0ec1098e1ec39afba41c744891be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: br
etag: 42 / 19999 / m202409260101 / config-hash: 985063253086454253
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:08:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33077
x-xss-protection: 0
server: cafe

GET
H2 200 3171 Show response
stpd.cloud/saas/ 420 KB
124 KB 214ms
119ms Script
text/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/saas/3171
Requested by: Host: samfw.com
URL: https://samfw.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51f5ea1401fc3f292ded2892fc01ea80b0a48a165fa0df587c0523f4f2d473bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: s-maxage=300
x-stpd-module-cache: HIT
content-encoding: br
cf-ray: 8ccc7a00a9a88d6b-HEL
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 120ms
58ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

1806e8e738bd4b8d43ba38d3aeb44bbdb1793137a28d33f0bb605c99db8e5e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://samfw.com/

Response headers

content-md5: RStDXj1G511OWEpPG3zvwg==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "2ea3ed47b02969fcdb5a8b98994eac2b"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:22:37 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=1200s
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 29a3b23e72117968858f6aa62375b57c
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=23, mss=1232, tbw=4448, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: TLHuhrR7P+fxyH29aYoT5CMXl9UFpv3Tp616BLXNuqjirH6APyApnlnNJeqFNPj7/0gp6XDh/EBgVAGoM1uzYA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1687

GET
H2 200 logo.png
samfw.com/assets/img/ 15 KB
15 KB 47ms
45ms Image
image/png 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://samfw.com/assets/img/logo.png

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9963f5b0e2cf0df9868755d53be44f5a1b39e88bd59ced041131ae48a8e0ed6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
cf-cache-status: HIT
etag: "5db5cd10-3a7b"
age: 1872056
cf-ray: 8ccc79fe7daa8da7-HEL
expires: Fri, 11 Oct 2024 19:07:54 GMT
accept-ranges: bytes
content-length: 14971
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/png
last-modified: Sun, 27 Oct 2019 17:00:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 logo.png
mifirm.net/assets/img/ 9 KB
9 KB 328ms
79ms Image
image/png 172.67.145.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mifirm.net/assets/img/logo.png

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.145.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f821113c24955a956a7d286d0e753bf11e1c00db8a2c7281c043777d8a88489a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cf-cache-status: HIT
etag: "5e84bb56-2406"
age: 1516521
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zOkC2uLCxpaVMES7E9XZOsWK1jdax3OfcRVHMfBWjtj8hXyR2PjJbWtr91UPmwoTX6r%2FzYSw8xTQzKeR1NujfZBLfwrPnwF8WH5vVDm5lfegxQTZiMC5Zpvh%2By8p"}],"group":"cf-nel","max_age":604800}
expires: Tue, 15 Oct 2024 21:53:29 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/png
last-modified: Wed, 01 Apr 2020 16:03:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ccc7a00180d5b5b-VIE
accept-ranges: bytes
content-length: 9222
server: cloudflare

GET
H3 200 fav.png
ipsw.pro/assets/images/ 13 KB
14 KB 185ms
83ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipsw.pro/assets/images/fav.png

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91bb0dbfeabaada68e709bced9418d0d8cd4f40cbaa27f3ffbce0c39d7426d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cf-cache-status: HIT
etag: "6412ad32-3592"
age: 712769
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d28pDinYx1XkwI%2BhlqtD5JxiP%2BsvqWcuBL8ZlG%2BLSeIqi7kpC2AggHl70ceJtPN%2B%2Bxhz8v%2FTkDifa%2BzltGfg82sZvxkk0iRxSA2DaE6QsLrsfoGkdPEdv5hlIw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 25 Oct 2024 05:09:21 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/png
last-modified: Thu, 16 Mar 2023 05:46:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ccc79ff9d735bb9-VIE
accept-ranges: bytes
content-length: 13714
server: cloudflare

GET
H3 200 favicon.png
lgrom.com/assets/media/logos/ 429 B
908 B 168ms
81ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lgrom.com/assets/media/logos/favicon.png

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b55fb4a75d471d1914c00f5c4cf157d3671edf76592e80883966507cf041b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cf-cache-status: HIT
etag: "5fd9d9e0-1ad"
age: 1524774
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y45Z2vHSGYfHGWY2dwBP5wMNc6fPo8v%2BKiWvuyyhYezb1h3jJKWqfjx2DLsb12JpZQdmapMWbM6WU56NcrkyypTgmfJfjrDHx0JP5vmnjopvixyOMASmeKZEWIM%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 15 Oct 2024 19:35:56 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/png
last-modified: Wed, 16 Dec 2020 09:56:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ccc7a00bcac5ba5-VIE
accept-ranges: bytes
content-length: 429
server: cloudflare

GET
H2 200 logo.png
iccid.info/img/ 3 KB
4 KB 214ms
71ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iccid.info/img/logo.png

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5379e3d4fc3e0416a9b1253dd32124d108ff548e3674f290bf7777934288726e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cf-cache-status: HIT
etag: "624044de-c9a"
age: 157067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQM2n3ePM6U2wecIWJ789uAoGtLwIspLIh6sg8oPKFbh9brsYuxTrrom%2FQjOd8N7Z72TP%2FfD74MHi5bQ0OrVWWyygcW%2FnLDyRL%2FBt%2FCOVgeG%2BBetC0EA1JoOthG6krG8Thn0oC7GtUcG"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Oct 2024 15:31:03 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/png
last-modified: Sun, 27 Mar 2022 11:05:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ccc7a016b48c41c-WAW
accept-ranges: bytes
content-length: 3226
server: cloudflare

GET
H3 200 logo.svg
vanced.me/assets/img/ 5 KB
2 KB 190ms
92ms Image
image/svg+xml 172.67.209.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vanced.me/assets/img/logo.svg

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.209.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbed8abf9faeb3ec7ddab4e5c02e0633eb56b96cfbfc83ed93d8d5e7eab5bfab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"611237f2-133d"
age: 3329
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fHyT23%2BOxwUL6mDPwxBR2aoCkgkBTWdf2%2FFTbZhkev7XZhqdLr7%2F2MAH5SROr8GORLxRbyoZ5pnALThHDeA%2FecVQjJNg4sV2AG9W0uohegsVj80YOBR%2F5uSZYAw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a0139c65baa-VIE
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Aug 2021 08:25:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 logo_spin.gif
samfw.com/assets/img/ 21 KB
21 KB 57ms
50ms Image
image/gif 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://samfw.com/assets/img/logo_spin.gif

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25304f55e96bc18514a5a0de5068ff792983017e85e2ce5ca7052bef0bcf166b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
cf-cache-status: HIT
etag: "5dd41f90-5367"
age: 41655
cf-ray: 8ccc7a001f6f8da7-HEL
expires: Fri, 01 Nov 2024 23:34:34 GMT
accept-ranges: bytes
content-length: 21351
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/gif
last-modified: Tue, 19 Nov 2019 17:00:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 default.jpg
samfw.com/blog_images/new-samsung-members-version-shows-one-ui-7-0-beta-is-coming/ 9 KB
9 KB 52ms
46ms Image
image/jpeg 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://samfw.com/blog_images/new-samsung-members-version-shows-one-ui-7-0-beta-is-coming/default.jpg

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6068220efe32f5b7a4694319611eabb759100caa9c20f5fb8ab9aae36c8a34de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "66f92bc6-2322"
age: 24836
cf-cache-status: HIT
cf-ray: 8ccc7a001f718da7-HEL
expires: Sat, 02 Nov 2024 04:14:54 GMT
accept-ranges: bytes
content-length: 8994
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/jpeg
last-modified: Sun, 29 Sep 2024 10:28:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 default.jpg
samfw.com/blog_images/samsung-revives-the-animation-feature-that-one-ui-6-1-1-removed/ 18 KB
18 KB 52ms
47ms Image
image/jpeg 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://samfw.com/blog_images/samsung-revives-the-animation-feature-that-one-ui-6-1-1-removed/default.jpg

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1871f6537b97797c6a6fb6a8f97f3c26a38c8dff37c6e0e8fe73bd004e9d1f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "66f92bc6-4772"
age: 73711
cf-cache-status: HIT
cf-ray: 8ccc7a001f738da7-HEL
expires: Fri, 01 Nov 2024 14:40:19 GMT
accept-ranges: bytes
content-length: 18290
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/jpeg
last-modified: Sun, 29 Sep 2024 10:28:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 default.jpg
samfw.com/blog_images/the-galaxy-tab-s10-series-will-have-a-dedicated-galaxy-ai-key/ 12 KB
12 KB 81ms
76ms Image
image/jpeg 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://samfw.com/blog_images/the-galaxy-tab-s10-series-will-have-a-dedicated-galaxy-ai-key/default.jpg

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07ac08a5e37347c8cb3cfd697957d3be5f8bb8d221f9850cbc6fcd1d79f8c651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "66f92bc6-2f6d"
age: 109261
cf-cache-status: HIT
cf-ray: 8ccc7a001f758da7-HEL
expires: Fri, 01 Nov 2024 04:47:49 GMT
accept-ranges: bytes
content-length: 12141
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/jpeg
last-modified: Sun, 29 Sep 2024 10:28:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 default.jpg
samfw.com/blog_images/gemini-live-is-released-for-free-for-galaxy-devices/ 11 KB
12 KB 82ms
76ms Image
image/jpeg 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://samfw.com/blog_images/gemini-live-is-released-for-free-for-galaxy-devices/default.jpg

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dd707f55fd1cb8ba02b431427c183bdeeed0adfa81d9dfb368126986d94b358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "66f92a76-2d9f"
age: 161467
cf-cache-status: HIT
cf-ray: 8ccc7a004f938da7-HEL
expires: Thu, 31 Oct 2024 14:17:43 GMT
accept-ranges: bytes
content-length: 11679
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/jpeg
last-modified: Sun, 29 Sep 2024 10:22:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sunlock.png
samfw.com/assets/img/supporter/ 42 KB
42 KB 82ms
77ms Image
image/png 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://samfw.com/assets/img/supporter/sunlock.png

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

560dfcac42ead6985d2e72778b5d4f548427fcf1e5aa439b8c4edda4ca09c5d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
cf-cache-status: HIT
etag: "64a5284d-a678"
age: 1144469
cf-ray: 8ccc7a004f948da7-HEL
expires: Sun, 20 Oct 2024 05:14:21 GMT
accept-ranges: bytes
content-length: 42616
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/png
last-modified: Wed, 05 Jul 2023 08:22:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Chimera-Exynos-Samfw.gif
samfw.com/assets/img/supporter/ 327 KB
327 KB 84ms
79ms Image
image/gif 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://samfw.com/assets/img/supporter/Chimera-Exynos-Samfw.gif

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55395142ff59cec3edc25f2d26357b182f5fd9c0f92f4de87560b539f8bbe64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
cf-cache-status: HIT
etag: "66e1b904-51bc8"
age: 496124
cf-ray: 8ccc7a004f958da7-HEL
expires: Sun, 27 Oct 2024 17:20:06 GMT
accept-ranges: bytes
content-length: 334792
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/gif
last-modified: Wed, 11 Sep 2024 15:36:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 email-decode.min.js Show response
samfw.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 48ms
37ms Script
application/javascript 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"66f525c6-4d7"
x-content-type-options: nosniff
cf-ray: 8ccc7a001f5f8da7-HEL
expires: Sat, 05 Oct 2024 11:08:50 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 09:13:42 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 dmca-badge-w150-5x1-08.png
images.dmca.com/Badges/ 3 KB
4 KB 98ms
69ms Image
image/png 2400:52e0:1e00::1081:1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca-badge-w150-5x1-08.png?ID=cf9a563f-9d66-4f15-8c75-9e3ec086657e
Requested by: Host: samfw.com
URL: https://samfw.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1081 / ASP.NET
Resource Hash: ce784660775c196b3eaae5369bab374896a97a682531863832d64b8249d9ac14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cdn-status: 200
etag: "fadaf3aace6d11:0"
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/png
cdn-cachedat: 09/12/2023 22:49:55
last-modified: Mon, 25 Jul 2016 19:39:16 GMT
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: public, max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cdn-requestid: 9e835e778193190ab41def80c8c3437f
cdn-pullzone: 1574055
cdn-proxyver: 1.04
accept-ranges: bytes
content-length: 3498
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
server: BunnyCDN-DE1-1081
cdn-requestcountrycode: FI

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
795 B 262ms
66ms Script
application/javascript 2400:52e0:1e00::1081:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: samfw.com
URL: https://samfw.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1081 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "26b181f16d28d51:0"
date: Thu, 03 Oct 2024 11:08:50 GMT
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
cdn-cachedat: 09/24/2024 07:53:42
vary: Accept-Encoding
content-type: application/javascript
cdn-requestpullcode: 200
cdn-cache: HIT
link: <https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cache-control: public, max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cdn-requestid: 46a1c0d80f889e3d6ff31b1e9b8dd09b
cdn-pullzone: 1574055
cdn-proxyver: 1.04
cdn-edgestorageid: 756
x-powered-by: ASP.NET
server: BunnyCDN-DE1-1081
cdn-requestcountrycode: FI

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 125ms
45ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: samfw.com
URL: https://samfw.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://samfw.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8ccc7a01ab524c87-HEL
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.min.js Show response
samfw.com/assets/vendor/jquery/ 85 KB
33 KB 86ms
75ms Script
application/javascript 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/assets/vendor/jquery/jquery.min.js

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0023a4d99a8085630d1430b58a1fd920d4411830aff093c59abba26aec04ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5db5cd10-1528b"
age: 5951
cf-ray: 8ccc7a001f618da7-HEL
expires: Thu, 03 Oct 2024 21:29:39 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/javascript
last-modified: Sun, 27 Oct 2019 17:00:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.autocomplete.js Show response
samfw.com/assets/js/ 18 KB
5 KB 54ms
43ms Script
application/javascript 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/assets/js/jquery.autocomplete.js?ver=22052024008

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

038427217743617442b03a64867931d75be8ecfeca75c8d49bd62199931a9c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=43200
content-encoding: br
cf-bgj: minify
etag: W/"664cf2d2-8f89"
age: 5951
cf-cache-status: HIT
cf-ray: 8ccc7a001f638da7-HEL
expires: Thu, 03 Oct 2024 21:29:39 GMT
cf-polished: origSize=36745
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/javascript
last-modified: Tue, 21 May 2024 19:15:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 popper.min.js Show response
samfw.com/assets/vendor/popper/ 19 KB
7 KB 88ms
78ms Script
application/javascript 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/assets/vendor/popper/popper.min.js

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2e32a2f0e2ef0d4105ee9762f91294140bebf5d74b2af1412906f475aaad270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5db5cd10-4a3a"
age: 3872
cf-ray: 8ccc7a001f678da7-HEL
expires: Thu, 03 Oct 2024 22:04:18 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/javascript
last-modified: Sun, 27 Oct 2019 17:00:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 bootstrap.min.js Show response
samfw.com/assets/vendor/bootstrap/ 57 KB
18 KB 52ms
42ms Script
application/javascript 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/assets/vendor/bootstrap/bootstrap.min.js

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

822e92296b8a874756bbf9de9dee0c5bb11978797cb862158e30f63f0b7db0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5db5cd10-e2e4"
age: 3871
cf-ray: 8ccc7a001f6a8da7-HEL
expires: Thu, 03 Oct 2024 22:04:19 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/javascript
last-modified: Sun, 27 Oct 2019 17:00:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 lazy.js Show response
samfw.com/assets/js/ 1 KB
615 B 86ms
81ms Script
application/javascript 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/assets/js/lazy.js

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f35b3d521d98fb8e2ee632e7b6a6893bab0eb99cf4173d463b8c9e8f5bf857b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=43200
content-encoding: br
cf-bgj: minify
etag: W/"5db5cd10-83b"
age: 3869
cf-cache-status: HIT
cf-ray: 8ccc7a004f968da7-HEL
expires: Thu, 03 Oct 2024 22:04:21 GMT
cf-polished: origSize=2107
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/javascript
last-modified: Sun, 27 Oct 2019 17:00:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/ 5 KB
2 KB 66ms
59ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "659946f7-75c"
age: 451448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eYthlGwiTQbkzeORurA9IqGOxOXD5JZmZeIMF%2BNrqKBuJnjWKMmN5ymM7cj64YYJiaZ%2FNXeK4UBB6E%2FMJtzfKh2SonIT2%2FwmX3vSoKbc1wCdQzT0S%2Bn77PGnEmCEN0ip%2BypH6V0g"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 23 Sep 2025 11:08:50 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 06 Jan 2024 13:26:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ccc7a001d88930f-CPH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1884
server: cloudflare

GET
H2 200 script.js Show response
samfw.com/js/ 762 B
515 B 54ms
44ms Script
application/javascript 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/js/script.js

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53e8ed68b305a1407569e8bb5257f0c9bce42b5e854254c0c9d915964d91c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=43200
content-encoding: br
cf-bgj: minify
etag: W/"60744dc1-3e7"
age: 5951
cf-cache-status: HIT
cf-ray: 8ccc7a001f6d8da7-HEL
expires: Thu, 03 Oct 2024 21:29:39 GMT
cf-polished: origSize=999
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Apr 2021 13:40:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

removed.png
i.imgur.com/
Redirect Chain

https://i.imgur.com/yIOeX2Z.jpg
https://i.imgur.com/removed.png

503 B
0

60ms
60ms

Image
image/png

199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/removed.png

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

etag: "d835884373f4d6c8f24742ceabe74946"
age: 3266764
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 03 Oct 2024 11:08:50 GMT
last-modified: Wed, 14 May 2014 05:44:36 GMT
content-type: image/png
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220062-FRA
x-cache-hits: 23848, 21473
cache-control: public, max-age=31536000
x-timer: S1727953731.998739,VS0,VE0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 503
server: cat factory 1.0

Redirect headers

strict-transport-security: max-age=300
retry-after: 0
location: https://i.imgur.com/removed.png
x-timer: S1727953731.893383,VS0,VE1
age: 513
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT, HIT
content-length: 0
date: Thu, 03 Oct 2024 11:08:50 GMT
x-served-by: cache-iad-kiad7000075-IAD, cache-fra-etou8220062-FRA
x-cache-hits: 0, 1
server: cat factory 1.0

GET
H2

200

removed.png
i.imgur.com/
Redirect Chain

https://i.imgur.com/3hlryrq.jpg
https://i.imgur.com/removed.png

503 B
0

61ms
60ms

Image
image/png

199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/removed.png

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

etag: "d835884373f4d6c8f24742ceabe74946"
age: 3266764
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 03 Oct 2024 11:08:50 GMT
last-modified: Wed, 14 May 2014 05:44:36 GMT
content-type: image/png
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220062-FRA
x-cache-hits: 23848, 21473
cache-control: public, max-age=31536000
x-timer: S1727953731.998739,VS0,VE0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 503
server: cat factory 1.0

Redirect headers

strict-transport-security: max-age=300
retry-after: 0
location: https://i.imgur.com/removed.png
x-timer: S1727953731.893561,VS0,VE4
age: 509
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT, HIT
content-length: 0
date: Thu, 03 Oct 2024 11:08:50 GMT
x-served-by: cache-iad-kjyo7100063-IAD, cache-fra-etou8220062-FRA
x-cache-hits: 0, 1
server: cat factory 1.0

GET
H2

200

removed.png
i.imgur.com/
Redirect Chain

https://i.imgur.com/RvgYHYp.gif
https://i.imgur.com/removed.png

503 B
724 B

59ms
57ms

Image
image/png

199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/removed.png

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

etag: "d835884373f4d6c8f24742ceabe74946"
age: 3266764
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 03 Oct 2024 11:08:50 GMT
last-modified: Wed, 14 May 2014 05:44:36 GMT
content-type: image/png
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220062-FRA
x-cache-hits: 23848, 21473
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1727953731.998739,VS0,VE0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 503
server: cat factory 1.0

Redirect headers

strict-transport-security: max-age=300
retry-after: 0
location: https://i.imgur.com/removed.png
x-timer: S1727953731.893572,VS0,VE1
age: 513
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT, HIT
content-length: 0
date: Thu, 03 Oct 2024 11:08:50 GMT
x-served-by: cache-iad-kiad7000039-IAD, cache-fra-etou8220062-FRA
x-cache-hits: 0, 1
server: cat factory 1.0

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 203ms
68ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700

Requested by

Host: samfw.com
URL: https://samfw.com/assets/css/lazy.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

daa4ccb4643215934abf5b0d2821ab3d8e97560db79e32b256480058c2a56c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:08:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 03 Oct 2024 10:00:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 logo.png
mifirm.net/assets/img/ 9 KB
0 1ms
1ms Image
image/png 172.67.145.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mifirm.net/assets/img/logo.png
Requested by: Host: samfw.com
URL: https://samfw.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.145.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f821113c24955a956a7d286d0e753bf11e1c00db8a2c7281c043777d8a88489a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cf-cache-status: HIT
etag: "5e84bb56-2406"
age: 1516521
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zOkC2uLCxpaVMES7E9XZOsWK1jdax3OfcRVHMfBWjtj8hXyR2PjJbWtr91UPmwoTX6r%2FzYSw8xTQzKeR1NujfZBLfwrPnwF8WH5vVDm5lfegxQTZiMC5Zpvh%2By8p"}],"group":"cf-nel","max_age":604800}
expires: Tue, 15 Oct 2024 21:53:29 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/png
last-modified: Wed, 01 Apr 2020 16:03:34 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ccc7a00180d5b5b-VIE
accept-ranges: bytes
content-length: 9222
server: cloudflare

GET
H2 200 flags_responsive.png
samfw.com/assets/img/ 88 KB
88 KB 67ms
66ms Image
image/png 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://samfw.com/assets/img/flags_responsive.png

Requested by

Host: samfw.com
URL: https://samfw.com/assets/css/flags.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15956e953fd36bd7f4d2f1f77dfad5a3741db9e52b094f80c6cef4f78eb6a779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/assets/css/flags.css

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
cf-cache-status: HIT
etag: "61eb960a-15f7a"
age: 2171674
cf-ray: 8ccc7a004f978da7-HEL
expires: Tue, 08 Oct 2024 07:54:15 GMT
accept-ranges: bytes
content-length: 89978
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: image/png
last-modified: Sat, 22 Jan 2022 05:28:42 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 147 KB
147 KB 111ms
110ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6421d693-24a6c"
age: 498262
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6EtekAE06OnSEy5CFYWfEq2PdA9MzT3i19lRd1%2Fav4Oc7VUYm8j8QUERX0xugLDiwULryGHThjKWhxagTh9so%2FO1ervItSJXJiplNKfuquInk8yeY3f3dnZSzufXdbGMH1Z3VVE%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 23 Sep 2025 11:08:50 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ccc7a009e63930f-CPH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 150124
server: cloudflare

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 105 KB
106 KB 67ms
67ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6421d693-1a5f4"
age: 6189973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYt7tQIrptfwlxllpu2zAMHYrIpNgUDa%2FAPPFKnrtKA%2FFLrQ5hDiOpfGCBk5dJJaiXYGo0JLeOL913uVCBDP%2BWFZmoi4ZptZ8ZOHqTafFlu0gZ4HEkIRZpuTwpdE7CQ3VshN%2BxUi"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 23 Sep 2025 11:08:50 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ccc7a009e65930f-CPH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 108020
server: cloudflare

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 24 KB
25 KB 251ms
251ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6421d693-6174"
age: 1377911
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r2%2BWSVGADMYwkwGECOjtpPYcv5oBFBhqlY24brG59KdKO83js9HtEwAaFkZEV4F%2Fn6FebsPvRaQp2d6KgHCM3qY1b8jVjpudRdLLcXjkql16Z3VwHLMWGWL1rsTNyIrNExuibKmd"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 23 Sep 2025 11:08:50 GMT
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ccc7a009e67930f-CPH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24948
server: cloudflare

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 289 KB
82 KB 61ms
60ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1da5012ed3fd564a164d303b7878f3b8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

cd39897ffb75f867dd79d60fdaefc61a8643603d2132d83823e078dc28e16de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://samfw.com/

Response headers

content-md5: 5p0HQLMVZxeYr5Pu7tObtw==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "320afc29c7f6d66d866fb8e13199019e"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 09:27:37 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: c7b8ad15893086723818cc6b29f1796a
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=26, mss=1232, tbw=8272, tp=14, tpl=0, uplat=0, ullat=-1
x-fb-debug: R5nHU5dQ4lPF3AkbyyZNrrN4hBm1+qwOKSNSiWjmpMdKaZoIqMBAjrVGxMLVzQd4pGj2mnH9r1zSh3bVTly3xA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 84135
origin-agent-cluster: ?1

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/ 478 KB
148 KB 62ms
59ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

9a373ae6214168509dc4fe047f320b9d27bd87ed907d66806ce9b865ca55042a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: br
etag: 13004938057169377323
age: 9230
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 08:35:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 03 Oct 2024 08:35:00 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 151619
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409260101/ 408 KB
137 KB 90ms
90ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1839315362497448&plah=samfw.com&bust=31087565

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

2b5aad44c0e11ac29556ec8a0a4ddb7f7809006cd5fcf323e91eeeb7da258605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: br
etag: 18121212298142208572
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:08:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 140105
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
0 0ms
0ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: samfw.com
URL: https://samfw.com/js/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

73eac51eebe6b19992a67033fee54dbb97d5d33f4f45681c4c65cf71b566d74b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: br
etag: 4883660977705947178
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:08:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52523
x-xss-protection: 0
server: cafe

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 218ms
58ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsamfw.com%2F&domain=samfw.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://samfw.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://samfw.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 03 Oct 2024 11:08:50 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 192742
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 op.js Show response
tagan.adlightning.com/setupad-hai/ 15 KB
7 KB 256ms
61ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/op.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad414661e26221eb7e3abd5782f688e228b4216fb15c18b5ddaef7ca9ecbcbeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: gzip
x-amz-version-id: NgJXtvCBF0uBIzxpQL6o0wz0lDniCrCr
etag: "6f2174fb614b724ac07dfe34a6717693"
age: 3385
x-cache: Hit from cloudfront
x-amz-cf-id: yHb2PLoEvKFJzOqS7EQKafnnbVjtuXiL5cMN6CQf_OANT6RSIWUx6Q==
date: Thu, 03 Oct 2024 10:12:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 13:50:58 GMT
cache-control: max-age=3600
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 6660
x-amz-meta-git_commit: 904ac2d
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 324 KB
80 KB 257ms
64ms Script
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"f2dd6786b4537f2bb6a3e22886b855f2"
age: 3580
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: h53HNhhUf3i_NbQu1P4P12iZFHsbyxgA4-DXqOLaiZaaRf11vI030A==
date: Thu, 03 Oct 2024 10:09:11 GMT
content-type: application/javascript
last-modified: Wed, 28 Aug 2024 22:46:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
x-amz-server-side-encryption: AES256

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 237ms
62ms Fetch
application/json 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241003

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3171

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ede13eb3ac23e602ec635dd77ec5321bacba2d364967ae647f45843aa2f2dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"63b-0ZQY/VQEO+LTucmPjYcveTA0bY0"
age: 25677
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-etou8220024-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 829
x-jsd-version: 1.0.2197

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 167 B
442 B 229ms
65ms Fetch
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3171

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

3b9767e5d0bea4d284bb1e624cc6ee3244b13efedfe5424eb5140ef326511eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
368 B 238ms
58ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsamfw.com%2F&domain=samfw.com&cw=1&lsw=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3171

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 208730
expires: 0
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 1 KB
1 KB 200ms
43ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"00a8e13a83b2bbab51af8e55f52be363"
Age: 417633
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8pcOISA%2FS126d97VASvarVap8LEACjhz1dGoEvjeQH%2BFR%2BHgWDWJtopsyq4Z7LjVc7UKI%2B2c1gYOLzl%2Bwf5IL79a%2BkDEwrj%2FfoQTW8UT8qQk5Ka7ktPG28VRj9m0tHK2nRGgVA%2Fv2ef9nMMC"}],"group":"cf-nel","max_age":604800}
CF-RAY: 8ccc7a04cd1c4c8d-HEL
Date: Thu, 03 Oct 2024 11:08:51 GMT
Content-Type: application/javascript
Last-Modified: Wed, 28 Aug 2024 15:06:32 GMT
Vary: Accept-Encoding
Server: cloudflare

GET
H2 200 22405468785 Show response
fundingchoicesmessages.google.com/i/ 200 KB
66 KB 260ms
98ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22405468785?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a37855ea33990c4331c2b05b0650c29780a1017c95e797617b9b6bf21355786

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o9svOQ1VAf5w8iliXUTUuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROI76-7xPociPd-vMR6FIiX3r_MuhaIiySusLYA8e2mK6yPgViIh-Pwt5_b2QQWbJ94glFJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxNDAwFDPwCS-wAAAIxtHcw"
content-security-policy: script-src 'report-sample' 'nonce-o9svOQ1VAf5w8iliXUTUuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 315 KB
104 KB 82ms
81ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JF7Y9R03YP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-163898725-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa9f6b58881941bb89050d8b3d2c27f9893911b81a8f4739dadb51ea96331df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 03 Oct 2024 11:08:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106843
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 213ms
59ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-163898725-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: gzip
age: 5923
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 09:30:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/9.6.3/ 50 KB
11 KB 163ms
65ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.6.3/firebase-app.js

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

7a931199a7636f282b78d5e1f32c849405a8223edf81542df7fa3852c545b49b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://samfw.com/

Response headers

content-encoding: gzip
age: 183020
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Wed, 01 Oct 2025 08:18:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:18:31 GMT
last-modified: Thu, 13 Jan 2022 23:09:55 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10846
x-xss-protection: 0
server: sffe

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/9.6.3/ 98 KB
18 KB 164ms
66ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.6.3/firebase-messaging.js

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

27fe14c1052c779159f67004401580b64274333cfcac43fd426e9049f291eb90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://samfw.com/

Response headers

content-encoding: gzip
age: 182623
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Wed, 01 Oct 2025 08:25:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:25:08 GMT
last-modified: Thu, 13 Jan 2022 23:10:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18242
x-xss-protection: 0
server: sffe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11479263759/ 5 KB
2 KB 216ms
82ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11479263759/?random=1727953731228&cv=11&fst=1727953731228&bg=ffffff&guid=ON&async=1&gtm=45be4a10za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fsamfw.com%2F&hn=www.googleadservices.com&frm=0&tiba=Samsung%20Firmware%20Download%20-%20Lastest%20official%20firmware%20update&npa=0&pscdl=noapi&auid=1327328940.1727953731&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11479263759

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

c71a7164d8482b943db03932827683cb8ca7055e634339a717940bed1b77e06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2334
date: Thu, 03 Oct 2024 11:08:51 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 11479263759
td.doubleclick.net/td/rul/ Frame 7324 0
0 222ms
80ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11479263759?random=1727953731228&cv=11&fst=1727953731228&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a10za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fsamfw.com%2F&hn=www.googleadservices.com&frm=0&tiba=Samsung%20Firmware%20Download%20-%20Lastest%20official%20firmware%20update&npa=0&pscdl=noapi&auid=1327328940.1727953731&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11479263759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 11:08:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ 1 KB
1 KB 284ms
115ms Fetch
application/json 104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a252cb1e19a26b01e3fadb4f8228ac9f6dcbbaeeffc41e53651a48e876dabdb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56OqGQf0KFfdJRz4VTBgknp1jIrUi%2FsNwk%2Fh8hphXOJZUNL%2BHkHC0nI%2FhgzZUmnT1auG3bJ7fkcIzkaw6lem9ecuyffHXFlQMUrXreMjQWzIN2r9G2thAAXniPyTl5yJckJqdj6g2caR"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a05dce05b09-VIE
expires: 0
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ 13 KB
3 KB 354ms
198ms Fetch
application/json 104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214433d4d49b5297ab0e1fcbb296dc3b6ef843b053c9d6100fa99435e1a68d2e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9krVk1D858I39e7lgEMwlame5FA6oYsTgUhDrNLvNoSnZvAHTs9vhs1%2BJlxNj5xM0c8XgVfVetqlOiYEs5NUatFlLiXcZIjYdadzej4ueGEBYczm8QqE3dpGtzKAs%2B4s2GFLt94QGdaj"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a05dcd85b09-VIE
expires: 0
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:51 GMT
x-prebid: pbs-go/0.259.0
content-type: application/json
vary: Origin
server: cloudflare

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
172 B 232ms
77ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:51 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
178 B 247ms
72ms Fetch 163.5.194.30
SECUREDSERVERS-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.30 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
x-nbr: 8
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:51 GMT
vary: origin, accept-encoding, Accept-Encoding
server: envoy

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 589 B
1 KB 303ms
151ms Fetch
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3171

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

bc3669e8a6af6c2c6dcdc38e114ddd31d19672e9cee2f0ba08727536aff33071

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.185; 185.204.1.185; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://samfw.com
an-x-request-uuid: 602c7560-4933-40aa-99fe-fbc909625e6c
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 03 Oct 2024 11:08:51 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx/1.23.4

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
781 B 349ms
96ms Fetch
application/json 3.124.64.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.27.0&referrer=https%3A%2F%2Fsamfw.com%2F&tmax=800

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3171

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.124.64.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-64-248.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin: https://samfw.com
x-auction-status: 29, 29, 29, 29, 29
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding

POST
H2 200 openrtb Show response
adx.adform.net/adx/ 12 KB
3 KB 244ms
98ms Fetch
application/json 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3171

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

676ff4e7daaba1957f7c5d4a5f5eac6eb91c9d522296ef6f8ef16298f6b7a831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: POST,OPTIONS
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: https://samfw.com
server: nginx

POST
H2 200 prebid Show response
mp.4dex.io/ 66 B
383 B 432ms
335ms Fetch
application/json 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9a593b2e053503a82ef0205edd928d632bbc1dc35c449e4e65d2d011b6482b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

x-version: 3.0.0-gcp-ams
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
x-err: Calling bidders. no bid responses
access-control-allow-credentials: true
via: 1.1 google
cf-ray: 8ccc7a056bbd8d8d-HEL
expires: 0
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
216 B 194ms
70ms Fetch 2a02:2638:3::39
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.27.0&cb=39765604888&lsavail=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3171

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:51 GMT
vary: Origin
server: Kestrel

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
290 B 162ms
66ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 162fbb544434e95e27bd345632426d982f2769f6bf9a5bd415dec7735ffc39bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

content-encoding: gzip
x-forwarded-for: 185.204.1.185
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://samfw.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: text/plain
vary: Origin

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 89ms
88ms Fetch
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JF7Y9R03YP&gtm=45je4a10v9108302557za200&_p=1727953730545&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=885069946.1727953731&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1727953731&sct=1&seg=0&dl=https%3A%2F%2Fsamfw.com%2F&dt=Samsung%20Firmware%20Download%20-%20Lastest%20official%20firmware%20update&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2349
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JF7Y9R03YP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://samfw.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
239 B 157ms
48ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
age: 0
cf-ray: 8ccc7a066b528d83-HEL
content-length: 3
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Mon, 01 Jan 2018 00:00:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ 61 KB
19 KB 155ms
57ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c06f0ff3bff18094a91fb345b425c2d6cbac9fb8ea56f6db2e879cd49fa36510

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

Access-Control-Expose-Headers
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"3bd20e5fbdd6d804d194856ed36c4ccb"
Age: 413726
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWO0fXdWeQDt%2B8rMlWwjwf9m1GfbOFdHASK2EmOhWasFVSrqJnoSc%2FpC8Kz3fr%2B2ISJJh0pAgI6ewFWQsgTOOXsfDwyCsM1rqC9Wf2jSvAcx4fnpt19QgfBRU0gbqn5SkTFHYoiL%2Bb2IgaCJ"}],"group":"cf-nel","max_age":604800}
Date: Thu, 03 Oct 2024 11:08:51 GMT
Content-Type: application/javascript
Last-Modified: Wed, 28 Aug 2024 15:06:29 GMT
Vary: Origin, Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 8ccc7a06598a8dc3-HEL
Access-Control-Allow-Origin: *
Server: cloudflare

GET
H2 200 b-904ac2d-717a3b2c.js Show response
tagan.adlightning.com/setupad-hai/ 67 KB
26 KB 79ms
63ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9914d1394f461493b222ec3fc32747d5c9f032fa832f6e5dbbb76cb148c9bb9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: gzip
etag: "d9f6df1bdc282b62847088124a5c5299"
x-amz-version-id: jdI3.9PKCCbQlwZseC7oCwoheiMfE8Xv
age: 1389800
x-cache: Hit from cloudfront
x-amz-cf-id: Jn2YnGPh0TesbNS7qMSJxeKR3j5nEcYtH1WMtsgZ3voKTSyFwXNFgw==
date: Tue, 17 Sep 2024 09:05:32 GMT
content-type: application/javascript
last-modified: Mon, 05 Feb 2024 15:56:08 GMT
cache-control: max-age=31536000
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 25901
x-amz-meta-git_commit: 904ac2d
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bl-d6d5511-6cbe2cb4.js Show response
tagan.adlightning.com/setupad-hai/ 179 KB
64 KB 122ms
106ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/bl-d6d5511-6cbe2cb4.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97e302decf02d2f85804708f5dab9a630d6844992f358e428671a45ce4075332

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: gzip
etag: "d7bc296cf4506e3f795ad518c64e1e86"
x-amz-version-id: Sox2bPYT8mkfGhOI460zapQ1ISM0YfKt
age: 162310
x-cache: Hit from cloudfront
x-amz-cf-id: 1dhbJCho2xP7R3oUsro-STqyGpDgApxF9oDmid-ahCUF9yJKx36-lw==
date: Tue, 01 Oct 2024 14:03:42 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 13:50:40 GMT
cache-control: max-age=31536000
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 65032
x-amz-meta-git_commit: d6d5511
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
281 B 247ms
84ms Fetch
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3171

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

61c3a8eb8880d786ec0c26b82638fb8e64bd6f47e93bfee58ca1df5e114e4923

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:50 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac Show response
config.aps.amazon-adsystem.com/configs/ 563 B
840 B 251ms
62ms Script
application/javascript 18.245.31.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-92.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: b27585c60427199e29cfb4dca14559e5b958174b7af6a78eef68d4dbfb282c52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: max-age=3600
age: 1930
via: 1.1 c63140c3859a31aa195816b9d66d1f2c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: LYBuBvVP8i97DU5uzXMntBIisfh8DEauQtqtZASQCgqcUKkEHIzKIw==
date: Thu, 03 Oct 2024 10:36:41 GMT
content-type: application/javascript
x-amz-cf-pop: FRA56-P8
server: CloudFront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 4 KB
4 KB 83ms
74ms XHR
application/json 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsamfw.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: max-age=21550, s-maxage=21600
age: 3524
access-control-allow-credentials: true
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
access-control-allow-origin: https://samfw.com
x-cache: Hit from cloudfront
content-length: 3623
x-amz-cf-id: 0DXXFikJG5w6_bV4jGVmX_CleHE0HI9acy4SvXyTjT8sYr9Xjklb7w==
date: Thu, 03 Oct 2024 10:10:06 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: FRA2-C1
server: Server

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
371 B 316ms
101ms XHR
text/javascript 13.33.173.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsamfw.com%2F&pid=SgpFbs9Tam0qU&cb=0&ws=1600x1200&v=24.827.1552&t=800&slots=%5B%7B%22sd%22%3A%22samfw.com_245x600_sidebar_desktop%22%2C%22s%22%3A%5B%22240x600%22%2C%22160x600%22%2C%22120x600%22%2C%22200x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_245x600_sidebar_desktop%22%7D%2C%7B%22sd%22%3A%22samfw.com_728x90_responsive_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_728x90_desktop_1%22%7D%2C%7B%22sd%22%3A%22samfw.com_1000x100_sticky_anchorad_responsive%22%2C%22s%22%3A%5B%221000x100%22%2C%22970x90%22%2C%22728x90%22%2C%22990x90%22%2C%22970x50%22%2C%22960x90%22%2C%22950x90%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_1000x100_sticky_anchorad_desktop%22%7D%2C%7B%22sd%22%3A%22samfw_com_160x600_siderbar_desktop_left%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_160x600_siderbar_desktop_left%22%7D%2C%7B%22sd%22%3A%22samfw_com_160x600_siderbar_desktop_right%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_160x600_siderbar_desktop_right%22%7D%5D&schain=1.0%2C1%21setupad.com%2C1065%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.173.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-173-196.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 e1af02661708034e962bd39b357a50aa.cloudfront.net (CloudFront)
access-control-allow-origin: https://samfw.com
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: GEIYyoKN-xvOMeGiyaEtx_k0Z3odgi0zR2JckpcqvA2DJh-0_Q-l-g==
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA60-P9
server: Server

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 224ms
71ms XHR
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 37320
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: TTbGj4md1yAo64uvlGw9WWU0sMMyZIX3Wk_fJ7IknNOcXuRiiDqIWg==
date: Thu, 03 Oct 2024 00:46:52 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
304 B 91ms
80ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1382285207&t=pageview&_s=1&dl=https%3A%2F%2Fsamfw.com%2F&ul=fi-fi&de=UTF-8&dt=Samsung%20Firmware%20Download%20-%20Lastest%20official%20firmware%20update&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1198340565&gjid=1766752248&cid=885069946.1727953731&tid=UA-163898725-1&_gid=1941988067.1727953732&_r=1&gtm=457e4a10za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&jsscut=1&z=1609994545

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://samfw.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 11:08:51 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://samfw.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 281ms
95ms Script
application/javascript 23.215.23.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.23.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-23-172.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "d734-5f2f3919e751f-gzip"
expires: Thu, 03 Oct 2024 11:23:51 GMT
accept-ranges: bytes
content-length: 17407
date: Thu, 03 Oct 2024 11:08:51 GMT
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 43 KB
13 KB 225ms
61ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"6016bf24a16f4d1d8384c5f7f11c49fb"
age: 21988
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: GJqZ_0vd2lYmYhAkHVlChy-xCByTSl8d62Z4AQZ3ZrA6Coxi0TqezA==
date: Thu, 03 Oct 2024 05:02:27 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 159ms
61ms Script
application/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsamfw.com%2F&ref=&_it=amazon&partner_id=533
Requested by: Host: samfw.com
URL: https://samfw.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: max-age=432000
content-encoding: br
cf-bgj: minify
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
age: 91
cf-cache-status: HIT
x-amz-request-id: 4GNTEWM5RE8S976C
cf-ray: 8ccc7a07eb264c80-HEL
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: application/javascript
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: 1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 98 KB
29 KB 159ms
62ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-amz-id-2: 2U4dYhkQ0dkJuLzM7K0vMurjGkMNQHqV8V3so+8P2smRp0Q82vUIB37u3i+rLP4zYCT8QMKMbhko9KSKtSlMfEOu0YfooBri
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"f24286e1b73c01841e789906d50ce23f"
age: 3497
x-amz-request-id: P9G61EFGKMNKS25Q
cf-ray: 8ccc7a07efb68d60-HEL
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 02 Oct 2024 12:26:13 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 277ms
91ms Script
application/javascript 23.215.23.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.23.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-23-172.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "38c0-5e92054540ea5-gzip"
expires: Thu, 03 Oct 2024 11:23:51 GMT
accept-ranges: bytes
content-length: 5252
date: Thu, 03 Oct 2024 11:08:51 GMT
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/ Frame 34E7 0
0 175ms
59ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 70145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Oct 2024 15:39:46 GMT
etag: 13108003645644964576
expires: Wed, 16 Oct 2024 15:39:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXMX-eTWQSOoF8WzQZvloLvlt0t6oXovZIGxEaPqMHhyoxAR80fA2pWyHxTSfT48LEqP_PcUd2RECuthME42VvvTqy2e3Hjy1xDj7cW-fiUxc7YLmEUSGFqcbW1gMbus_otP383CA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 99ms
78ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXMX-eTWQSOoF8WzQZvloLvlt0t6oXovZIGxEaPqMHhyoxAR80fA2pWyHxTSfT48LEqP_PcUd2RECuthME42VvvTqy2e3Hjy1xDj7cW-fiUxc7YLmEUSGFqcbW1gMbus_otP383CA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3OTUzNzMxLDgzODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zYW1mdy5jb20vIixudWxsLFtbOCwibzFQYVFncW1KN0EiXSxbOSwiZmkiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e444ce2bb5e9acbed7fbef1b108f6ccdc97a100a9e3a36397e317e0d5963536

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4prIAGhtcFy-103d87DUaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 11:08:51 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjamHU4pJicNOQYljEv4vpxK3bTBeA-LzTHabrQCzx9SWTFhA7pc9gDQHi1pvnWKcDcdK_86wlQOyudZHVH4gNFS6xOgOxY9ElVk8gVuu5xGoBxPfXXWJ9DsR7P15iPQrES-9fZl0LxEUSV1hbgPh20xXWx0AsxMNx-NvP7WwCDb_ObmRW0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjE0MDDUMzCJLzAAAM_OUV4"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4prIAGhtcFy-103d87DUaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 107ms
91ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=aside_left&cls=aside_left&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 03 Oct 2024 11:08:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4B2E 0
0 224ms
135ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1839315362497448&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1727953731&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsamfw.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727953730964&bpp=9&bdt=674&idt=365&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2980915087789&frm=20&pv=2&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95330278%2C95343454%2C31087565%2C95339678&oid=2&pvsid=951297560501306&tmod=1882632990&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=884

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://samfw.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 11:08:52 GMT
expires: Thu, 03 Oct 2024 11:08:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1F88 0
0 1064ms
984ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&abgtt=5&lmt=1727953731&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727953730964&bpp=3&bdt=675&idt=390&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2980915087789&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95330278%2C95343454%2C31087565%2C95339678&oid=2&pvsid=951297560501306&tmod=1882632990&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=895

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://samfw.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 11:08:52 GMT
expires: Thu, 03 Oct 2024 11:08:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 41DB 0
0 429ms
360ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1839315362497448&output=html&h=90&slotname=4246061066&adk=2985700671&adf=2272196671&pi=t.ma~as.4246061066&w=970&abgtt=5&lmt=1727953731&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727953730964&bpp=6&bdt=674&idt=396&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2980915087789&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95330278%2C95343454%2C31087565%2C95339678&oid=2&pvsid=951297560501306&tmod=1882632990&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=905

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://samfw.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 11:08:52 GMT
expires: Thu, 03 Oct 2024 11:08:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame D9D3 0
0 454ms
391ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1839315362497448&output=html&h=280&slotname=9436650906&adk=163764764&adf=1542529960&pi=t.ma~as.9436650906&w=1200&abgtt=5&fwrn=4&fwrnh=100&lmt=1727953731&rafmt=1&format=1200x280&url=https%3A%2F%2Fsamfw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727953730964&bpp=2&bdt=675&idt=464&shv=r20241001&mjsv=m202409260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C970x90%2C970x90&nras=1&correlator=2980915087789&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95330278%2C95343454%2C31087565%2C95339678&oid=2&pvsid=951297560501306&tmod=1882632990&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=916

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://samfw.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 11:08:52 GMT
expires: Thu, 03 Oct 2024 11:08:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame E962 0
0 203ms
65ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29417
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 10:51:28 GMT
expires: Thu, 03 Oct 2024 11:41:28 GMT
last-modified: Mon, 30 Sep 2024 19:42:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 239ms
76ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5e8020e3d61bfee03a48ca66498521053b0bdcc1a3d8791250ac9bf0f768cbf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"66d98e6d-a677"
cross-origin-resource-policy: cross-origin
expires: Fri, 04 Oct 2024 11:08:52 GMT
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:52 GMT
content-type: text/javascript
last-modified: Thu, 05 Sep 2024 10:56:45 GMT
server: nginx

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 242ms
55ms Script
text/javascript 2600:9000:2724:3a00:a:e047:754:afe1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:3a00:a:e047:754:afe1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-amz-version-id: 0u1R0tyw.MUCZY63NwBE.7D35dRY5mh8
ETag: "0537d8d06dd9dfbe911ad6bf6504f4bf"
Age: 38261
Connection: keep-alive
Via: 1.1 2ce23ed5e0f70e0006a9917211b6355c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 3181
X-Amz-Cf-Id: LQg2y8vyET-G7XfbFA9hzKw4vc0V0gO67vt_6L5EZWAHPNIcjXwzHA==
Date: Thu, 03 Oct 2024 00:31:12 GMT
Content-Type: text/javascript
Last-Modified: Wed, 31 Jul 2024 16:30:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P12
x-amz-server-side-encryption: AES256

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 71ms
69ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0996942afd9a0f201960aa9c55af925d0e2382b01e40bfdcdc7c1e4c7b5a089

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"4a385df4045c9db00ad295e7c0ca65d1"
age: 39597
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: -hDKr9z6srrd6UuDEn2eBsh6-C6Xw0rEZXGZlXvn10ri5gqJpRPENw==
date: Thu, 03 Oct 2024 00:10:12 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 124ms
41ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 890827
x-goog-stored-content-encoding: gzip
expires: Tue, 23 Sep 2025 03:41:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Mon, 23 Sep 2024 03:41:45 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AD-8ljuOpGwcQ2YNhQg7J92PUT9u-C8CVDlaCLCQftGcPAtzmLW69aHvEOh2RHG1AJ-kM-oCXIkzCLU0rw
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
7 KB 151ms
50ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66ce3644-43df"
age: 138332
cf-ray: 8ccc7a094bbe82ca-ARN
expires: Sun, 06 Oct 2024 11:08:52 GMT
date: Thu, 03 Oct 2024 11:08:52 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2024 20:25:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 238ms
86ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

etag: cd19e0900da0cdbc6697310fd9330fb6
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195
date: Thu, 03 Oct 2024 11:08:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
x-cloud-trace-context: ab2f4e49b57e8b1109c83c2c22c11d41

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 248ms
63ms Script
application/javascript 2600:9000:223c:2800:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:2800:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

56351c084d8d56437d41f1e58b7eb184b563871e88bab60f6b15486c39f13996

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

etag: "faa388a163b1b6d0377ee77a861591e5"
age: 391
x-cache: Hit from cloudfront
x-amz-cf-id: iXBcN6MTp6MtTikSuJC8n7CBRKb_o4lXIlBIeAvy3Mo8c5rIUQYrag==
date: Thu, 03 Oct 2024 11:02:22 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 18:18:45 GMT
x-amz-expiration: expiry-date="Mon, 23 Apr 2029 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
content-security-policy: default-src 'self'
cache-control: max-age=3600
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8729
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 /
www.google.com/pagead/1p-user-list/11479263759/ 42 B
64 B 243ms
78ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11479263759/?random=1727953731228&cv=11&fst=1727953200000&bg=ffffff&guid=ON&async=1&gtm=45be4a10za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fsamfw.com%2F&hn=www.googleadservices.com&frm=0&tiba=Samsung%20Firmware%20Download%20-%20Lastest%20official%20firmware%20update&npa=0&pscdl=noapi&auid=1327328940.1727953731&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfMD-shzHvLzOg0Loykor4SF2oQrK17A&random=3914440464&rmt_tld=0&ipr=y

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 03 Oct 2024 11:08:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.fi/pagead/1p-user-list/11479263759/ 42 B
455 B 244ms
79ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-user-list/11479263759/?random=1727953731228&cv=11&fst=1727953200000&bg=ffffff&guid=ON&async=1&gtm=45be4a10za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fsamfw.com%2F&hn=www.googleadservices.com&frm=0&tiba=Samsung%20Firmware%20Download%20-%20Lastest%20official%20firmware%20update&npa=0&pscdl=noapi&auid=1327328940.1727953731&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfMD-shzHvLzOg0Loykor4SF2oQrK17A&random=3914440464&rmt_tld=1&ipr=y

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 03 Oct 2024 11:08:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 cm
u.openx.net/w/1.0/ Frame CC25 0
0 186ms
71ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Thu, 03 Oct 2024 11:08:51 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK sync.html
s.adtelligent.com/ Frame 5E0A 0
0 256ms
60ms Document
text/html 2a01:4f8:272:4e01::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=848151
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:272:4e01::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Adtelligent /
Resource Hash

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://samfw.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 976
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Oct 2024 11:08:52 GMT
Permissions-Policy: browsing-topics=()
Server: Adtelligent
X-Robots-Tag: noindex

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 153 KB
20 KB 647ms
647ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=951297560501306&correlator=3006326770710359&eid=31079956%2C31086809&output=ldjh&gdfp_req=1&vrg=202409260101&ptt=17&impl=fifs&gdpr=0&iu_parts=147246189%3A22405468785%2Csamfw.com_1000x100_sticky_anchorad_desktop%2Csamfw.com_245x600_sidebar_desktop%2Csamfw.com_728x90_desktop_1%2Csamfw.com_160x600_siderbar_desktop_left%2Csamfw.com_160x600_siderbar_desktop_right%2Csamfw.com_interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=1000x100%7C970x90%7C728x90%7C990x90%7C970x50%7C960x90%7C950x90%7C980x90%2C240x600%7C160x600%7C120x600%7C200x600%2C728x90%7C468x60%2C160x600%7C120x600%2C160x600%7C120x600%2C1x1&ifi=5&didk=2621284534~120002008~1889860039~1474693115~1165795401~1075642638&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C0%2C0%2C8&fsapi=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1727953732631&lmt=1727953732&adxs=0%2C-9%2C-9%2C0%2C1440%2C-9&adys=4427%2C-9%2C-9%2C495%2C495%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1%7C-1%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsamfw.com%2F&vis=1&psz=1600x4427%7C0x-1%7C0x-1%7C160x-1%7C160x-1%7C0x-1&msz=1600x0%7C0x-1%7C0x-1%7C160x-1%7C160x-1%7C0x-1&fws=0%2C2%2C2%2C512%2C512%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&td=1&egid=26996&tan=d394eeaf-a640-4cfd-9f58-ed602fb45a89%2Cd394eeaf-a640-4cfd-9f58-ed602fb45a8a%2Cd394eeaf-a640-4cfd-9f58-ed602fb45a8b%2Cd394eeaf-a640-4cfd-9f58-ed602fb45a8c%2Cd394eeaf-a640-4cfd-9f58-ed602fb45a8d%2Cd394eeaf-a640-4cfd-9f58-ed602fb45a8e&tdf=2&topics=9&tps=9&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJGViNmU3YWQ5LWExMzEtNDJhZC1iNzYyLTlhM2M3ZDM5M2FkNlgBEhwKDWNyd2RjbnRybC5uZXQYzoLGkKUySABSAghkEhkKCnVpZGFwaS5jb20YzoLGkKUySABSAghkEhgKCXlhaG9vLmNvbRjOgsaQpTJIAFICCGQSFAoFb3BlbngYzoLGkKUySABSAghkEh0KDmVzcC5jcml0ZW8uY29tGM2CxpClMkgAUgIIZBIbCgwzM2Fjcm9zcy5jb20YzoLGkKUySABSAghkEhcKCHJ0YmhvdXNlGM6CxpClMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1727953730289&idt=794&prev_scp=pbsd%3D1%26amznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_adomain%3Dtonybet.com%26hb_source%3Ds2s%26hb_format%3Dbanner%26hb_adid%3D86ae32529b1600f%26hb_size%3D728x90%26hb_pb%3D0.82%26hb_bidder%3DadformS2S%7Cpbsd%3D1%26amznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_adomain%3Dtonybet.com%26hb_source%3Ds2s%26hb_format%3Dbanner%26hb_adid%3D855d861b50eaaae%26hb_size%3D160x600%26hb_pb%3D0.82%26hb_bidder%3DadformS2S%7Cpbsd%3D1%26amznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_adomain%3Dolybet.eu%26hb_source%3Ds2s%26hb_format%3Dbanner%26hb_adid%3D892fecdfcc8c703%26hb_size%3D728x90%26hb_pb%3D0.34%26hb_bidder%3DadformS2S%7Cpbsd%3D1%26amznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_adomain%3Dtonybet.com%26hb_source%3Ds2s%26hb_format%3Dbanner%26hb_adid%3D870e1461fb40a38%26hb_size%3D160x600%26hb_pb%3D1.04%26hb_bidder%3DadformS2S%7Cpbsd%3D1%26amznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_adomain%3Dtonybet.com%26hb_source%3Ds2s%26hb_format%3Dbanner%26hb_adid%3D88c7bee2cf31037%26hb_size%3D160x600%26hb_pb%3D1.04%26hb_bidder%3DadformS2S%7C&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=3976149839%2C2359364454%2C2457184617%2C673818581%2C2625510504%2C3662001625&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

0c1557e68e5f7f9371e83f7e8676994462c8c16a0631abca96d7f2c951d67fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: br
google-lineitem-id: 323982269,323982269,323975789,323983709,323983709,-2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138303033656,138302976978,138302976978,138303033641,138303033635,-2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://samfw.com
content-length: 20217
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
d0935063c26ce10cd8c11bf009516a4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5AA6 0
0 234ms
67ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d0935063c26ce10cd8c11bf009516a4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 11:08:52 GMT
expires: Thu, 03 Oct 2024 11:08:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/ 49 KB
15 KB 62ms
62ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

e67c2983ce9f0d72efa2023c2d0e5c15de736310798d5f57cd4414edfbcc5e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: br
etag: 15111768174442336325
age: 9109
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 08:37:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 03 Oct 2024 08:37:03 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 15642
x-xss-protection: 0
server: cafe

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 78ms
76ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3171

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"653b5c0e-1811e"
cross-origin-resource-policy: cross-origin
expires: Fri, 04 Oct 2024 11:08:52 GMT
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:52 GMT
content-type: text/javascript
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ 251 B
441 B 191ms
62ms Fetch
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3171

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a739c3875ed9dca18cba27f7e793228bd2308b6e231ae8166c51356114d63057

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:52 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 119 B
301 B 139ms
138ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=samfw.com&url=https://samfw.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsamfw.com%2F&ref=&_it=amazon&partner_id=533
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c72f3682c82db97d531cf0210890982f5a30a7f431c038be84d94ed24231931b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://samfw.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
debug: NON-OPTIONS
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
cf-ray: 8ccc7a0f18c48dad-HEL
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: authorization,content-type

GET
H3 200 AGSKWxXthkRfauGwjND6SVWs11qmb-7m9g_52Hm5evkQjQFfQl2kkW3V2eIj7d2oUtwlqLjPPXrn-ddR0xMx9aeIsqLjUdM-1SBnCBeuzDs-qogiH71MwFPv62WFQJqhXt6r7pBhKlp3Hg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 86ms
85ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXthkRfauGwjND6SVWs11qmb-7m9g_52Hm5evkQjQFfQl2kkW3V2eIj7d2oUtwlqLjPPXrn-ddR0xMx9aeIsqLjUdM-1SBnCBeuzDs-qogiH71MwFPv62WFQJqhXt6r7pBhKlp3Hg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3OTUzNzMyLDcyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vc2FtZncuY29tLyIsbnVsbCxbWzgsIm8xUGFRZ3FtSjdBIl0sWzksImZpIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

656f106ba76a453f5497ac7ca9d2b1b2f3e75af439feafcc57768ebd474b7d3c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AzR8PSA5rqYnfwIUCD9Jqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 11:08:52 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw0ZBiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B2JDhUusjiBcdInVE4hVey6xmgLx_XWXWJ8D8d6Pl1iPAvHS-5dZ1wJxkcQV1iYgvt10hfUxEAvxcBz59nM7m8CF6x8_MylpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoYGOoZmMQXGAAAYotLXw"
content-security-policy: script-src 'report-sample' 'nonce-AzR8PSA5rqYnfwIUCD9Jqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 235ms
136ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=samfw.com&url=https://samfw.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://samfw.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8ccc7a0e38168dad-HEL
content-length: 0
content-type: application/json
date: Thu, 03 Oct 2024 11:08:52 GMT
debug: OPTIONS block
expires: Fri, 03 Oct 2025 11:08:52 GMT
server: cloudflare

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 57ms
57ms Script
application/javascript 23.215.23.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.23.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-23-172.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "c4b6-5e920545406d3-gzip"
expires: Thu, 03 Oct 2024 11:23:52 GMT
accept-ranges: bytes
content-length: 17042
date: Thu, 03 Oct 2024 11:08:52 GMT
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 syncframe
gum.criteo.com/ Frame DA9B 0
0 198ms
63ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=samfw.com&gdpr=0&gdpr_consent=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 11:08:52 GMT
server: Kestrel
server-processing-duration-in-ticks: 359303
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
459 B 216ms
56ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: max-age=1800
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials: true
expires: Thu, 03 Oct 2024 11:38:53 GMT
access-control-allow-origin: https://samfw.com
content-length: 190
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: application/json
vary: Origin
server: nginx

GET
H2

200

setuid
prebid-stag.setupad.net/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D
https://prebid-stag.setupad.net/setuid?bidder=amx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=

86 B
553 B

100ms
100ms

Image
image/png

104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=amx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=
Requested by: Host: samfw.com
URL: https://samfw.com/
Protocol: H2
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LzRGqyojyNO0DTBG%2FEveVPOI9SdUjH2jWGZKe1ffNLPLK%2BGXZEN2TCFkU6zGvrCO5tsAY5pKGPQOtNNDZBCtIlZxvjlrXTSdg7JYmKYEm3GTWIWNDlTe%2Fw9jf4b9dsU5QGe86Iv0EG6h"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a0f5d315b09-VIE
expires: 0
content-length: 86
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: image/png
vary: Origin
server: cloudflare

Redirect headers

cache-control: max-age=0, private, must-revalidate
location: https://prebid-stag.setupad.net/setuid?bidder=amx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=
content-length: 0
date: Thu, 03 Oct 2024 11:08:52 GMT
x-envoy-upstream-service-time: 0
vary: accept-encoding
server: envoy

GET
H2

200

sync
eb2.3lift.com/ Frame 1808
Redirect Chain

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24...

0
0

57ms
56ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1072
content-type: text/html; charset=utf-8
date: Thu, 03 Oct 2024 11:08:53 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 03 Oct 2024 11:08:53 GMT
location: /sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 533 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 141ms
44ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/533?_it=amazon
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49ce84f5ee23974e99936864b11b17c6d911c882018d3df1c8a6c598e551b188

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 263
cross-origin-resource-policy: cross-origin
cf-ray: 8ccc7a109d81d995-HEL
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 10:59:43 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 91ms
91ms Script
application/javascript 23.215.23.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.23.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-23-172.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "394d0-60864a57eaadc-gzip"
expires: Thu, 03 Oct 2024 11:23:53 GMT
accept-ranges: bytes
content-length: 67550
date: Thu, 03 Oct 2024 11:08:53 GMT
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 bounce Show response
id5-sync.com/ 29 B
445 B 65ms
64ms Fetch
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://samfw.com
p3p: CP="CAO PSA OUR"
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: text/plain;charset=utf-8
vary: Origin

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
280 B 67ms
66ms Fetch
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a248065dae30f55ae236665bf3b2eff858f686c3ef42a73249c90fee5269dd19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:52 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 b-904ac2d-717a3b2c.js Show response
tagan.adlightning.com/setupad-hai/ Frame 6C0A 67 KB
0 0ms
0ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9914d1394f461493b222ec3fc32747d5c9f032fa832f6e5dbbb76cb148c9bb9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: gzip
etag: "d9f6df1bdc282b62847088124a5c5299"
x-amz-version-id: jdI3.9PKCCbQlwZseC7oCwoheiMfE8Xv
age: 1389800
x-cache: Hit from cloudfront
x-amz-cf-id: Jn2YnGPh0TesbNS7qMSJxeKR3j5nEcYtH1WMtsgZ3voKTSyFwXNFgw==
date: Tue, 17 Sep 2024 09:05:32 GMT
content-type: application/javascript
last-modified: Mon, 05 Feb 2024 15:56:08 GMT
cache-control: max-age=31536000
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 25901
x-amz-meta-git_commit: 904ac2d
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6C0A 206 KB
64 KB 62ms
62ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: br
etag: 7550679465687725357
age: 1973
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:36:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 03 Oct 2024 10:36:00 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=windows-1257
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65390
x-xss-protection: 0
server: cafe

GET
H2 200 b-904ac2d-717a3b2c.js Show response
tagan.adlightning.com/setupad-hai/ Frame 9B8B 67 KB
0 1ms
1ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9914d1394f461493b222ec3fc32747d5c9f032fa832f6e5dbbb76cb148c9bb9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: gzip
etag: "d9f6df1bdc282b62847088124a5c5299"
x-amz-version-id: jdI3.9PKCCbQlwZseC7oCwoheiMfE8Xv
age: 1389800
x-cache: Hit from cloudfront
x-amz-cf-id: Jn2YnGPh0TesbNS7qMSJxeKR3j5nEcYtH1WMtsgZ3voKTSyFwXNFgw==
date: Tue, 17 Sep 2024 09:05:32 GMT
content-type: application/javascript
last-modified: Mon, 05 Feb 2024 15:56:08 GMT
cache-control: max-age=31536000
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 25901
x-amz-meta-git_commit: 904ac2d
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9B8B 206 KB
0 46ms
46ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: br
etag: 7550679465687725357
age: 1973
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:36:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 03 Oct 2024 10:36:00 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=windows-1257
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65390
x-xss-protection: 0
server: cafe

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
241 B 193ms
62ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://samfw.com/

Response headers

cache-control: no-cache
content-encoding: gzip
pragma: no-cache
access-control-allow-methods: GET, POST
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
240 B 190ms
60ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://samfw.com/

Response headers

cache-control: no-cache
content-encoding: gzip
pragma: no-cache
access-control-allow-methods: GET, POST
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With

GET
H2 200 b-904ac2d-717a3b2c.js Show response
tagan.adlightning.com/setupad-hai/ Frame 685D 67 KB
0 0ms
0ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9914d1394f461493b222ec3fc32747d5c9f032fa832f6e5dbbb76cb148c9bb9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: gzip
etag: "d9f6df1bdc282b62847088124a5c5299"
x-amz-version-id: jdI3.9PKCCbQlwZseC7oCwoheiMfE8Xv
age: 1389800
x-cache: Hit from cloudfront
x-amz-cf-id: Jn2YnGPh0TesbNS7qMSJxeKR3j5nEcYtH1WMtsgZ3voKTSyFwXNFgw==
date: Tue, 17 Sep 2024 09:05:32 GMT
content-type: application/javascript
last-modified: Mon, 05 Feb 2024 15:56:08 GMT
cache-control: max-age=31536000
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 25901
x-amz-meta-git_commit: 904ac2d
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 685D 206 KB
0 23ms
23ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: br
etag: 7550679465687725357
age: 1973
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:36:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 03 Oct 2024 10:36:00 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=windows-1257
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65390
x-xss-protection: 0
server: cafe

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
240 B 172ms
60ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://samfw.com/

Response headers

cache-control: no-cache
content-encoding: gzip
pragma: no-cache
access-control-allow-methods: GET, POST
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6C0A 0
0 98ms
96ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspevLXxBw85M0X6xfN_yEsnSs_fx5Tjc2sLRTRdaEVWWvVipTRfSgYpuxksuwiDPutYCUCQQRznGcyqHqNPXfT4ULn87sluSS9eUE_HQmPD9I7TesoFHwR_Ka1ekhkXPpU5BRGcI5c_eI_EY7mkE7BBPm_hq_Qtcvvxu7JPpmtvOENPOdM_B8sV5mbLz8f6fO6Ky9QIDItt_o7WNTkAGZyK1itBWimamy_3mHowHgadCz4cTdVaYO96c4CDg44YCeRJvt0KNilvclOBQZYofPbvXtSfPN7m9xwAshgt151T0U0uwzAkqPp2Ri-e1ohs2jW2UYqAJGeee57kSdD3PwPLU9ew6RWnU2yseTFPZI6FlkiVP3cBDxdIL-JfknKKxSubD6XdCaQJmhGxwNVZwnCasx8IMk0Kr0RB4AC4gxhDheR0CXb686-JmlC9i607EgtSzISgg&sai=AMfl-YSsFJzdJ_n9X2-LO3TYowEk8Lq68Y6_FYzSqkwLFUdOHdTdqTXeDJWAdblZbbfQhMNkryblL1ex06D7_FyA5As-UgMna4aBE3sz3p8FtbFv9hKqlZ7hSdHcRd0&sig=Cg0ArKJSzOiYPbwNR_r1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 03 Oct 2024 11:08:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 6C0A 2 KB
2 KB 64ms
46ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=68853970;rtbwp=W-A1gQ1UOpLzX2bEKjM8oqzboUFQG3yp0;rtbdata=UZSwcrEA-zlUUExwa27HXwR7P4xcQzglTsg9OeqLdd5wkHceuccgKHjvvwShfvzmy-j28otgKK43avrN8kWK4sjZsfleOWuS7mh-d4iWwmwF1E1jzCTIE8GxflpxFYP1RJwFcjGV3wF1wmY87o9h5SnuGV7LeIvs7U5JqzacAoY4DoRWWrhyHtWgeV0YuOs_O0aKMIdnjK7oiqzmaa5sDgi66w45a2WcXTSDRoTpQ_LXVeRygR7ZPeyk21BazGM4_-lLLx95zc3UY-n4pNyCIVfjahYyJV3tAtGSkEt3T4-x0ZryP3JDpYJ6wqKerBtR0;csid=60972;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=bZ5LM0N6LcmKovA2kn69IkVWzzO6HVqLxiwDhr7WBfCQR2bO9G_8V5G4dWAZeGGw21STnirM7ec9jYIL0kNpjUamUfsu_iZqBQcCxbrcrXrm4Gd2nrVp3_C-VuwEip4Pq1T1yO_xmR-NYx3qqPi8RaVZ98Mnd060GOA52nm7p1J5M6PTEZlQl0xFj9hnTxEg6r1TK497azX9RgtC1t5aX3W8_6Vvtj6SNSIXWPuy9hFvZPep-2_a3urVH69VHWtZhSRPiY8YRlhapv2sGg_cSS4krwTpdvFJgwkJTlIOwVbSR5wpPCEfzOrVH69VHWtZREVlfL0lY7cJ7adne_h1xWGwPMda5NVjb2T3qftv2t40w_RbyZMM1wGgKQKrE1Vt4_CWSUxd3cKaCOL5JH0wxIaD7LN6gnSkxaMB7E3Is5U1;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEBaW0JqdvMMhTWyyOws7vjVMcJ0PGxqcE0-LfVSiFEwc8NNB0-1E5SN6vWmW1dlSa0;

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

924aa278cd49a1313b8ce02036da16817df6af6e872e6a4c53dcb640b064503e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: -1
access-control-allow-origin: *
content-length: 1518
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 6C0A 61 KB
26 KB 181ms
46ms Script
application/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d854204ecb4a25e674c839da7e4cf1cf9919eee0e2ea757204c8507b9951fd2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"c76783d3ccb9fea77db45d3144fba1cc"
x-amz-request-id: tx00000a3ef2422c2a0ced0-0066c34aaf-32998a6b-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:53 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Wed, 21 Feb 2024 07:50:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B8B 0
0 108ms
108ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3GMtB5JLP2B34T0aZewkgH8kayGiWCAsVknHdGqkZIUfbvgpIaYeIWp_SF6ZNV0lWF2kIVXv3LMyK0sbwSFwHrqKFSTedZMh4NGJVujPSyMatlLYcKfOlOoOzKQpgox8P-I-87jxWnTR4isGTqvtgm7FGjTD5blRWyaZarQjABRgLMOuLvcwlBqScrRJ5zUxad_XBBzIZXVuyCnyUC4GVAj4AjjLMsU9-vnEbN8Rz6z6Ij3NB4X3zqe2WtcHRKUCpxGn2ZmlrVNkA6ckyXSdOhJqQrTWD2dIE2N0YHcwImyY3nP3FnPYJ_rKZljDIsUvynKmu9lIJKTbS1HGOMmvR_5BGZQYcqZACh7JMhRDElffr80xo2_VervQN1-B848ZXc1U-ZKwaqcQg73-8njkSR1Px-X278jzkaQnEc9S6j5x_hGqLT6ZDIP2tuquSJ8W65OOrO_I&sai=AMfl-YQwIF0fph0cu94Dta893gH1PC84ONyAz0cNsLKONIgRP-rAgjc_OS7gndljvVyngypdJuFjpUPrQASa0cv5S8MGqUoQ_PA99IKSM2_UsHFKcD2HfD7Z3kKyjkI&sig=Cg0ArKJSzNpA_w8VzJCEEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 03 Oct 2024 11:08:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 9B8B 2 KB
2 KB 55ms
55ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=68853970;rtbwp=W-A1gQ1UOpLzX2bEKjM8oqzboUFQG3yp0;rtbdata=UZSwcrEA-zlUUExwa27HXwR7P4xcQzglTsg9OeqLdd5wkHceuccgKI3RWQmeHCKjEgSe11q746lJ5Xa2QWpDE1bavN6C5_uMxABAxpyV1dIF1E1jzCTIE8GxflpxFYP1RJwFcjGV3wF1wmY87o9h5SnuGV7LeIvs7U5JqzacAoY4DoRWWrhyHg6SzAJzO7h_O0aKMIdnjK7oiqzmaa5sDgi66w45a2WcXTSDRoTpQ_LXVeRygR7ZPeyk21BazGM4_-lLLx95zc3UY-n4pNyCIVfjahYyJV3tAtGSkEt3T4-x0ZryP3JDpYJ6wqKerBtR0;csid=60972;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=bZ5LM0N6LcmKovA2kn69IkVWzzO6HVqLxiwDhr7WBfCQR2bO9G_8V5G4dWAZeGGw21STnirM7ec9jYIL0kNpjUamUfsu_iZqBQcCxbrcrXrm4Gd2nrVp3zKHgwaPdeK11lYk6w27rNd3uCz7tGg-SUUYYsGb7iOFETzwvaENhWWy87Y39yINYUxFj9hnTxEg6r1TK497azX9RgtC1t5aX3W8_6Vvtj6SNSIXWPuy9hFvZPep-2_a3urVH69VHWtZhSRPiY8YRlhapv2sGg_cSS4krwTpdvFJgwkJTlIOwVbSR5wpPCEfzOrVH69VHWtZREVlfL0lY7cJ7adne_h1xWGwPMda5NVjb2T3qftv2t40w_RbyZMM1wGgKQKrE1Vt4_CWSUxd3cKaCOL5JH0wxIaD7LN6gnSkxaMB7E3Is5U1;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEBaW0JqdvMMhTWyyOws7vjVMcJ0PGxqcE0-LfVSiFEwc8NNB0-1E5SN6vWmW1dlSa0;

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a2e2920edac4888c304afe7d7775f91d0862f41761b06af92c18943a5ee15fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: -1
access-control-allow-origin: *
content-length: 1514
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 9B8B 61 KB
0 79ms
79ms Script
application/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d854204ecb4a25e674c839da7e4cf1cf9919eee0e2ea757204c8507b9951fd2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"c76783d3ccb9fea77db45d3144fba1cc"
x-amz-request-id: tx00000a3ef2422c2a0ced0-0066c34aaf-32998a6b-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:53 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Wed, 21 Feb 2024 07:50:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 685D 0
0 95ms
95ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQY0qYSASYjpczFA7mVPfrxGZ06CEWIj_XdP3uGDQur0vQ7K6wzCqWq8URCG0dmq_u7jE48ec22aI92S2Es2AthKaQ6ajCJ5vUZLfxYK_gfaEWON-WORWW-v6ecjCyOk63yLycyZ7h43GmmGWuWlK3fU5UxfLNRNsAd2Whby9tEHBTKaYMxnkQDhjTL5pynYtrYCeW5BxjdEvSsJsuuTE4GvtYlzvu_22ZomC85wp62l0PDD5FPf2CC7xFcz_TQerH0BA3Rz4zfXUcy4Y9LwrOa4IKiU9yt9AcFZ4WP044B9TTMFSaSm4ojUmdbmCTC0Ijatxq6Zh_2aXMUcuvaHUdnaTbwa2bFOnZjlLJrxwultVAUQVKF8ADdSqZbZNWwUTbrOteCfBNzvMiE5iAC6UTcceavXjLmWPTd2eh0xLN21O2B5LA2ip8OLiYT2DFj1qa6r0LPcDw7A&sai=AMfl-YTYkYHBP692fv8uRdhp-vzt0EJtgPzka1r2KFKEgabH8Lb4TmNx6pInAE6ua7PDmfA4TCNws9MId-OfJriUoS-M3XfgSeh2T9FUd06aoyaClI4wOBR6tqKnftw&sig=Cg0ArKJSzKR61Ei1Hk8SEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 03 Oct 2024 11:08:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 685D 2 KB
2 KB 50ms
49ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=68853971;rtbwp=vYcdZ7sdoPBusN6FuI1hLPCj2Y0s6mpb0;rtbdata=UZSwcrEA-zlUUExwa27HXwR7P4xcQzglTsg9OeqLdd5wkHceuccgKEhbSG7tzHq_WL9AFM5gjStTj-rBdyJstVuLyRCqCGlWZzkjGIILGUIF1E1jzCTIE8GxflpxFYP1RJwFcjGV3wF1wmY87o9h5SnuGV7LeIvs7U5JqzacAoY4DoRWWrhyHtWgeV0YuOs_O0aKMIdnjK4GyIIqRNXgIQi66w45a2WcXTSDRoTpQ_LXVeRygR7ZPeyk21BazGM4_-lLLx95zc3UY-n4pNyCIVfjahYyJV3tAtGSkEt3T4-x0ZryP3JDpYJ6wqKerBtR0;csid=60970;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=bZ5LM0N6LckqHMLsI0XOHSwlvCEKZ_h6RIWxhjLXP4m_rg3XcUPkupT7WXJg35mTwj3cdub5AxPd4SfRj-orjOKvS_XcjtKjgHZGMkiP8SSwgnSEQkwrgJJpsAGI7cEJWL9AFM5gjStTj-rBdyJstVuLyRCqCGlWcQJTu6gA2T7MKTGE3iBDkug3j6Zd34QYBdtwXAphFRYUYJPcf2WLum9k96n7b9reImKpzx2E7nZ6-nlK8k0kIM651OhNuGQTVCjU4iHxIrrj8JZJTF3dwsluPPQNf6Dm0nD0-RHawcJK578CFesXj8651OhNuGQT_sZedlFf5IzJGbRLITRFX8TuXZQVD5H0evp5SvJNJCCniQvpFE1WiRftUGcDPfQ_OR0-U9ecpzr1k97N1bT1sZt8XrTQLxMskqcgAIH_8co1;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEBaW0JqdvMMhTWyyOws7vjVMcJ0PGxqcE0-LfVSiFEwc8NNB0-1E5SN6vWmW1dlSa0;

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cd9446e12334a3051376dff3ff0d6d8bf510694251743be515be632ba1e981ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: -1
access-control-allow-origin: *
content-length: 1491
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 685D 61 KB
0 0ms
0ms Script
application/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d854204ecb4a25e674c839da7e4cf1cf9919eee0e2ea757204c8507b9951fd2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"c76783d3ccb9fea77db45d3144fba1cc"
x-amz-request-id: tx00000a3ef2422c2a0ced0-0066c34aaf-32998a6b-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:53 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Wed, 21 Feb 2024 07:50:31 GMT

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
508 B 63ms
62ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

c278b5b684e1cc5c7bf60e2f2dc781ca7692a92dd3a95800496a6b8b7a3cb94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true

GET
H2 200 bootstrap.js Show response
s1.adform.net/mink/632/s1.adform.net/ Frame 6C0A 38 KB
17 KB 55ms
54ms Script
text/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bdfa942f4824880db1808b4fb9b70fb2f308e97f7855b0ec621a1cbb90bb06a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=100000
content-encoding: gzip
expires: Fri, 04 Oct 2024 14:30:11 GMT
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: text/javascript
vary: Accept-Encoding
server: nginx
last-modified: Thu, 18 Jul 2024 05:44:08 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/mink/632/s1.adform.net/ Frame 9B8B 38 KB
0 51ms
51ms Script
text/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bdfa942f4824880db1808b4fb9b70fb2f308e97f7855b0ec621a1cbb90bb06a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=100000
content-encoding: gzip
expires: Fri, 04 Oct 2024 14:30:11 GMT
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: text/javascript
vary: Accept-Encoding
server: nginx
last-modified: Thu, 18 Jul 2024 05:44:08 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/mink/632/s1.adform.net/ Frame 685D 38 KB
0 23ms
23ms Script
text/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bdfa942f4824880db1808b4fb9b70fb2f308e97f7855b0ec621a1cbb90bb06a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=100000
content-encoding: gzip
expires: Fri, 04 Oct 2024 14:30:11 GMT
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:53 GMT
content-type: text/javascript
vary: Accept-Encoding
server: nginx
last-modified: Thu, 18 Jul 2024 05:44:08 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 6C0A 7 KB
5 KB 47ms
46ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=68853970;rtbwp=W-A1gQ1UOpLzX2bEKjM8oqzboUFQG3yp0;rtbdata=UZSwcrEA-zlUUExwa27HXwR7P4xcQzglTsg9OeqLdd5wkHceuccgKHjvvwShfvzmy-j28otgKK43avrN8kWK4sjZsfleOWuS7mh-d4iWwmwF1E1jzCTIE8GxflpxFYP1RJwFcjGV3wF1wmY87o9h5SnuGV7LeIvs7U5JqzacAoY4DoRWWrhyHtWgeV0YuOs_O0aKMIdnjK7oiqzmaa5sDgi66w45a2WcXTSDRoTpQ_LXVeRygR7ZPeyk21BazGM4_-lLLx95zc3UY-n4pNyCIVfjahYyJV3tAtGSkEt3T4-x0ZryP3JDpYJ6wqKerBtR0;csid=60972;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=bZ5LM0N6LcmKovA2kn69IkVWzzO6HVqLxiwDhr7WBfCQR2bO9G_8V5G4dWAZeGGw21STnirM7ec9jYIL0kNpjUamUfsu_iZqBQcCxbrcrXrm4Gd2nrVp3_C-VuwEip4Pq1T1yO_xmR-NYx3qqPi8RaVZ98Mnd060GOA52nm7p1J5M6PTEZlQl0xFj9hnTxEg6r1TK497azX9RgtC1t5aX3W8_6Vvtj6SNSIXWPuy9hFvZPep-2_a3urVH69VHWtZhSRPiY8YRlhapv2sGg_cSS4krwTpdvFJgwkJTlIOwVbSR5wpPCEfzOrVH69VHWtZREVlfL0lY7cJ7adne_h1xWGwPMda5NVjb2T3qftv2t40w_RbyZMM1wGgKQKrE1Vt4_CWSUxd3cKaCOL5JH0wxIaD7LN6gnSkxaMB7E3Is5U1;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEBaW0JqdvMMhTWyyOws7vjVMcJ0PGxqcE0-LfVSiFEwc8NNB0-1E5SN6vWmW1dlSa0;;json=1;js=1;adfxid=1x;5127;set=fi-FI|fi-FI|1600X1200||150|600|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fsamfw.com%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5f20a0baae01ee5b3cf1cdeb17c9558e0238c290e7f6d07af738b56bdc49ab56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: -1
access-control-allow-origin: *
content-length: 4002
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 685D 7 KB
5 KB 47ms
47ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=68853971;rtbwp=vYcdZ7sdoPBusN6FuI1hLPCj2Y0s6mpb0;rtbdata=UZSwcrEA-zlUUExwa27HXwR7P4xcQzglTsg9OeqLdd5wkHceuccgKEhbSG7tzHq_WL9AFM5gjStTj-rBdyJstVuLyRCqCGlWZzkjGIILGUIF1E1jzCTIE8GxflpxFYP1RJwFcjGV3wF1wmY87o9h5SnuGV7LeIvs7U5JqzacAoY4DoRWWrhyHtWgeV0YuOs_O0aKMIdnjK4GyIIqRNXgIQi66w45a2WcXTSDRoTpQ_LXVeRygR7ZPeyk21BazGM4_-lLLx95zc3UY-n4pNyCIVfjahYyJV3tAtGSkEt3T4-x0ZryP3JDpYJ6wqKerBtR0;csid=60970;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=bZ5LM0N6LckqHMLsI0XOHSwlvCEKZ_h6RIWxhjLXP4m_rg3XcUPkupT7WXJg35mTwj3cdub5AxPd4SfRj-orjOKvS_XcjtKjgHZGMkiP8SSwgnSEQkwrgJJpsAGI7cEJWL9AFM5gjStTj-rBdyJstVuLyRCqCGlWcQJTu6gA2T7MKTGE3iBDkug3j6Zd34QYBdtwXAphFRYUYJPcf2WLum9k96n7b9reImKpzx2E7nZ6-nlK8k0kIM651OhNuGQTVCjU4iHxIrrj8JZJTF3dwsluPPQNf6Dm0nD0-RHawcJK578CFesXj8651OhNuGQT_sZedlFf5IzJGbRLITRFX8TuXZQVD5H0evp5SvJNJCCniQvpFE1WiRftUGcDPfQ_OR0-U9ecpzr1k97N1bT1sZt8XrTQLxMskqcgAIH_8co1;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEBaW0JqdvMMhTWyyOws7vjVMcJ0PGxqcE0-LfVSiFEwc8NNB0-1E5SN6vWmW1dlSa0;;json=1;js=1;adfxid=2x;1935;set=fi-FI|fi-FI|1600X1200||750|100|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fsamfw.com%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

920a8254dfcba550c44cf1d92d88e11f43b7f2d236662d09df3fb480e1cfa234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: -1
access-control-allow-origin: *
content-length: 3984
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 9B8B 7 KB
5 KB 85ms
84ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=68853970;rtbwp=W-A1gQ1UOpLzX2bEKjM8oqzboUFQG3yp0;rtbdata=UZSwcrEA-zlUUExwa27HXwR7P4xcQzglTsg9OeqLdd5wkHceuccgKI3RWQmeHCKjEgSe11q746lJ5Xa2QWpDE1bavN6C5_uMxABAxpyV1dIF1E1jzCTIE8GxflpxFYP1RJwFcjGV3wF1wmY87o9h5SnuGV7LeIvs7U5JqzacAoY4DoRWWrhyHg6SzAJzO7h_O0aKMIdnjK7oiqzmaa5sDgi66w45a2WcXTSDRoTpQ_LXVeRygR7ZPeyk21BazGM4_-lLLx95zc3UY-n4pNyCIVfjahYyJV3tAtGSkEt3T4-x0ZryP3JDpYJ6wqKerBtR0;csid=60972;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=bZ5LM0N6LcmKovA2kn69IkVWzzO6HVqLxiwDhr7WBfCQR2bO9G_8V5G4dWAZeGGw21STnirM7ec9jYIL0kNpjUamUfsu_iZqBQcCxbrcrXrm4Gd2nrVp3zKHgwaPdeK11lYk6w27rNd3uCz7tGg-SUUYYsGb7iOFETzwvaENhWWy87Y39yINYUxFj9hnTxEg6r1TK497azX9RgtC1t5aX3W8_6Vvtj6SNSIXWPuy9hFvZPep-2_a3urVH69VHWtZhSRPiY8YRlhapv2sGg_cSS4krwTpdvFJgwkJTlIOwVbSR5wpPCEfzOrVH69VHWtZREVlfL0lY7cJ7adne_h1xWGwPMda5NVjb2T3qftv2t40w_RbyZMM1wGgKQKrE1Vt4_CWSUxd3cKaCOL5JH0wxIaD7LN6gnSkxaMB7E3Is5U1;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEBaW0JqdvMMhTWyyOws7vjVMcJ0PGxqcE0-LfVSiFEwc8NNB0-1E5SN6vWmW1dlSa0;;json=1;js=1;adfxid=3x;5576;set=fi-FI|fi-FI|1600X1200||150|600|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fsamfw.com%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f07e0d72273195cd4e15515817290ea974c1984b67b086883471c1f5e1b40f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: -1
access-control-allow-origin: *
content-length: 4014
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
DATA 200
OK truncated
/ Frame 6C0A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6274f5fdbf0dddd7cbfbc09f3445aa206a68cdf005618c5de76ccc64d32d3658

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6C0A 0
0 213ms
95ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvReRD9lFGijWMofC-jQw5mgIV_-8ZiJY_kFhwrPRtnbo-Q582_D3faY_-qNqu5wPQRtAfuX8kVa3__XUmDl3BcVQOxCsYY54G2PkzVb0P7VYVidsr4VzkrxemvZElHkhC8svmaue91tKWlgkpQpLbaUTCI2HsQiHVdggvAZMg3KF1CPXpoRjQL2EQ_AJ1IoJVSNErnL2C92l5PO97wJ29Yau5WMb3T4Jx3ZYBOJzylSqylFZ3Sh0DZbMRkvwJEYsAtCESje6BK1R7Y0f3nQ9HOxqr0gYz9tb3AcZVSsSRm8GMzhboVwdbGwZ4t44PfyVNqWhv6DK7sVyamKmauvRnJPrrkZZN6XcQTgYW0sGB-kocolP8QovOIMLN3yOV1Fgyjz81QNYVK3L3mp8ofItIm75dlI67Kb8s4mGwByHZIW0dNYZ6jz8YSJq4oHAmN2b8_oSCYFw7y&sai=AMfl-YT1bbU-m5wz-x-SXIV8K3Q_DCQlHdJ3KcITkcHid3w0blx9bq5592soLt-vIev9n9Ujomf-_48Xigb3X-5xpGfHwX5ZY6aDgqo9A1YIKSrCVuDgtRx-H4ysukc&sig=Cg0ArKJSzHFo1hTCKMP4EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:08:54 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 03 Oct 2024 11:08:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 6C0A 0
418 B 315ms
164ms Ping
image/gif 18.66.102.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=eyJzaXRlSWQiOiJzZXR1cGFkLWhhaSIsInVybCI6Imh0dHBzOi8vc2FtZncuY29tLyIsImFkVW5pdCI6Ii8xNDcyNDYxODksMjI0MDU0Njg3ODUvc2FtZncuY29tXzE2MHg2MDBfc2lkZXJiYXJfZGVza3RvcF9sZWZ0XzAiLCJhZFNlcnZlckRldGFpbHMiOnsiYWR2ZXJ0aXNlcklkIjoiMTEwMDIzNTg5IiwiY2FtcGFpZ25JZCI6IjU4MzYxMjgyOSIsImNyZWF0aXZlSWQiOiIxMzgzMDMwMzM2NDEiLCJsaW5laXRlbUlkIjoiMzIzOTgzNzA5IiwiYWRTZXJ2ZXIiOiJkZnAiLCJwcmViaWRDcmVhdGl2ZUlkIjoiNjg4NTM5NzAiLCJwcmViaWRCaWRkZXIiOiJhZGZvcm1TMlMiLCJwcmViaWQiOjF9LCJ3aWR0aCI6MTYwLCJoZWlnaHQiOjYwMCwid3YiOiIxLjAuMCs5MDRhYzJkIiwiYnYiOiJibC1kNmQ1NTExLTZjYmUyY2I0O2ItOTA0YWMyZC03MTdhM2IyYyIsIm1ldGEiOnsiYmxvY2tlZEluZm8iOnsicmVmcmVzaGVkQ291bnQiOjAsImJsb2NrZWRDb3VudCI6MCwiaGVhdnlBZEJsb2NrZWRDb3VudCI6MCwiaGVhdnlBZFJlZnJlc2hlZENvdW50IjowfSwicGxSYXRpbyI6MC4wMX0sInRhZ01hcmt1cCI6IjxodG1sPjwhLS1DcmVhdGl2ZSA2ODg1Mzk3MCBzZXJ2ZWQgYnkgYWRmb3JtUzJTIFByZWJpZC5qcyBIZWFkZXIgQmlkZGluZy0tPjxoZWFkPjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vc2V0dXBhZC1oYWkvYi05MDRhYzJkLTcxN2EzYjJjLmpzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PjxzY3JpcHQ%2Bd2luZG93W1wiOTk3MDM5NjBfc2V0dXBhZC1oYWlcIl0gPSB3aW5kb3dbXCI5OTcwMzk2MF9zZXR1cGFkLWhhaVwiXSB8fCB7fTt3aW5kb3dbXCI5OTcwMzk2MF9zZXR1cGFkLWhhaVwiXS50YWdEZXRhaWxzID0gd2luZG93W1wiOTk3MDM5NjBfc2V0dXBhZC1oYWlcIl0udGFnRGV0YWlscyB8fCB7XCJzaXRlSWRcIjpcInNldHVwYWQtaGFpXCIsXCJ3dlwiOlwiMS4wLjArOTA0YWMyZFwiLFwiYmx2XCI6XCJibC1kNmQ1NTExLTZjYmUyY2I0XCIsXCJidlwiOlwiYi05MDRhYzJkLTcxN2EzYjJjXCIsXCJ0b3BEb21haW5cIjpcImh0dHBzOi8vc2FtZncuY29tL1wiLFwiY3VycmVudFRhZ0lkXCI6XCJhZGx0YWdfbTF0NzFkcnRfaGtHcmJWZHJaMzVcIixcImF1XCI6XCIvMTQ3MjQ2MTg5LDIyNDA1NDY4Nzg1L3NhbWZ3LmNvbV8xNjB4NjAwX3NpZGVyYmFyX2Rlc2t0b3BfbGVmdF8wXCIsXCJzbG90RWxlbWVudElkXCI6XCJzYW1md19jb21fMTYweDYwMF9zaWRlcmJhcl9kZXNrdG9wX2xlZnRcIixcInJlZnJlc2hlc1JlbWFpbmluZ1wiOjIsXCJibG9ja2VkQ291bnRcIjowLFwiaGVhdnlBZFJlZnJlc2hlc1JlbWFpbmluZ1wiOjIsXCJoZWF2eUFkQmxvY2tlZENvdW50XCI6MCxcImFkU2VydmVyRGV0YWlsc1wiOntcImFkdmVydGlzZXJJZFwiOlwiMTEwMDIzNTg5XCIsXCJjYW1wYWlnbklkXCI6XCI1ODM2MTI4MjlcIixcImNyZWF0aXZlSWRcIjpcIjEzODMwMzAzMzY0MVwiLFwibGluZWl0ZW1JZFwiOlwiMzIzOTgzNzA5XCIsXCJhZFNlcnZlclwiOlwiZGZwXCJ9LFwid1wiOjE2MCxcImhcIjo2MDB9O3dpbmRvdy5ibG9ja2VyICYmIGJsb2NrZXIoXCI5OTcwMzk2MF9zZXR1cGFkLWhhaVwiLCBcIjwhLS1BRExfV1JBUFBFRC0tPlwiLCBmYWxzZSwgd2luZG93LCB7fSk7PC9zY3JpcHQ%2BPHNjcmlwdD52YXIgaW5EYXBJRj10cnVlLGluR3B0SUY9dHJ1ZTs8L3NjcmlwdD48bWV0YSBodHRwLWVxdWl2PVwib3JpZ2luLXRyaWFsXCIgY29udGVudD1cIkF4amhSYWRMQ0FSWVJKYXdSak1qcTRVOFY4b2tRdlNuckJJSldkTWFqdUVrTjMvRGZWQWNMY0ZoTVZyVVduT1hhZ3dsSThkUUQ4NEZ3SkRHajlvaHFBWUFBQUJ2ZXlKdmNtbG5hVzRpT2lKb2RIUndjem92TDJkdmIyZHNaV0ZrYzJWeWRtbGpaWE11WTI5dE9qUTBNeUlzSW1abFlYUjFjbVVpT2lKR1pYUmphRXhoZEdWeVFWQkpJaXdpWlhod2FYSjVJam94TnpJMU5EQTNPVGs1TENKcGMxUm9hWEprVUdGeWRIa2lPblJ5ZFdWOVwiPjxtZXRhIGh0dHAtZXF1aXY9XCJvcmlnaW4tdHJpYWxcIiBjb250ZW50PVwiQXhqaFJhZExDQVJZUkphd1JqTWpxNFU4Vjhva1F2U25yQklKV2RNYWp1RWtOMy9EZlZBY0xjRmhNVnJVV25PWGFnd2xJOGRRRDg0RndKREdqOW9ocUFZQUFBQnZleUp2Y21sbmFXNGlPaUpvZEhSd2N6b3ZMMmR2YjJkc1pXRmtjMlZ5ZG1salpYTXVZMjl0T2pRME15SXNJbVpsWVhSMWNtVWlPaUpHWlhSamFFeGhkR1Z5UVZCSklpd2laWGh3YVhKNUlqb3hOekkxTkRBM09UazVMQ0pwYzFSb2FYSmtVR0Z5ZEhraU9uUnlkV1Y5XCI%2BPC9oZWFkPjxib2R5IGxlZnRtYXJnaW49XCIwXCIgdG9wbWFyZ2luPVwiMFwiIG1hcmdpbndpZHRoPVwiMFwiIG1hcmdpbmhlaWdodD1cIjBcIj48c2NyaXB0PndpbmRvdy5kaWNuZiA9IHt9Ozwvc2NyaXB0PjxzY3JpcHQgZGF0YS1qYz1cIjQyXCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjQxMDAxXCIgZGF0YS1qYy1mbGFncz1cIlsmcXVvdDt4JTI3ODQ0Nic5ZWZvdG0oJmFtcDsyMDA2Nzs%2BOCZhbXA7PmBkb3BiLyU8MTczMjI2MSE9fHZxYykhNzIwMTA2MT8nOWVmb3RtKCZhbXA7MjA3MjM7PjomYW1wOz5gZG9wYi8lPDEyNDU7MDUhPW5laHVgLyEzNjE6PDMyMCE5c3FybSgmYW1wOzIwNTc%2FNjE8JmFtcDs%2BYGRvcGJ%2BJnF1b3Q7XVwiPihmdW5jdGlvbigpeyd1c2Ugc3RyaWN0JzsvKiAgQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy4gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAgKi8gdmFyIHQ9dGhpc3x8c2VsZjtmdW5jdGlvbiBhYShhKXt0LnNldFRpbWVvdXQoKCk9Pnt0aHJvdyBhO30sMCl9O3ZhciBiYSx2O2E6e2Zvcih2YXIgY2E9W1wiQ0xPU1VSRV9GTEFHU1wiXSx3PXQsZGE9MDtkYTxjYS5sZW5ndGg7ZGErKylpZih3PXdbY2FbZGFdXSx3PT1udWxsKXt2PW51bGw7YnJlYWsgYX12PXd9dmFyIGVhPXYmJnZbNjEwNDAxMzAxXTtiYT1lYSE9bnVsbD9lYTohMTt2YXIgeDtjb25zdCBmYT10Lm5hdmlnYXRvcjt4PWZhP2ZhLnVzZXJBZ2VudERhdGF8fG51bGw6bnVsbDtmdW5jdGlvbiBoYShhKXtyZXR1cm4gYmE%2FeD94LmJyYW5kcy5zb21lKCh7YnJhbmQ6Yn0pPT5iJiZiLmluZGV4T2YoYSkhPS0xKTohMTohMX1mdW5jdGlvbiB5KGEpe3ZhciBiO2E6e2lmKGI9dC5uYXZpZ2F0b3IpaWYoYj1iLnVzZXJBZ2VudClicmVhayBhO2I9XCJcIn1yZXR1cm4gYi5pbmRleE9mKGEpIT0tMX07ZnVuY3Rpb24geigpe3JldHVybiBiYT8hIXgmJnguYnJhbmRzLmxlbmd0aD4wOiExfWZ1bmN0aW9uIGlhKCl7cmV0dXJuIHooKT9oYShcIkNocm9taXVtXCIpOih5KFwiQ2hyb21lXCIpfHx5KFwiQ3JpT1NcIikpJiYhKHooKT8wOnkoXCJFZGdlXCIpKXx8eShcIlNpbGtcIil9O2Z1bmN0aW9uIGphKGEpe2phW1wiIFwiXShhKTtyZXR1cm4gYX1qYVtcIiBcIl09ZnVuY3Rpb24oKXt9OyF5KFwiQW5kcm9pZFwiKXx8aWEoKTtpYSgpO3koXCJTYWZhcmlcIikmJihpYSgpfHwoeigpPzA6eShcIkNvYXN0XCIpKXx8KHooKT8wOnkoXCJPcGVyYVwiKSl8fCh6KCk%2FMDp5KFwiRWRnZVwiKSl8fCh6KCk%2FaGEoXCJNaWNyb3NvZnQgRWRnZVwiKTp5KFwiRWRnL1wiKSl8fHooKSYmaGEoXCJPcGVyYVwiKSk7dmFyIGthPXt9LEU9bnVsbDtmdW5jdGlvbiBsYSgpe2NvbnN0IGE9RXJyb3IoKTthLl9fY2xvc3VyZV9fZXJyb3JfX2NvbnRleHRfXzk4NDM4Mnx8KGEuX19jbG9zdXJlX19lcnJvcl9fY29udGV4dF9fOTg0MzgyPXt9KTthLl9fY2xvc3VyZV9fZXJyb3JfX2NvbnRleHRfXzk4NDM4Mi5zZXZlcml0eT1cImluY2lkZW50XCI7YWEoYSl9O3ZhciBGPVN5bWJvbCgpO3ZhciBtYT17fSxuYT17fTtmdW5jdGlvbiBvYShhKXtyZXR1cm4hKCFhfHx0eXBlb2YgYSE9PVwib2JqZWN0XCJ8fGEuZyE9PW5hKX1mdW5jdGlvbiBHKGEpe3JldHVybiBhIT09bnVsbCYmdHlwZW9mIGE9PT1cIm9iamVjdFwiJiYhQXJyYXkuaXNBcnJheShhKSYmYS5jb25zdHJ1Y3Rvcj09PU9iamVjdH1mdW5jdGlvbiBIKGEpe3JldHVybiFBcnJheS5pc0FycmF5KGEpfHxhLmxlbmd0aD8hMTooYVtGXXwwKSYxPyEwOiExfU9iamVjdC5mcmVlemUoe30pO3ZhciByYT1PYmplY3QuZnJlZXplKHt9KTtjb25zdCBzYT1CaWdJbnQoTnVtYmVyLk1JTl9TQUZFX0lOVEVHRVIpLHRhPUJpZ0ludChOdW1iZXIuTUFYX1NBRkVfSU5URUdFUik7ZnVuY3Rpb24gdWEoYSl7aWYodHlwZW9mIGEhPT1cImJvb2xlYW5cIil7dmFyIGI9dHlwZW9mIGE7dGhyb3cgRXJyb3IoYEV4cGVjdGVkIGJvb2xlYW4gYnV0IGdvdCAke2IhPVwib2JqZWN0XCI%2FYjphP0FycmF5LmlzQXJyYXkoYSk%2FXCJhcnJheVwiOmI6XCJudWxsXCJ9OiAke2F9YCk7fXJldHVybiBhfTtsZXQgST12b2lkIDA7ZnVuY3Rpb24gdmEoYSxiKXtjb25zdCBjPUo%2FLmdldChiKT8uZ2V0KGEpO2MmJiF3YShhLGMpJiYoeGEoKSxKPy5nZXQoYik%2FLmRlbGV0ZShhKSl9ZnVuY3Rpb24gd2EoYSxiKXtpZihhLmxlbmd0aCE9PWIubGVuZ3RoKXJldHVybiExO2Zvcihjb25zdCBmIGluIGIpe3ZhciBjPU51bWJlcihmKSxkO2lmKGQ9TnVtYmVyLmlzSW50ZWdlcihjKSlkPWFbY10sYz1iW2NdLGQ9IShOdW1iZXIuaXNOYU4oZCk%2FTnVtYmVyLmlzTmFOKGMpOmQ9PT1jKTtpZihkKXJldHVybiExfXJldHVybiEwfWZ1bmN0aW9uIHhhKCl7bGEoKX1sZXQgSj12b2lkIDA7bGV0IHlhO2Z1bmN0aW9uIHphKGEsYil7cmV0dXJuIEFhKGIpfWZ1bmN0aW9uIEFhKGEpe3N3aXRjaCh0eXBlb2YgYSl7Y2FzZSBcIm51bWJlclwiOnJldHVybiBpc0Zpbml0ZShhKT9hOlN0cmluZyhhKTtjYXNlIFwiYmlnaW50XCI6cmV0dXJuIGE%2BPXNhJiZhPD10YT9OdW1iZXIoYSk6U3RyaW5nKGEpO2Nhc2UgXCJib29sZWFuXCI6cmV0dXJuIGE%2FMTowO2Nhc2UgXCJvYmplY3RcIjppZihhKWlmKEFycmF5LmlzQXJyYXkoYSkpe2lmKEgoYSkpcmV0dXJufWVsc2UgaWYoYSE9bnVsbCYmYSBpbnN0YW5jZW9mIFVpbnQ4QXJyYXkpe2xldCBiPVwiXCIsYz0wO2NvbnN0IGQ9YS5sZW5ndGgtMTAyNDA7Zm9yKDtjPGQ7KWIrPVN0cmluZy5mcm9tQ2hhckNvZGUuYXBwbHkobnVsbCxhLnN1YmFycmF5KGMsYys9MTAyNDApKTtiKz1TdHJpbmcuZnJvbUNoYXJDb2RlLmFwcGx5KG51bGwsYz9hLnN1YmFycmF5KGMpOmEpO3JldHVybiBidG9hKGIpfX1yZXR1cm4gYX07ZnVuY3Rpb24gQmEoYSxiLGMsZCxmKXtpZihhIT1udWxsKXtpZihBcnJheS5pc0FycmF5KGEpKWE9SChhKT92b2lkIDA6ZiYmKGFbRl18MCkmMj9hOkNhKGEsYixjLGQhPT12b2lkIDAsZik7ZWxzZSBpZihHKGEpKXtjb25zdCBlPXt9O2ZvcihsZXQgZyBpbiBhKWVbZ109QmEoYVtnXSxiLGMsZCxmKTthPWV9ZWxzZSBhPWIoYSxkKTtyZXR1cm4gYX19ZnVuY3Rpb24gQ2EoYSxiLGMsZCxmKXtjb25zdCBlPWR8fGM%2FYVtGXXwwOjA7ZD1kPyEhKGUmMzIpOnZvaWQgMDthPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGEpO2ZvcihsZXQgZz0wO2c8YS5sZW5ndGg7ZysrKWFbZ109QmEoYVtnXSxiLGMsZCxmKTtjJiZjKGUsYSk7cmV0dXJuIGF9ZnVuY3Rpb24gRGEoYSl7cmV0dXJuIGEuQT09PW1hP2EudG9KU09OKCk6QWEoYSl9O2Z1bmN0aW9uIEVhKGEsYixjKXtjb25zdCBkPWEubDtsZXQgZj1kW0ZdO2lmKGYmMil0aHJvdyBFcnJvcigpO0ZhKGQsZixiLGMpO3JldHVybiBhfWZ1bmN0aW9uIEZhKGEsYixjLGQpe2NvbnN0IGY9Yj4%2BMTUmMTAyM3x8NTM2ODcwOTEyO2lmKGM%2BPWYpe2xldCBlLGc9YjtpZihiJjI1NillPWFbYS5sZW5ndGgtMV07ZWxzZXtpZihkPT1udWxsKXJldHVybjtlPWFbZisoKyEhKGImNTEyKS0xKV09e307Z3w9MjU2fWVbY109ZDtjPGYmJihhW2MrKCshIShiJjUxMiktMSldPXZvaWQgMCk7ZyE9PWImJihhW0ZdPWcpfWVsc2UgYVtjKygrISEoYiY1MTIpLTEpXT1kLGImMjU2JiYoYT1hW2EubGVuZ3RoLTFdLGMgaW4gYSYmZGVsZXRlIGFbY10pfWZ1bmN0aW9uIEsoYSxiLGMpe2lmKGMhPW51bGwmJnR5cGVvZiBjIT09XCJzdHJp&i=1-7&t=adltag_m1t71drt_hkGrbVdrZ35&r=eb8be4ba3634e4a822fefcc363dbe46&c=setupad-hai&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

access-control-max-age: 3000
x-amz-version-id: gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 21683
access-control-allow-methods: GET
x-cache: Error from cloudfront
x-amz-cf-id: 7CNd6T9VdRdjvAdPAEJgEC2GgQi3SqciGDZqd047f7LP0n8nUMCS-A==
date: Thu, 03 Oct 2024 05:33:41 GMT
content-type: image/gif
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-amz-cf-pop: FRA56-P2
server: AmazonS3

POST
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 6C0A 0
419 B 207ms
57ms Ping
image/gif 18.66.102.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=bmdcIil0aHJvdyBFcnJvcigpO3JldHVybiBFYShhLGIsYyl9O2xldCBMO3ZhciBNPWNsYXNze2NvbnN0cnVjdG9yKCl7YTp7dmFyIGE9dm9pZCAwO2E9PW51bGwmJihhPXlhKTt5YT12b2lkIDA7aWYoYT09bnVsbCl7dmFyIGI9OTY7YT1bXX1lbHNle2lmKCFBcnJheS5pc0FycmF5KGEpKXRocm93IEVycm9yKFwibmFyclwiKTtiPWFbRl18MDtpZihiJjIwNDgpdGhyb3cgRXJyb3IoXCJmYXJyXCIpO2lmKGImNjQpYnJlYWsgYTt2YXIgYz1hO2J8PTY0O3ZhciBkPWMubGVuZ3RoO2lmKGQmJigtLWQsRyhjW2RdKSkpe2J8PTI1NjtjPWQtKCshIShiJjUxMiktMSk7aWYoYz49MTAyNCl0aHJvdyBFcnJvcihcInB2dGxtdFwiKTtiPWImLTMzNTIxNjY1fChjJjEwMjMpPDwxNX19YVtGXT1ifXRoaXMubD1hfXRvSlNPTigpe3JldHVybiBHYSh0aGlzKX19O00ucHJvdG90eXBlLkE9bWE7TS5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXt0cnl7cmV0dXJuIEw9ITAsR2EodGhpcykudG9TdHJpbmcoKX1maW5hbGx5e0w9ITF9fTsgZnVuY3Rpb24gR2EoYSl7aWYoYSYmSj8uaGFzKGEpKXt2YXIgYj1hLmw7aWYoYilmb3IodmFyIGM9MDtjPGIubGVuZ3RoO2MrKyl7dmFyIGQ9YltjXTtpZihjPT09Yi5sZW5ndGgtMSYmRyhkKSlmb3IodmFyIGYgaW4gZCl7dmFyIGU9ZFtmXTtBcnJheS5pc0FycmF5KGUpJiZ2YShlLGEpfWVsc2UgQXJyYXkuaXNBcnJheShkKSYmdmEoZCxhKX19YT1MP2EubDpDYShhLmwsRGEsdm9pZCAwLHZvaWQgMCwhMSk7Yj0hTDtpZihkPWEubGVuZ3RoKXtmPWFbZC0xXTsoZT1HKGYpKT9kLS06Zj12b2lkIDA7Yz1hO2lmKGUpe2I6e3ZhciBnPWY7dmFyIGw7dmFyIGg9ITE7aWYoZylmb3IobGV0IG0gaW4gZylpc05hTigrbSk%2FKGw%2FPyhsPXt9KSlbbV09Z1ttXTooZT1nW21dLEFycmF5LmlzQXJyYXkoZSkmJihIKGUpfHxvYShlKSYmZS5zaXplPT09MCkmJihlPW51bGwpLGU9PW51bGwmJihoPSEwKSxlIT1udWxsJiYoKGw%2FPyhsPXt9KSlbbV09ZSkpO2h8fChsPWcpO2lmKGwpZm9yKGxldCBtIGluIGwpe2g9IGw7YnJlYWsgYn1oPW51bGx9Zz1oPT1udWxsP2YhPW51bGw6aCE9PWZ9Zm9yKDtkPjA7ZC0tKXtsPWNbZC0xXTtpZighKGw9PW51bGx8fEgobCl8fG9hKGwpJiZsLnNpemU9PT0wKSlicmVhazt2YXIgaz0hMH1pZihjIT09YXx8Z3x8ayl7aWYoIWIpYz1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChjLDAsZCk7ZWxzZSBpZihrfHxnfHxoKWMubGVuZ3RoPWQ7aCYmYy5wdXNoKGgpfWs9Y31lbHNlIGs9YTtyZXR1cm4ga307dmFyIE89Y2xhc3N7Y29uc3RydWN0b3IoYSxiPSExKXt0aGlzLmtleT1hO3RoaXMuZGVmYXVsdFZhbHVlPWI7dGhpcy52YWx1ZVR5cGU9XCJib29sZWFuXCJ9fTt2YXIgSGE9bmV3IE8oXCI0NTM2ODI1OVwiKSxJYT1uZXcgTyhcIjQ1MzU3MTU2XCIsITApLEphPW5ldyBPKFwiNDUzNTA4OTBcIiksS2E9bmV3IE8oXCI0NTQxNDg5MlwiKSxMYT1uZXcgTyhcIjQ1NjIwODMyXCIpLE1hPW5ldyBPKFwiNDU2NDg1NjRcIik7Y29uc3QgTmE9UmVnRXhwKFwiYWRcXFxcLmRvdWJsZWNsaWNrXFxcXC5uZXQvKGRkbS90cmFja2ltcHxwY3MvdmlldylcIik7dmFyIFA9KGEsYik9PmEuc3Vic3RyaW5nKGEubGVuZ3RoLTcpPT1cIiZhZHVybD1cIj9hLnN1YnN0cmluZygwLGEubGVuZ3RoLTcpK2IrXCImYWR1cmw9XCI6YStiO2Z1bmN0aW9uIFEoYSxiLGMpe2EuYWRkRXZlbnRMaXN0ZW5lciYmYS5hZGRFdmVudExpc3RlbmVyKGIsYywhMSl9ZnVuY3Rpb24gT2EoYSxiLGMpe2EucmVtb3ZlRXZlbnRMaXN0ZW5lciYmYS5yZW1vdmVFdmVudExpc3RlbmVyKGIsYywhMSl9O3ZhciBQYT1SZWdFeHAoXCJeKD86KFteOi8%2FIy5dKyk6KT8oPzovLyg%2FOihbXlxcXFxcXFxcLz8jXSopQCk%2FKFteXFxcXFxcXFwvPyNdKj8pKD86OihbMC05XSspKT8oPz1bXFxcXFxcXFwvPyNdfCQpKT8oW14%2FI10rKT8oPzpcXFxcPyhbXiNdKikpPyg%2FOiMoW1xcXFxzXFxcXFNdKikpPyRcIik7ZnVuY3Rpb24gUWEoYSxiLGMsZCl7Zm9yKHZhciBmPWMubGVuZ3RoOyhiPWEuaW5kZXhPZihjLGIpKT49MCYmYjxkOyl7dmFyIGU9YS5jaGFyQ29kZUF0KGItMSk7aWYoZT09Mzh8fGU9PTYzKWlmKGU9YS5jaGFyQ29kZUF0KGIrZiksIWV8fGU9PTYxfHxlPT0zOHx8ZT09MzUpcmV0dXJuIGI7Yis9ZisxfXJldHVybi0xfXZhciBSYT0vI3wkLzsgZnVuY3Rpb24gU2EoYSl7dmFyIGI9YS5zZWFyY2goUmEpLGM9UWEoYSwwLFwiYXNlXCIsYik7aWYoYzwwKXJldHVybiBudWxsO3ZhciBkPWEuaW5kZXhPZihcIiZcIixjKTtpZihkPDB8fGQ%2BYilkPWI7cmV0dXJuIGRlY29kZVVSSUNvbXBvbmVudChhLnNsaWNlKGMrNCxkIT09LTE%2FZDowKS5yZXBsYWNlKC9cXCsvZyxcIiBcIikpfXZhciBYYT0vWz8mXSgkfCMpLzsgZnVuY3Rpb24gWWEoYSxiKXtmb3IodmFyIGM9YS5zZWFyY2goUmEpLGQ9MCxmLGU9W107KGY9UWEoYSxkLFwibmlzXCIsYykpPj0wOyllLnB1c2goYS5zdWJzdHJpbmcoZCxmKSksZD1NYXRoLm1pbihhLmluZGV4T2YoXCImXCIsZikrMXx8YyxjKTtlLnB1c2goYS5zbGljZShkKSk7YT1lLmpvaW4oXCJcIikucmVwbGFjZShYYSxcIiQxXCIpOyhiPVwibmlzXCIrKGIhPW51bGw%2FXCI9XCIrZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhiKSk6XCJcIikpPyhjPWEuaW5kZXhPZihcIiNcIiksYzwwJiYoYz1hLmxlbmd0aCksZD1hLmluZGV4T2YoXCI%2FXCIpLGQ8MHx8ZD5jPyhkPWMsZj1cIlwiKTpmPWEuc3Vic3RyaW5nKGQrMSxjKSxhPVthLnNsaWNlKDAsZCksZixhLnNsaWNlKGMpXSxjPWFbMV0sYVsxXT1iP2M%2FYytcIiZcIitiOmI6YyxiPWFbMF0rKGFbMV0%2FXCI%2FXCIrYVsxXTpcIlwiKSthWzJdKTpiPWE7cmV0dXJuIGJ9O2Z1bmN0aW9uIFphKCl7aWYoIWdsb2JhbFRoaXMuY3J5cHRvKXJldHVybiBNYXRoLnJhbmRvbSgpO3RyeXtjb25zdCBhPW5ldyBVaW50MzJBcnJheSgxKTtnbG9iYWxUaGlzLmNyeXB0by5nZXRSYW5kb21WYWx1ZXMoYSk7cmV0dXJuIGFbMF0vNjU1MzYvNjU1MzZ9Y2F0Y2h7cmV0dXJuIE1hdGgucmFuZG9tKCl9fWZ1bmN0aW9uICRhKGEsYil7aWYoYSlmb3IoY29uc3QgYyBpbiBhKU9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChhLGMpJiZiKGFbY10sYyxhKX1mdW5jdGlvbiBhYihhPWRvY3VtZW50KXtyZXR1cm4gYS5jcmVhdGVFbGVtZW50KFwiaW1nXCIpfTtmdW5jdGlvbiBiYihhLGI9bnVsbCl7Y2IoYSxiKX1mdW5jdGlvbiBjYihhLGIpe3QuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzfHwodC5nb29nbGVfaW1hZ2VfcmVxdWVzdHM9W10pO2NvbnN0IGM9YWIodC5kb2N1bWVudCk7aWYoYil7Y29uc3QgZD1mPT57YiYmYihmKTtPYShjLFwibG9hZFwiLGQpO09hKGMsXCJlcnJvclwiLGQpfTtRKGMsXCJsb2FkXCIsZCk7UShjLFwiZXJyb3JcIixkKX1jLnNyYz1hO3QuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzLnB1c2goYyl9O2xldCBkYj0wO2Z1bmN0aW9uIGViKGEsYj1udWxsKXtyZXR1cm4gYiYmYi5nZXRBdHRyaWJ1dGUoXCJkYXRhLWpjXCIpPT09U3RyaW5nKGEpP2I6ZG9jdW1lbnQucXVlcnlTZWxlY3RvcihgWyR7XCJkYXRhLWpjXCJ9PVwiJHthfVwiXWApfTtmdW5jdGlvbiBSKGEpe2ZifHwoZmI9bmV3IGdiKTtjb25zdCBiPWZiLmdbYS5rZXldO2lmKGEudmFsdWVUeXBlPT09XCJwcm90b1wiKXt0cnl7Y29uc3QgYz1KU09OLnBhcnNlKGIpO2lmKEFycmF5LmlzQXJyYXkoYykpcmV0dXJuIGN9Y2F0Y2goYyl7fXJldHVybiBhLmRlZmF1bHRWYWx1ZX1yZXR1cm4gdHlwZW9mIGI9PT10eXBlb2YgYS5kZWZhdWx0VmFsdWU%2FYjphLmRlZmF1bHRWYWx1ZX12YXIgaGI9Y2xhc3N7Y29uc3RydWN0b3IoKXt0aGlzLmc9e319fTt2YXIgZ2I9Y2xhc3MgZXh0ZW5kcyBoYntjb25zdHJ1Y3Rvcigpe3N1cGVyKCk7dmFyIGE9ZWIoZGIsZG9jdW1lbnQuY3VycmVudFNjcmlwdCk7YT1hJiZhLmdldEF0dHJpYnV0ZShcImRhdGEtamMtZmxhZ3NcIil8fFwiXCI7dHJ5e2NvbnN0IGI9SlNPTi5wYXJzZShhKVswXTthPVwiXCI7Zm9yKGxldCBjPTA7YzxiLmxlbmd0aDtjKyspYSs9U3RyaW5nLmZyb21DaGFyQ29kZShiLmNoYXJDb2RlQXQoYyleXCJcXHUwMDAzXFx1MDAwN1xcdTAwMDNcXHUwMDA3XFxiXFx1MDAwNFxcdTAwMDRcXHUwMDA2XFx1MDAwNVxcdTAwMDNcIi5jaGFyQ29kZUF0KGMlMTApKTt0aGlzLmc9SlNPTi5wYXJzZShhKX1jYXRjaChiKXt9fX0sZmI7dmFyIGliPWNsYXNze2NvbnN0cnVjdG9yKGEsYil7dGhpcy5lcnJvcj1hO3RoaXMuY29udGV4dD1iLmNvbnRleHQ7dGhpcy5tc2c9Yi5tZXNzYWdlfHxcIlwiO3RoaXMuaWQ9Yi5pZHx8XCJqc2Vycm9yXCI7dGhpcy5tZXRhPXt9fX07ZnVuY3Rpb24gamIoYSl7bGV0IGI9YS50b1N0cmluZygpO2EubmFtZSYmYi5pbmRleE9mKGEubmFtZSk9PS0xJiYoYis9XCI6IFwiK2EubmFtZSk7YS5tZXNzYWdlJiZiLmluZGV4T2YoYS5tZXNzYWdlKT09LTEmJihiKz1cIjogXCIrYS5tZXNzYWdlKTtpZihhLnN0YWNrKWE6e2E9YS5zdGFjazt2YXIgYz1iO3RyeXthLmluZGV4T2YoYyk9PS0xJiYoYT1jK1wiXFxuXCIrYSk7bGV0IGQ7Zm9yKDthIT1kOylkPWEsYT1hLnJlcGxhY2UoUmVnRXhwKFwiKChodHRwcz86Ly4uKi8pW14vOl0qOlxcXFxkKyg%2FOi58XFxuKSopXFxcXDJcIiksXCIkMVwiKTtiPWEucmVwbGFjZShSZWdFeHAoXCJcXG4gKlwiLFwiZ1wiKSxcIlxcblwiKTticmVhayBhfWNhdGNoKGQpe2I9YzticmVhayBhfWI9dm9pZCAwfXJldHVybiBifTtjb25zdCBrYj1SZWdFeHAoXCJeaHR0cHM%2FOi8vKFxcXFx3fC0pK1xcXFwuY2RuXFxcXC5hbXBwcm9qZWN0XFxcXC4obmV0fG9yZykoXFxcXD98L3wkKVwiKTt2YXIgbGI9Y2xhc3N7Y29uc3RydWN0b3IoYSxiKXt0aGlzLmc9YTt0aGlzLmk9Yn19LG1iPWNsYXNze2NvbnN0cnVjdG9yKGEsYil7dGhpcy51cmw9YTt0aGlzLnU9ISFiO3RoaXMuZGVwdGg9bnVsbH19O2xldCBTPW51bGw7ZnVuY3Rpb24gbmIoKXtjb25zdCBhPXQucGVyZm9ybWFuY2U7cmV0dXJuIGEmJmEubm93JiZhLnRpbWluZz9NYXRoLmZsb29yKGEubm93KCkrYS50aW1pbmcubmF2aWdhdGlvblN0YXJ0KTpEYXRlLm5vdygpfWZ1bmN0aW9uIG9iKCl7Y29uc3QgYT10LnBlcmZvcm1hbmNlO3JldHVybiBhJiZhLm5vdz9hLm5vdygpOm51bGx9O3ZhciBwYj1jbGFzc3tjb25zdHJ1Y3RvcihhLGIpe3ZhciBjPW9iKCl8fG5iKCk7dGhpcy5sYWJlbD1hO3RoaXMudHlwZT1iO3RoaXMudmFsdWU9Yzt0aGlzLmR1cmF0aW9uPTA7dGhpcy50YXNrSWQ9dGhpcy5zbG90SWQ9dm9pZCAwO3RoaXMudW5pcXVlSWQ9TWF0aC5yYW5kb20oKX19O2NvbnN0IFQ9dC5wZXJmb3JtYW5jZSxxYj0hIShUJiZULm1hcmsmJlQubWVhc3VyZSYmVC5jbGVhck1hcmtzKSxVPWZ1bmN0aW9uKGEpe2xldCBiPSExLGM7cmV0dXJuIGZ1bmN0aW9uKCl7Ynx8KGM9YSgpLGI9ITApO3JldHVybiBjfX0oKCk9Pnt2YXIgYTtpZihhPXFiKXt2YXIgYjtpZihTPT09bnVsbCl7Uz1cIlwiO3RyeXthPVwiXCI7dHJ5e2E9dC50b3AubG9jYXRpb24uaGFzaH1jYXRjaChjKXthPXQubG9jYXRpb24uaGFzaH1hJiYoUz0oYj1hLm1hdGNoKC9cXGJkZWlkPShbXFxkLF0rKS8pKT9iWzFdOlwiXCIpfWNhdGNoKGMpe319Yj1TO2E9ISFiLmluZGV4T2YmJmIuaW5kZXhPZihcIjEzMzdcIik%2BPTB9cmV0dXJuIGF9KTtmdW5jdGlvbiByYihhKXthJiZUJiZVKCkmJihULmNsZWFyTWFya3MoYGdvb2dfJHthLmxhYmVsfV8ke2EudW5pcXVlSWR9X3N0YXJ0YCksVC5jbGVhck1hcmtzKGBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9lbmRgKSl9IGNsYXNzIHNie2NvbnN0cnVjdG9yKCl7dmFyIGE9d2luZG93O3RoaXMuaT1bXTt0aGlzLmo9YXx8dDtsZXQgYj1udWxsO2EmJihhLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWU9YS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlfHxbXSx0aGlzLmk9YS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlLGI9YS5nb29nbGVfbWVhc3VyZV9qc190aW1pbm&i=2-7&t=adltag_m1t71drt_hkGrbVdrZ35&r=eb8be4ba3634e4a822fefcc363dbe46&c=setupad-hai&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

access-control-max-age: 3000
x-amz-version-id: gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 21683
access-control-allow-methods: GET
x-cache: Error from cloudfront
x-amz-cf-id: 2_kN0Nwb-L7N4ocJ0f5qfY3GfTpDZAcavDN_1nTJQ6khaPWEa-OmHw==
date: Thu, 03 Oct 2024 05:07:46 GMT
content-type: image/gif
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-amz-cf-pop: FRA56-P2
server: AmazonS3

POST
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 6C0A 0
417 B 260ms
111ms Ping
image/gif 18.66.102.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=cpO3RoaXMuZz1VKCl8fChiIT1udWxsP2I6TWF0aC5yYW5kb20oKTwxKX1zdGFydChhLGIpe2lmKCF0aGlzLmcpcmV0dXJuIG51bGw7YT1uZXcgcGIoYSxiKTtiPWBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9zdGFydGA7VCYmVSgpJiZULm1hcmsoYik7cmV0dXJuIGF9ZW5kKGEpe2lmKHRoaXMuZyYmdHlwZW9mIGEudmFsdWU9PT1cIm51bWJlclwiKXthLmR1cmF0aW9uPShvYigpfHxuYigpKS1hLnZhbHVlO3ZhciBiPWBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9lbmRgO1QmJlUoKSYmVC5tYXJrKGIpOyF0aGlzLmd8fHRoaXMuaS5sZW5ndGg%2BIDIwNDh8fHRoaXMuaS5wdXNoKGEpfX19O2Z1bmN0aW9uIFYoYSxiKXtjb25zdCBjPXt9O2NbYV09YjtyZXR1cm5bY119ZnVuY3Rpb24gdGIoYSxiLGMsZCxmKXtjb25zdCBlPVtdOyRhKGEsKGcsbCk9PnsoZz11YihnLGIsYyxkLGYpKSYmZS5wdXNoKGAke2x9PSR7Z31gKX0pO3JldHVybiBlLmpvaW4oYil9IGZ1bmN0aW9uIHViKGEsYixjLGQsZil7aWYoYT09bnVsbClyZXR1cm5cIlwiO2I9Ynx8XCImXCI7Yz1jfHxcIiwkXCI7dHlwZW9mIGM9PT1cInN0cmluZ1wiJiYoYz1jLnNwbGl0KFwiXCIpKTtpZihhIGluc3RhbmNlb2YgQXJyYXkpe2lmKGR8fChkPTApLGQ8Yy5sZW5ndGgpe2NvbnN0IGU9W107Zm9yKGxldCBnPTA7ZzxhLmxlbmd0aDtnKyspZS5wdXNoKHViKGFbZ10sYixjLGQrMSxmKSk7cmV0dXJuIGUuam9pbihjW2RdKX19ZWxzZSBpZih0eXBlb2YgYT09PVwib2JqZWN0XCIpcmV0dXJuIGZ8fChmPTApLGY8Mj9lbmNvZGVVUklDb21wb25lbnQodGIoYSxiLGMsZCxmKzEpKTpcIi4uLlwiO3JldHVybiBlbmNvZGVVUklDb21wb25lbnQoU3RyaW5nKGEpKX1mdW5jdGlvbiB2YihhKXtsZXQgYj0xO2Zvcihjb25zdCBjIGluIGEuaSljLmxlbmd0aD5iJiYoYj1jLmxlbmd0aCk7cmV0dXJuIDM5OTctYi1hLmoubGVuZ3RoLTF9IGZ1bmN0aW9uIHdiKGEsYil7bGV0IGM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tXCIrYixkPXZiKGEpLWIubGVuZ3RoO2lmKGQ8MClyZXR1cm5cIlwiO2EuZy5zb3J0KChlLGcpPT5lLWcpO2I9bnVsbDtsZXQgZj1cIlwiO2ZvcihsZXQgZT0wO2U8YS5nLmxlbmd0aDtlKyspe2NvbnN0IGc9YS5nW2VdLGw9YS5pW2ddO2ZvcihsZXQgaD0wO2g8bC5sZW5ndGg7aCsrKXtpZighZCl7Yj1iPT1udWxsP2c6YjticmVha31sZXQgaz10YihsW2hdLGEuaixcIiwkXCIpO2lmKGspe2s9ZitrO2lmKGQ%2BPWsubGVuZ3RoKXtkLT1rLmxlbmd0aDtjKz1rO2Y9YS5qO2JyZWFrfWI9Yj09bnVsbD9nOmJ9fX1hPVwiXCI7YiE9bnVsbCYmKGE9YCR7Zn0ke1widHJuXCJ9PSR7Yn1gKTtyZXR1cm4gYythfXZhciB4Yj1jbGFzc3tjb25zdHJ1Y3Rvcigpe3RoaXMuaj1cIiZcIjt0aGlzLmk9e307dGhpcy5tPTA7dGhpcy5nPVtdfX07ZnVuY3Rpb24geWIoYSxiLGMsZCl7bGV0IGYsZTt0cnl7YS5nJiZhLmcuZz8oZT1hLmcuc3RhcnQoYi50b1N0cmluZygpLDMpLGY9YygpLGEuZy5lbmQoZSkpOmY9YygpfWNhdGNoKGcpe2M9ITA7dHJ5e3JiKGUpLGM9YS5CKGIsbmV3IGliKGcse21lc3NhZ2U6amIoZyl9KSx2b2lkIDAsZCl9Y2F0Y2gobCl7YS5tKDIxNyxsKX1pZihjKXdpbmRvdy5jb25zb2xlPy5lcnJvcj8uKGcpO2Vsc2UgdGhyb3cgZzt9cmV0dXJuIGZ9ZnVuY3Rpb24gemIoYSxiLGMsZCl7dmFyIGY9VztyZXR1cm4oLi4uZSk9PnliKGYsYSwoKT0%2BYi5hcHBseShjLGUpLGQpfSB2YXIgQmI9Y2xhc3N7Y29uc3RydWN0b3IoYT1udWxsKXt0aGlzLnY9WDt0aGlzLmc9YTt0aGlzLmk9bnVsbDt0aGlzLmo9ITE7dGhpcy5CPXRoaXMubX1tKGEsYixjLGQsZil7Zj1mfHxcImpzZXJyb3JcIjtsZXQgZTt0cnl7Y29uc3QgQT1uZXcgeGI7dmFyIGc9QTtnLmcucHVzaCgxKTtnLmlbMV09VihcImNvbnRleHRcIixhKTtiLmVycm9yJiZiLm1ldGEmJmIuaWR8fChiPW5ldyBpYihiLHttZXNzYWdlOmpiKGIpfSkpO2lmKGIubXNnKXtnPUE7dmFyIGw9Yi5tc2cuc3Vic3RyaW5nKDAsNTEyKTtnLmcucHVzaCgyKTtnLmlbMl09VihcIm1zZ1wiLGwpfXZhciBoPWIubWV0YXx8e307Yj1oO2lmKHRoaXMuaSl0cnl7dGhpcy5pKGIpfWNhdGNoKEIpe31pZihkKXRyeXtkKGIpfWNhdGNoKEIpe31kPUE7aD1baF07ZC5nLnB1c2goMyk7ZC5pWzNdPWg7ZD10O2g9W107bGV0IFo7Yj1udWxsO2Rve3ZhciBrPWQ7dHJ5e3ZhciBtO2lmKG09ISFrJiZrLmxvY2F0aW9uLmhyZWYhPW51bGwpYjp7dHJ5e2phKGsuZm9vKTsgbT0hMDticmVhayBifWNhdGNoKEIpe31tPSExfXZhciBuPW19Y2F0Y2h7bj0hMX1uPyhaPWsubG9jYXRpb24uaHJlZixiPWsuZG9jdW1lbnQmJmsuZG9jdW1lbnQucmVmZXJyZXJ8fG51bGwpOihaPWIsYj1udWxsKTtoLnB1c2gobmV3IG1iKFp8fFwiXCIpKTt0cnl7ZD1rLnBhcmVudH1jYXRjaChCKXtkPW51bGx9fXdoaWxlKGQmJmshPWQpO2ZvcihsZXQgQj0wLFRhPWgubGVuZ3RoLTE7Qjw9VGE7KytCKWhbQl0uZGVwdGg9VGEtQjtrPXQ7aWYoay5sb2NhdGlvbiYmay5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMmJmsubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zLmxlbmd0aD09aC5sZW5ndGgtMSlmb3Iobj0xO248aC5sZW5ndGg7KytuKXt2YXIgcD1oW25dO3AudXJsfHwocC51cmw9ay5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnNbbi0xXXx8XCJcIixwLnU9ITApfXZhciBxPWg7bGV0IHBhPW5ldyBtYih0LmxvY2F0aW9uLmhyZWYsITEpO2s9bnVsbDtjb25zdCBxYT1xLmxlbmd0aC0xO2ZvcihwPSBxYTtwPj0wOy0tcCl7dmFyIHI9cVtwXTshayYma2IudGVzdChyLnVybCkmJihrPXIpO2lmKHIudXJsJiYhci51KXtwYT1yO2JyZWFrfX1yPW51bGw7Y29uc3QgRWI9cS5sZW5ndGgmJnFbcWFdLnVybDtwYS5kZXB0aCE9MCYmRWImJihyPXFbcWFdKTtlPW5ldyBsYihwYSxyKTtpZihlLmkpe3E9QTt2YXIgdT1lLmkudXJsfHxcIlwiO3EuZy5wdXNoKDQpO3EuaVs0XT1WKFwidG9wXCIsdSl9dmFyIEM9e3VybDplLmcudXJsfHxcIlwifTtpZihlLmcudXJsKXt2YXIgRD1lLmcudXJsLm1hdGNoKFBhKSxOPURbMV0sVWE9RFszXSxWYT1EWzRdO3U9XCJcIjtOJiYodSs9TitcIjpcIik7VWEmJih1Kz1cIi8vXCIsdSs9VWEsVmEmJih1Kz1cIjpcIitWYSkpO3ZhciBXYT11fWVsc2UgV2E9XCJcIjtOPUE7Qz1bQyx7dXJsOldhfV07Ti5nLnB1c2goNSk7Ti5pWzVdPUM7QWIodGhpcy52LGYsQSx0aGlzLmosYyl9Y2F0Y2goQSl7dHJ5e0FiKHRoaXMudixmLHtjb250ZXh0OlwiZWNtc2VyclwiLHJjdHg6YSxtc2c6amIoQSksdXJsOmUmJiBlLmcudXJsfSx0aGlzLmosYyl9Y2F0Y2goWil7fX1yZXR1cm4hMH19O2NsYXNzIENie307ZnVuY3Rpb24gQWIoYSxiLGMsZD0hMSxmLGUpe2lmKChkP2EuZzpNYXRoLnJhbmRvbSgpKTwoZnx8LjAxKSl0cnl7bGV0IGc7YyBpbnN0YW5jZW9mIHhiP2c9YzooZz1uZXcgeGIsJGEoYywoaCxrKT0%2Be3ZhciBtPWc7Y29uc3Qgbj1tLm0rKztoPVYoayxoKTttLmcucHVzaChuKTttLmlbbl09aH0pKTtjb25zdCBsPXdiKGcsXCIvcGFnZWFkL2dlbl8yMDQ%2FaWQ9XCIrYitcIiZcIik7bCYmKHR5cGVvZiBlIT09XCJ1bmRlZmluZWRcIj9iYihsLGUpOmJiKGwpKX1jYXRjaChnKXt9fWZ1bmN0aW9uIERiKCl7dmFyIGE9WCxiPXdpbmRvdy5nb29nbGVfc3J0O2I%2BPTAmJmI8PTEmJihhLmc9Yil9Y2xhc3MgRmJ7Y29uc3RydWN0b3IoKXt0aGlzLmc9TWF0aC5yYW5kb20oKX19O2xldCBYLFc7Y29uc3QgWT1uZXcgc2I7dmFyIEdiPSgpPT57d2luZG93Lmdvb2dsZV9tZWFzdXJlX2pzX3RpbWluZ3x8KFkuZz0hMSxZLmkhPVkuai5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlJiYoVSgpJiZBcnJheS5wcm90b3R5cGUuZm9yRWFjaC5jYWxsKFkuaSxyYix2b2lkIDApLFkuaS5sZW5ndGg9MCkpfTsoYT0%2Be1g9YT8%2FbmV3IEZiO3R5cGVvZiB3aW5kb3cuZ29vZ2xlX3NydCE9PVwibnVtYmVyXCImJih3aW5kb3cuZ29vZ2xlX3NydD1NYXRoLnJhbmRvbSgpKTtEYigpO1c9bmV3IEJiKFkpO1cuaT1iPT57dmFyIGM9ZGI7YyE9PTAmJihiLmpjPVN0cmluZyhjKSxjPShjPWViKGMsZG9jdW1lbnQuY3VycmVudFNjcmlwdCkpJiZjLmdldEF0dHJpYnV0ZShcImRhdGEtamMtdmVyc2lvblwiKXx8XCJ1bmtub3duXCIsYi5zaHY9Yyl9O1cuaj0hMDt3aW5kb3cuZG9jdW1lbnQucmVhZHlTdGF0ZT09XCJjb21wbGV0ZVwiP0diKCk6WS5nJiZRKHdpbmRvdyxcImxvYWRcIiwoKT0%2Be0diKCl9KX0pKCk7IHZhciBIYj0oYSxiLGMsZCk9PnpiKGEsYixjLGQpLEliPShhLGIsYyxkKT0%2Be3ZhciBmPUNiO3ZhciBlPVwib1wiO2YubyYmZi5oYXNPd25Qcm9wZXJ0eShlKXx8KGU9bmV3IGYsZi5vPWUpO2Y9W107IWIuZWlkJiZmLmxlbmd0aCYmKGIuZWlkPWYudG9TdHJpbmcoKSk7QWIoWCxhLGIsITAsYyxkKX07ZnVuY3Rpb24gSmIoYSl7bGV0IGI7YS52aXNpYmlsaXR5U3RhdGU%2FYj1cInZpc2liaWxpdHljaGFuZ2VcIjphLm1velZpc2liaWxpdHlTdGF0ZT9iPVwibW96dmlzaWJpbGl0eWNoYW5nZVwiOmEud2Via2l0VmlzaWJpbGl0eVN0YXRlJiYoYj1cIndlYmtpdHZpc2liaWxpdHljaGFuZ2VcIik7cmV0dXJuIGJ9O2Z1bmN0aW9uIEtiKCl7Y29uc3QgYT13aW5kb3c7aWYoYS5nbWFTZGt8fGEud2Via2l0Py5tZXNzYWdlSGFuZGxlcnM%2FLmdldEdtYVZpZXdTaWduYWxzKXJldHVybiBhO3RyeXtjb25zdCBiPXdpbmRvdy5wYXJlbnQ7aWYoYi5nbWFTZGt8fGIud2Via2l0Py5tZXNzYWdlSGFuZGxlcnM%2FLmdldEdtYVZpZXdTaWduYWxzKXJldHVybiBifWNhdGNoKGIpe31yZXR1cm4gbnVsbH0gZnVuY3Rpb24gTGIoYSxiPXt9LGM9KCk9Pnt9LGQ9KCk9Pnt9LGY9MjAwLGUsZyl7Y29uc3QgbD1TdHJpbmcoTWF0aC5mbG9vcihaYSgpKjIxNDc0ODM2NDcpKTtsZXQgaD0wO2NvbnN0IGs9bT0%2Be3RyeXtjb25zdCBuPXR5cGVvZiBtLmRhdGE9PT1cIm9iamVjdFwiP20uZGF0YTpKU09OLnBhcnNlKG0uZGF0YSk7bD09PW4ucGF3X2lkJiYod2luZG93LmNsZWFyVGltZW91dChoKSx3aW5kb3cucmVtb3ZlRXZlbnRMaXN0ZW5lcihcIm1lc3NhZ2VcIixrKSxuLnNpZ25hbD9jKG4uc2lnbmFsKTpuLmVycm9yJiZkKG4uZXJyb3IpKX1jYXRjaChuKXtnKFwicGF3X3NpZ3NcIix7bXNnOlwicG9zdG1lc3NhZ2VFcnJvclwiLGVycjpuIGluc3RhbmNlb2YgRXJyb3I%2Fbi5tZXNzYWdlOlwibm9uRXJyb3JcIixkYXRhOm0uZGF0YT09bnVsbD9cIm51bGxcIjptLmRhdGEubGVuZ3RoPjUwMD9tLmRhdGEuc3Vic3RyaW5nKDAsNTAwKTptLmRhdGF9KX19O3dpbmRvdy5hZGRFdmVudExpc3RlbmVyKFwibWVzc2FnZVwiLG09PntlKDkwMywgKCk9PntrKG0pfSkoKX0pO2EucG9zdE1lc3NhZ2Uoe3Bhd19pZDpsLC4uLmJ9KTtoPXdpbmRvdy5zZXRUaW1lb3V0KCgpPT57d2luZG93LnJlbW92ZUV2ZW50TGlzdGVuZXIoXCJtZXNzYWdlXCIsayk7ZChcIlBBVyBHTUEgcG9zdG1lc3NhZ2UgdGltZWQgb3V0LlwiKX0sZil9O2Z1bmN0aW9uIE1iKGE9ZG9jdW1lbnQpe3JldHVybiEhYS5mZWF0dXJlUG9saWN5Py5hbGxvd2VkRmVhdHVyZXMoKS5pbmNsdWRlcyhcImF0dHJpYnV0aW9uLXJlcG9ydGluZ1wiKX07dmFyIE5iPWNsYXNzIGV4dGVuZHMgTXt9O2Z1bmN0aW9uIE9iKGEsYil7cmV0dXJuIEsoYSwyLGIpfWZ1bmN0aW9uIFBiKGEsYil7cmV0dXJuIEsoYSwzLGIpfWZ1bmN0aW9uIFFiKGEsYil7cmV0dXJuIEsoYSw0LGIpfWZ1bmN0aW9uIFJiKGEsYil7cmV0dXJuIEsoYSw1LGIpfWZ1bmN0aW9uIFNiKGEsYil7cmV0dXJuIEsoYSw5LGIpfSBmdW5jdGlvbiBUYihhLGIpe3tjb25zdCBuPWEubDtsZXQgcD1uW0ZdO2lmKHAmMil0aHJvdyBFcnJvcigpO2lmKGI9PW51bGwpRmEobixwLDEwKTtlbHNle3ZhciBjPWJbRl18MCxkPWMsZj0hISgyJmMpfHwhISgyMDQ4JmMpLGU9Znx8T2JqZWN0LmlzRnJvemVuKGIpLGc7aWYoZz0hZSlnPXZvaWQgMD09PXJhfHwhMTt2YXIgbD0hMCxoPSEwO2ZvcihsZXQgcT0w&i=3-7&t=adltag_m1t71drt_hkGrbVdrZ35&r=eb8be4ba3634e4a822fefcc363dbe46&c=setupad-hai&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

access-control-max-age: 3000
x-amz-version-id: gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 21683
access-control-allow-methods: GET
x-cache: Error from cloudfront
x-amz-cf-id: dzIq5Sz4mte-67Os3vsEUgnKSof5l8Wbe4351s-kLQQJQnG5dfKc2A==
date: Thu, 03 Oct 2024 05:33:41 GMT
content-type: image/gif
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-amz-cf-pop: FRA56-P2
server: AmazonS3

POST
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 6C0A 0
418 B 262ms
113ms Ping
image/gif 18.66.102.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=O3E8Yi5sZW5ndGg7cSsrKXt2YXIgaz1iW3FdO2Z8fChrPSEhKChrLmxbRl18MCkmMiksbCYmKGw9IWspLGgmJihoPWspKX1mfHwoY3w9NSxjPWw%2FY3w4OmMmLTksYz1oP2N8MTY6YyYtMTcpO2lmKGd8fGUmJmMhPT1kKWI9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYiksZD0wLGM9MiZwP2N8MjpjJi0zLGM9KGN8MzIpJi0yMDQ5LDMyJnB8fChjJj0tMzMpO2Vsc2UgaWYoIWUpe2Y9YjtpZihJPT09dm9pZCAwKXtpZih0eXBlb2YgV2Vha01hcD09PVwiZnVuY3Rpb25cIil7ZT1XZWFrTWFwO3RyeXt2YXIgbT1lLnRvU3RyaW5nKCkuaW5kZXhPZihcIltuYXRpdmUgY29kZV1cIikhPT0gLTE%2FZTpudWxsfWNhdGNoe209bnVsbH19ZWxzZSBtPW51bGw7ST1tfWlmKEkmJihKPy5nZXQoYSk%2FLmdldChmKXx8IShNYXRoLnJhbmRvbSgpPi4wMSkpKXtlPWYubGVuZ3RoO209e2xlbmd0aDplfTtmb3IoZz0wO2c8TWF0aC5taW4oZSwxMCk7ZysrKWU8PTEwP2w9ZzoobD1lLzEwLGg9TWF0aC5mbG9vcihnKmwpLGw9aCtNYXRoLmZsb29yKE1hdGgucmFuZG9tKCkqKE1hdGguZmxvb3IoKGcrMSkqbCktaCkpKSxtW2xdPWZbbF07d2EoZixtKT8oZT1KfHwoSj1uZXcgSSksZz1lLmdldChhKSxnfHwoZz1uZXcgSSxlLnNldChhLGcpKSxnLnNldChmLG0pKToobGEoKSxKPy5nZXQoYSk%2FLmRlbGV0ZShmKSl9fWMhPT1kJiYoYltGXT1jKTtGYShuLHAsMTAsYil9fXJldHVybiBhfWZ1bmN0aW9uIFViKGEsYil7cmV0dXJuIEVhKGEsMTEsYj09bnVsbD9iOnVhKGIpKX1mdW5jdGlvbiBWYihhLGIpe3JldHVybiBLKGEsMSxiKX0gZnVuY3Rpb24gV2IoYSxiKXtyZXR1cm4gRWEoYSw3LGI9PW51bGw%2FYjp1YShiKSl9dmFyIFhiPWNsYXNzIGV4dGVuZHMgTXt9O2NvbnN0IFliPVwicGxhdGZvcm0gcGxhdGZvcm1WZXJzaW9uIGFyY2hpdGVjdHVyZSBtb2RlbCB1YUZ1bGxWZXJzaW9uIGJpdG5lc3MgZnVsbFZlcnNpb25MaXN0IHdvdzY0XCIuc3BsaXQoXCIgXCIpO2Z1bmN0aW9uIFpiKCl7dmFyIGE9d2luZG93O2lmKHR5cGVvZiBhLm5hdmlnYXRvcj8udXNlckFnZW50RGF0YT8uZ2V0SGlnaEVudHJvcHlWYWx1ZXMhPT1cImZ1bmN0aW9uXCIpcmV0dXJuIG51bGw7Y29uc3QgYj1hLmdvb2dsZV90YWdfZGF0YT8%2FKGEuZ29vZ2xlX3RhZ19kYXRhPXt9KTtpZihiLnVhY2hfcHJvbWlzZSlyZXR1cm4gYi51YWNoX3Byb21pc2U7YT1hLm5hdmlnYXRvci51c2VyQWdlbnREYXRhLmdldEhpZ2hFbnRyb3B5VmFsdWVzKFliKS50aGVuKGM9PntiLnVhY2g%2FPyhiLnVhY2g9Yyk7cmV0dXJuIGN9KTtyZXR1cm4gYi51YWNoX3Byb21pc2U9YX0gZnVuY3Rpb24gJGIoYSl7cmV0dXJuIFViKFRiKFJiKE9iKFZiKFFiKFdiKFNiKFBiKG5ldyBYYixhLmFyY2hpdGVjdHVyZXx8XCJcIiksYS5iaXRuZXNzfHxcIlwiKSxhLm1vYmlsZXx8ITEpLGEubW9kZWx8fFwiXCIpLGEucGxhdGZvcm18fFwiXCIpLGEucGxhdGZvcm1WZXJzaW9ufHxcIlwiKSxhLnVhRnVsbFZlcnNpb258fFwiXCIpLGEuZnVsbFZlcnNpb25MaXN0Py5tYXAoYj0%2Be3ZhciBjPW5ldyBOYjtjPUsoYywxLGIuYnJhbmQpO3JldHVybiBLKGMsMixiLnZlcnNpb24pfSl8fFtdKSxhLndvdzY0fHwhMSl9ZnVuY3Rpb24gYWMoKXtyZXR1cm4gWmIoKT8udGhlbihhPT4kYihhKSk%2FP251bGx9O2NsYXNzIGJje2NvbnN0cnVjdG9yKCl7dGhpcy5wcm9taXNlPW5ldyBQcm9taXNlKChhLGIpPT57dGhpcy5yZXNvbHZlPWE7dGhpcy5yZWplY3Q9Yn0pfX07d2luZG93LnZpZXdSZXE9W107ZnVuY3Rpb24gY2MoYSxiKXtiPyhiPWFiKCksYi5zcmM9YS5yZXBsYWNlKFwiJmFtcDtcIixcIiZcIiksYi5hdHRyaWJ1dGlvblNyYz1cIlwiLHdpbmRvdy52aWV3UmVxLnB1c2goYikpOihiPW5ldyBJbWFnZSxiLnNyYz1hLnJlcGxhY2UoXCImYW1wO1wiLFwiJlwiKSx3aW5kb3cudmlld1JlcS5wdXNoKGIpKX0gZnVuY3Rpb24gZGMoYSxiKXtjb25zdCBjPXtrZWVwYWxpdmU6ITAsY3JlZGVudGlhbHM6XCJpbmNsdWRlXCIscmVkaXJlY3Q6XCJmb2xsb3dcIixtZXRob2Q6XCJnZXRcIixtb2RlOlwibm8tY29yc1wifTtiJiYoYy5tb2RlPVwiY29yc1wiLFwic2V0QXR0cmlidXRpb25SZXBvcnRpbmdcImluIFhNTEh0dHBSZXF1ZXN0LnByb3RvdHlwZT9jLmF0dHJpYnV0aW9uUmVwb3J0aW5nPXtldmVudFNvdXJjZUVsaWdpYmxlOlwidHJ1ZVwiLHRyaWdnZXJFbGlnaWJsZTpcImZhbHNlXCJ9OmMuaGVhZGVycz17XCJBdHRyaWJ1dGlvbi1SZXBvcnRpbmctRWxpZ2libGVcIjpcImV2ZW50LXNvdXJjZVwifSk7ZmV0Y2goYSxjKS5jYXRjaCgoKT0%2Be2NjKGEsYil9KX1mdW5jdGlvbiBlYyhhLGIpe3dpbmRvdy5mZXRjaD9kYyhhLGIpOmNjKGEsYil9IGZ1bmN0aW9uIGZjKCl7Y29uc3QgYT10LmRvY3VtZW50O3JldHVybiBuZXcgUHJvbWlzZShiPT57Y29uc3QgYz1KYihhKTtpZihjKXt2YXIgZD0oKT0%2BeyhhLnByZXJlbmRlcmluZz8zOnt2aXNpYmxlOjEsaGlkZGVuOjIscHJlcmVuZGVyOjMscHJldmlldzo0LHVubG9hZGVkOjV9W2EudmlzaWJpbGl0eVN0YXRlfHxhLndlYmtpdFZpc2liaWxpdHlTdGF0ZXx8YS5tb3pWaXNpYmlsaXR5U3RhdGV8fFwiXCJdfHwwKSE9PTMmJihPYShhLGMsZCksYigpKX07UShhLGMsZCl9fSl9ZGI9NDI7IHdpbmRvdy52dT1hPT57dmFyIGI9UihJYSl8fFIoS2EpO2NvbnN0IGM9S2IoKTtpZihiJiZjPy5nbWFTZGs%2FLmdldFZpZXdTaWduYWxzKXt2YXIgZD1jLmdtYVNkay5nZXRWaWV3U2lnbmFscygpO2QmJiFSKEthKSYmKGE9UChhLFwiJm1zPVwiK2QpKX1SKEhhKSYmXCJfX2dvb2dsZV9saWRhcl9yYWRmX1wiaW4gd2luZG93JiYoYT1QKGEsXCImYXZyYWRmPTFcIikpO2NvbnN0IGY9W107ZD0oKT0%2Be2NvbnN0IGw9bmV3IGJjO2YucHVzaChsLnByb21pc2UpO3JldHVybiBsLnJlc29sdmV9O2lmKFIoTWEpKXt2YXIgZT1mYygpO2lmKGUhPW51bGwpe2NvbnN0IGw9ZCgpO2UudGhlbigoKT0%2Be2E9UChhLFwiJnNidHI9MVwiKTtsKCl9KX19UihMYSkmJihhPVAoYSxcIiZzYnRyPTFcIikpO2lmKFIoSmEpJiYoZT1hYygpLGUhPW51bGwpKXtjb25zdCBsPWQoKTtlLnRoZW4oaD0%2Be3RyeXtMPSEwO3ZhciBrPUpTT04uc3RyaW5naWZ5KEdhKGgpLHphKX1maW5hbGx5e0w9ITF9aD1bXTtmb3IodmFyIG09MCxuPTA7bjwgay5sZW5ndGg7bisrKXt2YXIgcD1rLmNoYXJDb2RlQXQobik7cD4yNTUmJihoW20rK109cCYyNTUscD4%2BPTgpO2hbbSsrXT1wfWs9MztrPT09dm9pZCAwJiYoaz0wKTtpZighRSlmb3IoRT17fSxtPVwiQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVphYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ejAxMjM0NTY3ODlcIi5zcGxpdChcIlwiKSxuPVtcIisvPVwiLFwiKy9cIixcIi1fPVwiLFwiLV8uXCIsXCItX1wiXSxwPTA7cDw1O3ArKyl7dmFyIHE9bS5jb25jYXQobltwXS5zcGxpdChcIlwiKSk7a2FbcF09cTtmb3IodmFyIHI9MDtyPHEubGVuZ3RoO3IrKyl7dmFyIHU9cVtyXTtFW3VdPT09dm9pZCAwJiYoRVt1XT1yKX19az1rYVtrXTttPUFycmF5KE1hdGguZmxvb3IoaC5sZW5ndGgvMykpO249a1s2NF18fFwiXCI7Zm9yKHA9cT0wO3E8aC5sZW5ndGgtMjtxKz0zKXt2YXIgQz1oW3FdLEQ9aFtxKzFdO3U9aFtxKzJdO3I9a1tDPj4yXTtDPWtbKEMmMyk8PDR8RD4%2BNF07RD1rWyhEJjE1KTw8Mnx1Pj42XTt1PWtbdSY2M107IG1bcCsrXT1yK0MrRCt1fXI9MDt1PW47c3dpdGNoKGgubGVuZ3RoLXEpe2Nhc2UgMjpyPWhbcSsxXSx1PWtbKHImMTUpPDwyXXx8bjtjYXNlIDE6aD1oW3FdLG1bcF09a1toPj4yXStrWyhoJjMpPDw0fHI%2BPjRdK3Urbn1oPW0uam9pbihcIlwiKTtoLmxlbmd0aD4wJiYoYT1QKGEsXCImdWFjaD1cIitoKSk7bCgpfSl9aWYoYiYmYz8ud2Via2l0Py5tZXNzYWdlSGFuZGxlcnM%2FLmdldEdtYVZpZXdTaWduYWxzKXtjb25zdCBsPWQoKTtMYihjLndlYmtpdC5tZXNzYWdlSGFuZGxlcnMuZ2V0R21hVmlld1NpZ25hbHMse30saD0%2Be1IoS2EpfHwoYT1QKGEsXCImXCIraCkpO2woKX0sKCk9PntsKCl9LDIwMCxIYixJYil9Y29uc3QgZz1TYShhKT09PSgyKS50b1N0cmluZygpfHxOYS50ZXN0KGEpO2cmJihiPU1iKHdpbmRvdy5kb2N1bWVudCk%2FNjo1LGE9WWEoYSxiKSk7Zi5sZW5ndGg%2BMD9Qcm9taXNlLmFsbChmKS50aGVuKCgpPT57ZWMoYSxnKX0pOmVjKGEsZyl9O30pLmNhbGwodGhpcyk7PC9zY3JpcHQ%2BPHNjcmlwdD52dShcImh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3Bjcy92aWV3P3hhaVxceDNkQUtBT2pzc3BldkxYeEJ3ODVNMFg2eGZOX3lFc25Tc19meDVUamMyc0xSVFJkYUVWV1d2VmlwVFJmU2dZcHV4a3N1d2lEUHV0WUNVQ1FRUnpuR2N5cUhxTlBYZlQ0VUxuODdzbHVTUzllVUVfSFFtUEQ5STdUZXNvRkh3Ul9LYTFla2hrWFBwVTVCUkdjSTVjX2VJX0VZN21rRTdCQlBtX2hxX1F0Y3Z2eHU3SlBwbXR2T0VOUE9kTV9COHNWNW1iTHo4ZjZmTzZLeTlRSURJdHRfbzdXTlRrQUdaeUsxaXRCV2ltYW15XzNtSG93SGdhZEN6NGNUZFZhWU85NmM0Q0RnNDRZQ2VSSnZ0MEtOaWx2Y2xPQlFaWW9mUGJ2WHRTZlBON205eHdBc2hndDE1MVQwVTB1d3pBa3FQcDJSaS1lMW9oczJqVzJVWXFBSkdlZWU1N2tTZEQzUHdQTFU5ZXc2UlduVTJ5c2VURlBaSTZGbGtpVlAzY0JEeGRJTC1KZmtuS0t4U3ViRDZYZENhUUptaEd4d05WWnduQ2FzeDhJTWswS3IwUkI0QUM0Z3hoRGhlUjBDWGI2ODYtSm1sQzlpNjA3RWd0U3pJU2dnXFx4MjZzYWlcXHgzZEFNZmwtWVNzRkp6ZEpfbjlYMi1MTzNUWW93RWs4THE2OFk2X0ZZelNxa3dMRlVkT0hkVGRxVFhlREpXQWRibFpiYmZRaE1Oa3J5YmxMMWV4MDZEN19GeUE1QXMtVWdNbmE0YUJFM3N6M3A4RnRiRnY5aEtxbFo3aFNkSGNSZDBcXHgyNnNpZ1xceDNkQ2cwQXJLSlN6T2lZUGJ3TlJfcjFFQUVcXHgyNnVhY2hfbVxceDNkJTVCVUFDSCU1RFxceDI2dXJsZml4XFx4M2QxXFx4MjZhZHVybFxceDNkXCIpPC9zY3JpcHQ%2BPGRpdiBjbGFzcz1cIkdvb2dsZUFjdGl2ZVZpZXdJbm5lckNvbnRhaW5lclwiIGlkPVwiYXZpY19DSUxvdGFPSjhvZ0RGZElpQmdBZGVoSW1yd1wiIHN0eWxlPVwibGVmdDowcHg7dG9wOjBweDt3aWR0aDoxMDAlO2hlaWdodDoxMDAlO3Bvc2l0aW9uOmZpeGVkO3BvaW50ZXItZXZlbnRzOm5vbmU7ei1pbmRleDotOTk5OTtcIj48L2Rpdj48ZGl2IHN0eWxlPVwiZGlzcGxheTppbmxpbmVcIiBjbGFzcz1cIkdvb2dsZUFjdGl2ZVZpZXdFbGVtZW50XCIgZGF0YS1nb29nbGUtYXYtY3huPVwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wY3MvYWN0aXZldmlldz94YWk9QUtBT2pzc2VnRlZVWlRrWDRDZlZHTl8yc2szNk5IMS01RGJWR3htaDNTWDBGYjMxRzRmeWJWMXdJWHRTcGpKNFVrOUpfQVdzQnJsOGdwalVKbTlWcjhHVG5RZzJTQWpWUkxxVmJyUVZfdm5zNXhRZFhROWh6Tzk1eHg3aDhZT3Boa2RmR1R6QUlnMXFvQnkwWldOWU1ORk1JRDFKQ0dITWVpd0hNYlBXSFdDQW1wa25oVVR1T1ZkMi0wRDQxZHh1WTUwWmRRNTJHQSZhbXA7c2lnPUNnMEFyS0pTekt5RzEwU1VGRWtCRUFFXCIgZGF0YS1nb29nbGUtYXYtYWRrPVwiNjczODE4NTgxXCIgZGF0YS1nb29nbGUtYXYtbWV0YWRhdGE9XCJsYT0wJmFtcDt4ZGk9MCZhbXA7XCIgZGF0YS1nb29nbGUtYXYtdWZzLWludGVncmF0b3ItbWV0YWRhdGE9XCJDcEVCQ2tkdGIyUmxiRjl3WlhKemIyNWZZMjkxYm5SeWVWOWpiMlJsWDBaSlgzQmxjbk52Ymw5eVpXZHBiMjVmWTI5a1pWODBOalE1TldZMU1qUTFOVE0xTkRSbU5EWXVhbk52YmhJYVEwbE1iM1JoVDBvNGIyZEVSbVJKYVVKblFXUmxhRWx0Y25jWUFTSVJDTVlSSU1ZUktBSXdBamdCWFFBQUFEOG83b3ZIcXZ2X19fX19BVER1aThlcUF6Z0RRQUZJQUJLcUFncWZBbWgwZEhCek9pOHZjR0ZuWldGa01pNW5iMjluYkdWemVXNWthV05oZEdsdmJpNWpiMjB2Y0dOekwyRmpkR2wyWlhacFpYY19lR0ZwUFVGTFFVOXFjM05sWjBaV1ZWcFVhMWcwUTJaV1IwNWZNbk5yTXpaT1NERXROVVJp&i=4-7&t=adltag_m1t71drt_hkGrbVdrZ35&r=eb8be4ba3634e4a822fefcc363dbe46&c=setupad-hai&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

access-control-max-age: 3000
x-amz-version-id: gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 21683
access-control-allow-methods: GET
x-cache: Error from cloudfront
x-amz-cf-id: S2F5LWHc0OXwAm1IuLYTZKvc5ZkOKNX0_Xw-qgmaxWQ73aTgt-ihKg==
date: Thu, 03 Oct 2024 05:33:41 GMT
content-type: image/gif
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-amz-cf-pop: FRA56-P2
server: AmazonS3

POST
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 6C0A 0
418 B 262ms
113ms Ping
image/gif 18.66.102.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=VmtkNGJXZ3pVMWd3Um1Jek1VYzBabmxpVmpGM1NWaDBVM0JxU2pSVmF6bEtYMEZYYzBKeWJEaG5jR3BWU20wNVZuSTRSMVJ1VVdjeVUwRnFWbEpNY1ZaaWNsRldYM1p1Y3pWNFVXUllVVGxvZWs4NU5YaDROMmc0V1U5d2FHdGtaa2RVZWtGSlp6RnhiMEo1TUZwWFRsbE5Ua1pOU1VReFNrTkhTRTFsYVhkSVRXSlFWMGhYUTBGdGNHdHVhRlZVZFU5V1pESXRNRVEwTVdSNGRWazFNRnBrVVRVeVIwRW1jMmxuUFVObk1FRnlTMHBUZWt0NVJ6RXdVMVZHUld0Q1JVRkZFZ0FhQUNBQktBQWFIQW9hUTBsTWIzUmhUMG80YjJkRVJtUkphVUpuUVdSbGFFbHRjbmNcIiBkYXRhLWdvb2dsZS1hdi1vdmVycmlkZT1cIi0xXCIgZGF0YS1nb29nbGUtYXYtZG09XCIyXCIgZGF0YS1nb29nbGUtYXYtYWlkPVwiMFwiIGRhdGEtZ29vZ2xlLWF2LW5haWQ9XCIxXCIgZGF0YS1nb29nbGUtYXYtc2xpZnQ9XCJcIiBkYXRhLWdvb2dsZS1hdi1jcG1hdj1cIlwiIGRhdGEtZ29vZ2xlLWF2LWJ0cj1cImh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3Bjcy92aWV3P3hhaT1BS0FPanN2UmVSRDlsRkdpaldNb2ZDLWpRdzVtZ0lWXy04WmlKWV9rRmh3clBSdG5iby1RNTgyX0QzZmFZXy1xTnF1NXdQUVJ0QWZ1WDhrVmEzX19YVW1EbDNCY1ZRT3hDc1lZNTRHMlBrelZiMFA3VllWaWRzcjRWemtyeGVtdlpFbEhraEM4c3ZtYXVlOTF0S1dsZ2twUXBMYmFVVENJMkhzUWlIVmRnZ3ZBWk1nM0tGMUNQWHBvUmpRTDJFUV9BSjFJb0pWU05Fcm5MMkM5Mmw1UE85N3dKMjlZYXU1V01iM1Q0SngzWllCT0p6eWxTcXlsRlozU2gwRFpiTVJrdndKRVlzQXRDRVNqZTZCSzFSN1kwZjNuUTlIT3hxcjBnWXo5dGIzQWNaVlNzU1JtOEdNemhib1Z3ZGJHd1o0dDQ0UGZ5Vk5xV2h2NkRLN3NWeWFtS21hdXZSbkpQcnJrWlpONlhjUVRnWVcwc0dCLWtvY29sUDhRb3ZPSU1MTjN5T1YxRmd5ano4MVFOWVZLM0wzbXA4b2ZJdEltNzVkbEk2N0tiOHM0bUd3QnlIWklXMGROWVo2ano4WVNKcTRvSEFtTjJiOF9vU0NZRnc3eSZhbXA7c2FpPUFNZmwtWVQxYmJVLW01d3oteC1TWElWOEszUV9EQ1FsSGRKM0tjSVRrY0hpZDN3MGJseDlicTU1OTJzb0x0LXZJZXY5bjlVam9tZi1fNDhYaWdiM1gtNXhwR2ZId1g1Wlk2YURncW85QTFZSUtTckNWdURndFJ4LUg0eXN1a2MmYW1wO3NpZz1DZzBBcktKU3pIRm8xaFRDS01QNEVBRSZhbXA7dWFjaF9tPSU1QlVBQ0glNUQmYW1wO3VybGZpeD0xJmFtcDthZHVybD1cIiBkYXRhLWdvb2dsZS1hdi1pdHBsPVwiMTlcIiBkYXRhLWdvb2dsZS1hdi1ycz1cIjRcIiBkYXRhLWdvb2dsZS1hdi1mbGFncz1cIlsmcXVvdDt4JTI3ODQ0MCc5ZWZvdG0oJmFtcDs3NTMzNzQlMmJlanZmLyUyNzg0ND4nOXd1dmIkJmFtcDs1NjUzMz4hPXx2cWMpITI3Mzc5NCZhbXA7PHFxdmIvJTwxNzM1MDIwIT1uZWh1YC8hMzY0PTUwNTEhOWFia3thKCQxNjAyMTA6MyZhbXA7PGNib3RmKyowMTUwMDM0OiUyYmVqdmYvJTcyOzE3NjEzIT1lZmR3YSonNzY0NjM7MjEkP2Via3BiJCZhbXA7MDM2NjcxNz4qPmJnaXBmKyEzPTcxMjM2MyU5YWlod2MpITcyMDI8MjE3JzllZm90bSgmYW1wOzIwMDYxOzQ4JmFtcDs%2BYGRvcGIvJTwxNzA3MjAwIT04KCZhbXA7MjAwNTU3NT8mYW1wOz5gZG9wYi8lPDE3MDY0Mj8hPXx2cWMpITcyMDE7PTUwJzl3dXZiJCZhbXA7MDM2NDE2NTQqPmJnaXBmKyEzPTczMTEwMyU5YWlod2MpITcyMDA%2FMDczJzllZm90bSgmYW1wOzIwMDQ%2FNTE7JmFtcDs%2BYGRvcGIvJTwxNz40NzQ%2BIT1uZWh1YC8hMzY0MDY0MTIhOWFia3thKCQxNjc3NDU7PSZhbXA7PGNib3RmKyowMTI1NDEzMyUycHZzYC8hMzYzODM2MjQhOWFia3thKCQxNjc1NzQ%2BNyZhbXA7PHFxdmIvJTwxMDQ9NDYwIT1uZWh1YC8hMzYzOzQyPjchOWFia3thKCQxNjU2OzM%2FPCZhbXA7PGNib3RmKyowMTAxMTc3NiUyYmVqdmYvJTcyPjE3MjY2IT1lZmR3YXsmcXVvdDtdXCIgZGF0YS1jcmVhdGl2ZS1sb2FkLWxpc3RlbmVyPVwiXCI%2BPHNjcmlwdD5cbnZhciB3ID0gd2luZG93O1xuZm9yIChpID0gMDsgaSA8IDEwOyBpKyspIHtcbiAgdyA9IHcucGFyZW50O1xuICBpZiAody5zdHBkKSB7XG4gICAgdHJ5IHtcbiAgICAgIHcuc3RwZC5yZW5kZXJBZChkb2N1bWVudCwgJzg3MGUxNDYxZmI0MGEzOCcpO1xuICAgICAgYnJlYWs7XG4gICAgfSBjYXRjaCAoZSkge1xuICAgICAgY29udGludWU7XG4gICAgfVxuICB9XG59XG48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL3RyYWNrLmFkZm9ybS5uZXQvYWRmc2NyaXB0Lz9ibj02ODg1Mzk3MDtydGJ3cD1XLUExZ1ExVU9wTHpYMmJFS2pNOG9xemJvVUZRRzN5cDA7cnRiZGF0YT1VWlN3Y3JFQS16bFVVRXh3YTI3SFh3UjdQNHhjUXpnbFRzZzlPZXFMZGQ1d2tIY2V1Y2NnS0hqdnZ3U2hmdnpteS1qMjhvdGdLSzQzYXZyTjhrV0s0c2pac2ZsZU9XdVM3bWgtZDRpV3dtd0YxRTFqekNUSUU4R3hmbHB4RllQMVJKd0ZjakdWM3dGMXdtWTg3bzloNVNudUdWN0xlSXZzN1U1SnF6YWNBb1k0RG9SV1dyaHlIdFdnZVYwWXVPc19PMGFLTUlkbmpLN29pcXptYWE1c0RnaTY2dzQ1YTJXY1hUU0RSb1RwUV9MWFZlUnlnUjdaUGV5azIxQmF6R000Xy1sTEx4OTV6YzNVWS1uNHBOeUNJVmZqYWhZeUpWM3RBdEdTa0V0M1Q0LXgwWnJ5UDNKRHBZSjZ3cUtlckJ0UjA7Y3NpZD02MDk3MjthZHhjbWQ9UVR3dU9JdWFNV3h4V1hwX2VCRV81dzI7YWR4dmFycz1iWjVMTTBONkxjbUtvdkEya242OUlrVld6ek82SFZxTHhpd0RocjdXQmZDUVIyYk85R184VjVHNGRXQVplR0d3MjFTVG5pck03ZWM5allJTDBrTnBqVWFtVWZzdV9pWnFCUWNDeGJyY3JYcm00R2QybnJWcDNfQy1WdXdFaXA0UHExVDF5T194bVItTll4M3FxUGk4UmFWWjk4TW5kMDYwR09BNTJubTdwMUo1TTZQVEVabFFsMHhGajloblR4RWc2cjFUSzQ5N2F6WDlSZ3RDMXQ1YVgzVzhfNlZ2dGo2U05TSVhXUHV5OWhGdlpQZXAtMl9hM3VyVkg2OVZIV3RaaFNSUGlZOFlSbGhhcHYyc0dnX2NTUzRrcndUcGR2Rkpnd2tKVGxJT3dWYlNSNXdwUENFZnpPclZINjlWSFd0WlJFVmxmTDBsWTdjSjdhZG5lX2gxeFdHd1BNZGE1TlZqYjJUM3FmdHYydDQwd19SYnlaTU0xd0dnS1FLckUxVnQ0X0NXU1V4ZDNjS2FDT0w1Skgwd3hJYUQ3TE42Z25Ta3hhTUI3RTNJczVVMTtwdWk9MlNobGppeEJMcmJpMGhYbDA4anVISEZBSENLUTdqT0VCYVcwSnFkdk1NaFRXeXlPd3M3dmpWTWNKMFBHeHFjRTAtTGZWU2lGRXdjOE5OQjAtMUU1U042dldtVzFkbFNhMDtcIj48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL3MxLmFkZm9ybS5uZXQvbWluay82MzIvczEuYWRmb3JtLm5ldC9ib290c3RyYXAuanNcIj48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL3RyYWNrLmFkZm9ybS5uZXQvYWRmc2VydmUvP0NDPTEmYW1wO2JuPTY4ODUzOTcwO3J0YndwPVctQTFnUTFVT3BMelgyYkVLak04b3F6Ym9VRlFHM3lwMDtydGJkYXRhPVVaU3djckVBLXpsVVVFeHdhMjdIWHdSN1A0eGNRemdsVHNnOU9lcUxkZDV3a0hjZXVjY2dLSGp2dndTaGZ2em15LWoyOG90Z0tLNDNhdnJOOGtXSzRzalpzZmxlT1d1UzdtaC1kNGlXd213RjFFMWp6Q1RJRThHeGZscHhGWVAxUkp3RmNqR1Yzd0Yxd21ZODdvOWg1U251R1Y3TGVJdnM3VTVKcXphY0FvWTREb1JXV3JoeUh0V2dlVjBZdU9zX08wYUtNSWRuaks3b2lxem1hYTVzRGdpNjZ3NDVhMldjWFRTRFJvVHBRX0xYVmVSeWdSN1pQZXlrMjFCYXpHTTRfLWxMTHg5NXpjM1VZLW40cE55Q0lWZmphaFl5SlYzdEF0R1NrRXQzVDQteDBacnlQM0pEcFlKNndxS2VyQnRSMDtjc2lkPTYwOTcyO2FkeGNtZD1RVHd1T0l1YU1XeHhXWHBfZUJFXzV3MjthZHh2YXJzPWJaNUxNME42TGNtS292QTJrbjY5SWtWV3p6TzZIVnFMeGl3RGhyN1dCZkNRUjJiTzlHXzhWNUc0ZFdBWmVHR3cyMVNUbmlyTTdlYzlqWUlMMGtOcGpVYW1VZnN1X2lacUJRY0N4YnJjclhybTRHZDJuclZwM19DLVZ1d0VpcDRQcTFUMXlPX3htUi1OWXgzcXFQaThSYVZaOThNbmQwNjBHT0E1Mm5tN3AxSjVNNlBURVpsUWwweEZqOWhuVHhFZzZyMVRLNDk3YXpYOVJndEMxdDVhWDNXOF82VnZ0ajZTTlNJWFdQdXk5aEZ2WlBlcC0yX2EzdXJWSDY5VkhXdFpoU1JQaVk4WVJsaGFwdjJzR2dfY1NTNGtyd1RwZHZGSmd3a0pUbElPd1ZiU1I1d3BQQ0Vmek9yVkg2OVZIV3RaUkVWbGZMMGxZN2NKN2FkbmVfaDF4V0d3UE1kYTVOVmpiMlQzcWZ0djJ0NDB3X1JieVpNTTF3R2dLUUtyRTFWdDRfQ1dTVXhkM2NLYUNPTDVKSDB3eElhRDdMTjZnblNreGFNQjdFM0lzNVUxO3B1aT0yU2hsaml4QkxyYmkwaFhsMDhqdUhIRkFIQ0tRN2pPRUJhVzBKcWR2TU1oVFd5eU93czd2alZNY0owUEd4cWNFMC1MZlZTaUZFd2M4Tk5CMC0xRTVTTjZ2V21XMWRsU2EwOztqc29uPTE7anM9MTthZGZ4aWQ9MXg7NTEyNztzZXQ9ZmktRkl8ZmktRkl8MTYwMFgxMjAwfHwxNTB8NjAwfDI0fDh8M3w3fDB8MDtmZD0wfDImYW1wO0NSRUZVUkw9aHR0cHMlM0ElMkYlMkZzYW1mdy5jb20lMkZcIiBhdHRyaWJ1dGlvbnNyYz1cIlwiPjwvc2NyaXB0PjxkaXYgaWQ9XCIrQURGUDF4XCIgc3R5bGU9XCJ3aWR0aDoxNjBweDtoZWlnaHQ6NjAwcHg7XCI%2BPC9kaXY%2BPGkgc3R5bGU9XCJkaXNwbGF5Om5vbmVcIj48L2k%2BPHNjcmlwdCBzcmM9XCJodHRwczovL3MxLmFkZm9ybS5uZXQvYmFubmVycy9zY3JpcHRzL2FkeC5qc1wiPjwvc2NyaXB0PjxpIHN0eWxlPVwiZGlzcGxheTogbm9uZVwiIGlkPVwiNzVhMTE3MDAzYzkyNGIzNjlmYjg0NWY4MjE1OWQwYWJcIj48L2k%2BPHNjcmlwdD4oX2ZzY29wZSA9IHdpbmRvdy5fZnNjb3BlIHx8IFtdKS5wdXNoKGZ1bmN0aW9uIChmc2NvcGUpIHtmc2NvcGUucmVnaXN0ZXIoe1wiQWRTbG90SWRcIjpcIjc1YTExNzAwM2M5MjRiMzY5ZmI4NDVmODIxNTlkMGFiXCIsXCJDb29raWVJZFwiOm51bGwsXCJTZXJpYWxpemVkVXNlcklkZW50aXR5XCI6XCIyU2hsaml4QkxyYmkwaFhsMDhqdUhIRkFIQ0tRN2pPRUJhVzBKcWR2TU1oVFd5eU93czd2alZNY0owUEd4cWNFMC1MZlZTaUZFd2M4Tk5CMC0xRTVTTjZ2V21XMWRsU2EwXCIsXCJXaWR0aFwiOjE2MCxcIkhlaWdodFwiOjYwMCxcIlRlc3RJZFwiOm51bGwsXCJTZXJpYWxpemVkQWR4VmFyc1wiOlwiYlo1TE0wTjZMY21Lb3ZBMmtuNjlJa1ZXenpPNkhWcUx4aXdEaHI3V0JmQ1FSMmJPOUdfOFY1RzRkV0FaZUdHdzIxU1RuaXJNN2VjOWpZSUwwa05walVhbVVmc3VfaVpxQlFjQ3hicmNyWHJtNEdkMm5yVnAzX0MtVnV3RWlwNFBxMVQxeU9feG1SLU5ZeDNxcVBpOFJhVlo5OE1uZDA2MEdPQTUybm03cDFKNU02UFRFWmxRbDB4Rmo5aG5UeEVnNnIxVEs0OTdhelg5Umd0QzF0NWFYM1c4XzZWdnRqNlNOU0lYV1B1eTloRnZaUGVwLTJfYTN1clZINjlWSFd0WmhTUlBpWThZUmxoYXB2MnNHZ19jU1M0a3J3VHBkdkZKZ3drSlRsSU93VmJTUjV3cFBDRWZ6T3JWSDY5VkhXdFpSRVZsZkwwbFk3Y0o3YWRuZV9oMXhXR3dQTWRhNU5WamIyVDNxZnR2MnQ0MHdfUmJ5Wk1NMXdHZ0tRS3JFMVZ0NF9DV1NVeGQzY0thQ09MNUpIMHd4SWFEN0xONmduU2t4YU1CN0UzSXM1VTFcIixcIlB1Ymxpc2hlclZpc2liaWxpdHlUaW1lXCI6MSxcIlB1Ymxpc2hlclZpc2liaWxpdHlBcmVhXCI6NTAsXCJVbmxvYWRIYW5kbGVyVXJsXCI6XCJodHRwczovL2FkeC5hZGZvcm0ubmV0L2FkeC91bmxvYWQvP1wiLFwiR2RwclwiOm51bGwsXCJHZHByQ29uc2VudFwiOm51bGwsXCJHcHBcIjpudWxsLFwiR3BwU2lkXCI6bnVsbCxcIklzTW9iaWxlXCI6ZmFsc2V9KTt9KTs8L3NjcmlwdD48L2Rpdj48c2NyaXB0IGlkPVwiZ29vZ2xlQWN0aXZlVmlld0Rpc3BsYXlTY3JpcHRcIiBzcmM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9tYW5hZ2VkL2pzL2FjdGl2ZXZpZXcvY3VycmVudC91ZnNfd2ViX2Rpc3BsYXkuanNcIj48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj5vc2Rs&i=5-7&t=adltag_m1t71drt_hkGrbVdrZ35&r=eb8be4ba3634e4a822fefcc363dbe46&c=setupad-hai&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

access-control-max-age: 3000
x-amz-version-id: gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 21683
access-control-allow-methods: GET
x-cache: Error from cloudfront
x-amz-cf-id: ETX90eh-CsESAX19sbUIDWZNqcoZGQqFu8I-dLHgp538myLLAxsypg==
date: Thu, 03 Oct 2024 05:33:41 GMT
content-type: image/gif
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-amz-cf-pop: FRA56-P2
server: AmazonS3

POST
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 6C0A 0
420 B 260ms
112ms Ping
image/gif 18.66.102.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=Zm0oKTs8L3NjcmlwdD48ZGl2IHN0eWxlPVwiYm90dG9tOjA7cmlnaHQ6MDt3aWR0aDoxMDBweDtoZWlnaHQ6MTAwcHg7YmFja2dyb3VuZDppbml0aWFsICFpbXBvcnRhbnQ7cG9zaXRpb246YWJzb2x1dGUgIWltcG9ydGFudDttYXgtd2lkdGg6MTAwJSAhaW1wb3J0YW50O21heC1oZWlnaHQ6MTAwJSAhaW1wb3J0YW50O3BvaW50ZXItZXZlbnRzOm5vbmUgIWltcG9ydGFudDtpbWFnZS1yZW5kZXJpbmc6cGl4ZWxhdGVkICFpbXBvcnRhbnQ7ei1pbmRleDoyMTQ3NDgzNjQ3O2JhY2tncm91bmQtaW1hZ2U6dXJsKCdkYXRhOmltYWdlL3BuZztiYXNlNjQsaVZCT1J3MEtHZ29BQUFBTlNVaEVVZ0FBQUNzQUFBQVdCQU1BQUFDcmwzaUFBQUFBQmxCTVZFVUFBQUQrQWNpV21aeldBQUFBQW5SU1RsTUFBcGlkckJRQUFBQjlTVVJCVkJqVGJaQUJEc0F3Q0FMcEQvei9hNWNDS2x0bU0xdFRpamVCL3pnSzdsc0J4ZHVLNzJicUVJdlZ2YWtxWnA1ZGpacU9xY2JrOEc2U2RqYkpSRjNYNUlhVkVEbTlMNElvYk10eUtTVHFncDZWUDBEMTJha2dyTEhFNnNLblEwcUtzQTZ0VytVVW1sOFBZNEtTSysrOHgvM2xiUksxd1lmYTJnY2RCd1dpR1I3aEhRQUFBQUJKUlU1RXJrSmdnZz09JykgIWltcG9ydGFudDtcIj48L2Rpdj48c2NyaXB0IGRhdGEtamM9XCIxMDNcIiBkYXRhLWpjLXZlcnNpb249XCJyMjAyNDEwMDFcIiBkYXRhLWpjcC1iYXNlX3VybD1cImh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9jb252ZXJzaW9uLz9haT0mYW1wO3NpZ2g9QnBuZnhJYWF1UVVcIiBkYXRhLWpjcC1jcHVfbGFiZWw9XCJoZWF2eV9hZF9pbnRlcnZlbnRpb25fY3B1XCIgZGF0YS1qY3AtbmV0X2xhYmVsPVwiaGVhdnlfYWRfaW50ZXJ2ZW50aW9uX25ldHdvcmtcIj4oZnVuY3Rpb24oKXsndXNlIHN0cmljdCc7LyogIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wICovIHZhciBsPXRoaXN8fHNlbGY7ZnVuY3Rpb24gbShhKXtsLnNldFRpbWVvdXQoKCk9Pnt0aHJvdyBhO30sMCl9O3ZhciBuLHE7YTp7Zm9yKHZhciByPVtcIkNMT1NVUkVfRkxBR1NcIl0sdT1sLHY9MDt2PHIubGVuZ3RoO3YrKylpZih1PXVbclt2XV0sdT09bnVsbCl7cT1udWxsO2JyZWFrIGF9cT11fXZhciB3PXEmJnFbNjEwNDAxMzAxXTtuPXchPW51bGw%2FdzohMTt2YXIgeDtjb25zdCB5PWwubmF2aWdhdG9yO3g9eT95LnVzZXJBZ2VudERhdGF8fG51bGw6bnVsbDtmdW5jdGlvbiB6KGEpe3JldHVybiBuP3g%2FeC5icmFuZHMuc29tZSgoe2JyYW5kOmJ9KT0%2BYiYmYi5pbmRleE9mKGEpIT0tMSk6ITE6ITF9ZnVuY3Rpb24gQShhKXt2YXIgYjthOntpZihiPWwubmF2aWdhdG9yKWlmKGI9Yi51c2VyQWdlbnQpYnJlYWsgYTtiPVwiXCJ9cmV0dXJuIGIuaW5kZXhPZihhKSE9LTF9O2Z1bmN0aW9uIEIoKXtyZXR1cm4gbj8hIXgmJnguYnJhbmRzLmxlbmd0aD4wOiExfWZ1bmN0aW9uIEMoKXtyZXR1cm4gQigpP3ooXCJDaHJvbWl1bVwiKTooQShcIkNocm9tZVwiKXx8QShcIkNyaU9TXCIpKSYmIShCKCk%2FMDpBKFwiRWRnZVwiKSl8fEEoXCJTaWxrXCIpfTshQShcIkFuZHJvaWRcIil8fEMoKTtDKCk7QShcIlNhZmFyaVwiKSYmKEMoKXx8KEIoKT8wOkEoXCJDb2FzdFwiKSl8fChCKCk%2FMDpBKFwiT3BlcmFcIikpfHwoQigpPzA6QShcIkVkZ2VcIikpfHwoQigpP3ooXCJNaWNyb3NvZnQgRWRnZVwiKTpBKFwiRWRnL1wiKSl8fEIoKSYmeihcIk9wZXJhXCIpKTt2YXIgRD1TeW1ib2woKTt2YXIgRT17fSxGPXt9O2Z1bmN0aW9uIEcoYSl7cmV0dXJuISghYXx8dHlwZW9mIGEhPT1cIm9iamVjdFwifHxhLnMhPT1GKX1mdW5jdGlvbiBIKGEpe3JldHVybiBhIT09bnVsbCYmdHlwZW9mIGE9PT1cIm9iamVjdFwiJiYhQXJyYXkuaXNBcnJheShhKSYmYS5jb25zdHJ1Y3Rvcj09PU9iamVjdH1mdW5jdGlvbiBJKGEpe3JldHVybiFBcnJheS5pc0FycmF5KGEpfHxhLmxlbmd0aD8hMTooYVtEXXwwKSYxPyEwOiExfTtjb25zdCBKPUJpZ0ludChOdW1iZXIuTUlOX1NBRkVfSU5URUdFUiksSz1CaWdJbnQoTnVtYmVyLk1BWF9TQUZFX0lOVEVHRVIpO2Z1bmN0aW9uIEwoYSxiKXt2YXIgZD1NPy5nZXQoYik%2FLmdldChhKSxjO2lmKGM9ZCl7YTppZihhLmxlbmd0aCE9PWQubGVuZ3RoKWQ9ITE7ZWxzZXtmb3IoY29uc3QgZyBpbiBkKXt2YXIgZj1OdW1iZXIoZyk7aWYoYz1OdW1iZXIuaXNJbnRlZ2VyKGYpKWM9YVtmXSxmPWRbZl0sYz0hKE51bWJlci5pc05hTihjKT9OdW1iZXIuaXNOYU4oZik6Yz09PWYpO2lmKGMpe2Q9ITE7YnJlYWsgYX19ZD0hMH1jPSFkfWMmJihOKCksTT8uZ2V0KGIpPy5kZWxldGUoYSkpfWZ1bmN0aW9uIE4oKXtjb25zdCBhPUVycm9yKCk7YS5fX2Nsb3N1cmVfX2Vycm9yX19jb250ZXh0X185ODQzODJ8fChhLl9fY2xvc3VyZV9fZXJyb3JfX2NvbnRleHRfXzk4NDM4Mj17fSk7YS5fX2Nsb3N1cmVfX2Vycm9yX19jb250ZXh0X185ODQzODIuc2V2ZXJpdHk9XCJpbmNpZGVudFwiO20oYSl9bGV0IE09dm9pZCAwO2xldCBPO2Z1bmN0aW9uIFAoYSxiKXtyZXR1cm4gUShiKX1mdW5jdGlvbiBRKGEpe3N3aXRjaCh0eXBlb2YgYSl7Y2FzZSBcIm51bWJlclwiOnJldHVybiBpc0Zpbml0ZShhKT9hOlN0cmluZyhhKTtjYXNlIFwiYmlnaW50XCI6cmV0dXJuIGE%2BPUomJmE8PUs%2FTnVtYmVyKGEpOlN0cmluZyhhKTtjYXNlIFwiYm9vbGVhblwiOnJldHVybiBhPzE6MDtjYXNlIFwib2JqZWN0XCI6aWYoYSlpZihBcnJheS5pc0FycmF5KGEpKXtpZihJKGEpKXJldHVybn1lbHNlIGlmKGEhPW51bGwmJmEgaW5zdGFuY2VvZiBVaW50OEFycmF5KXtsZXQgYj1cIlwiLGQ9MDtjb25zdCBjPWEubGVuZ3RoLTEwMjQwO2Zvcig7ZDxjOyliKz1TdHJpbmcuZnJvbUNoYXJDb2RlLmFwcGx5KG51bGwsYS5zdWJhcnJheShkLGQrPTEwMjQwKSk7Yis9U3RyaW5nLmZyb21DaGFyQ29kZS5hcHBseShudWxsLGQ%2FYS5zdWJhcnJheShkKTphKTtyZXR1cm4gYnRvYShiKX19cmV0dXJuIGF9O2Z1bmN0aW9uIFIoYSxiLGQsYyxmKXtpZihhIT1udWxsKXtpZihBcnJheS5pc0FycmF5KGEpKWE9SShhKT92b2lkIDA6ZiYmKGFbRF18MCkmMj9hOlMoYSxiLGQsYyE9PXZvaWQgMCxmKTtlbHNlIGlmKEgoYSkpe2NvbnN0IGc9e307Zm9yKGxldCBlIGluIGEpZ1tlXT1SKGFbZV0sYixkLGMsZik7YT1nfWVsc2UgYT1iKGEsYyk7cmV0dXJuIGF9fWZ1bmN0aW9uIFMoYSxiLGQsYyxmKXtjb25zdCBnPWN8fGQ%2FYVtEXXwwOjA7Yz1jPyEhKGcmMzIpOnZvaWQgMDthPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGEpO2ZvcihsZXQgZT0wO2U8YS5sZW5ndGg7ZSsrKWFbZV09UihhW2VdLGIsZCxjLGYpO2QmJmQoZyxhKTtyZXR1cm4gYX1mdW5jdGlvbiBhYShhKXtyZXR1cm4gYS5sPT09RT9hLnRvSlNPTigpOlEoYSl9O2Z1bmN0aW9uIFQoYSxiLGQpe2lmKGQhPW51bGwmJnR5cGVvZiBkIT09XCJzdHJpbmdcIil0aHJvdyBFcnJvcigpO2E9YS5nO2xldCBjPWFbRF07aWYoYyYyKXRocm93IEVycm9yKCk7YTp7Y29uc3QgZj1jPj4xNSYxMDIzfHw1MzY4NzA5MTI7aWYoYj49Zil7bGV0IGcsZT1jO2lmKGMmMjU2KWc9YVthLmxlbmd0aC0xXTtlbHNle2lmKGQ9PW51bGwpYnJlYWsgYTtnPWFbZisoKyEhKGMmNTEyKS0xKV09e307ZXw9MjU2fWdbYl09ZDtiPGYmJihhW2IrKCshIShjJjUxMiktMSldPXZvaWQgMCk7ZSE9PWMmJihhW0RdPWUpfWVsc2UgYVtiKygrISEoYyY1MTIpLTEpXT1kLGMmMjU2JiYoZD1hW2EubGVuZ3RoLTFdLGIgaW4gZCYmZGVsZXRlIGRbYl0pfX07bGV0IFU7dmFyIFc9Y2xhc3N7Y29uc3RydWN0b3IoKXthOnt2YXIgYT12b2lkIDA7YT09bnVsbCYmKGE9Tyk7Tz12b2lkIDA7aWYoYT09bnVsbCl7dmFyIGI9OTY7YT1bXX1lbHNle2lmKCFBcnJheS5pc0FycmF5KGEpKXRocm93IEVycm9yKFwibmFyclwiKTtiPWFbRF18MDtpZihiJjIwNDgpdGhyb3cgRXJyb3IoXCJmYXJyXCIpO2lmKGImNjQpYnJlYWsgYTt2YXIgZD1hO2J8PTY0O3ZhciBjPWQubGVuZ3RoO2lmKGMmJigtLWMsSChkW2NdKSkpe2J8PTI1NjtkPWMtKCshIShiJjUxMiktMSk7aWYoZD49MTAyNCl0aHJvdyBFcnJvcihcInB2dGxtdFwiKTtiPWImLTMzNTIxNjY1fChkJjEwMjMpPDwxNX19YVtEXT1ifXRoaXMuZz1hfXRvSlNPTigpe3JldHVybiBWKHRoaXMpfX07Vy5wcm90b3R5cGUubD1FO1cucHJvdG90eXBlLnRvU3RyaW5nPWZ1bmN0aW9uKCl7dHJ5e3JldHVybiBVPSEwLFYodGhpcykudG9TdHJpbmcoKX1maW5hbGx5e1U9ITF9fTsgZnVuY3Rpb24gVihhKXtpZihhJiZNPy5oYXMoYSkpe3ZhciBiPWEuZztpZihiKWZvcih2YXIgZD0wO2Q8Yi5sZW5ndGg7ZCsrKXt2YXIgYz1iW2RdO2lmKGQ9PT1iLmxlbmd0aC0xJiZIKGMpKWZvcih2YXIgZiBpbiBjKXt2YXIgZz1jW2ZdO0FycmF5LmlzQXJyYXkoZykmJkwoZyxhKX1lbHNlIEFycmF5LmlzQXJyYXkoYykmJkwoYyxhKX19YT1VP2EuZzpTKGEuZyxhYSx2b2lkIDAsdm9pZCAwLCExKTtiPSFVO2lmKGM9YS5sZW5ndGgpe2Y9YVtjLTFdOyhnPUgoZikpP2MtLTpmPXZvaWQgMDtkPWE7aWYoZyl7Yjp7dmFyIGU9Zjt2YXIgaDt2YXIgaz0hMTtpZihlKWZvcihsZXQgdCBpbiBlKWlzTmFOKCt0KT8oaD8%2FKGg9e30pKVt0XT1lW3RdOihnPWVbdF0sQXJyYXkuaXNBcnJheShnKSYmKEkoZyl8fEcoZykmJmcuc2l6ZT09PTApJiYoZz1udWxsKSxnPT1udWxsJiYoaz0hMCksZyE9bnVsbCYmKChoPz8oaD17fSkpW3RdPWcpKTtrfHwoaD1lKTtpZihoKWZvcihsZXQgdCBpbiBoKXtrPSBoO2JyZWFrIGJ9az1udWxsfWU9az09bnVsbD9mIT1udWxsOmshPT1mfWZvcig7Yz4wO2MtLSl7aD1kW2MtMV07aWYoIShoPT1udWxsfHxJKGgpfHxHKGgpJiZoLnNpemU9PT0wKSlicmVhazt2YXIgcD0hMH1pZihkIT09YXx8ZXx8cCl7aWYoIWIpZD1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChkLDAsYyk7ZWxzZSBpZihwfHxlfHxrKWQubGVuZ3RoPWM7ayYmZC5wdXNoKGspfXA9ZH1lbHNlIHA9YTtyZXR1cm4gcH07dmFyIGJhPWNsYXNzIGV4dGVuZHMgV3t9O2Z1bmN0aW9uIGNhKGE9d2luZG93KXtyZXR1cm4gYX07dmFyIGRhPS8jfCQvO2NvbnN0IFg9ZnVuY3Rpb24oYSxiPW51bGwpe3JldHVybiBiJiZiLmdldEF0dHJpYnV0ZShcImRhdGEtamNcIik9PT1TdHJpbmcoYSk%2FYjpkb2N1bWVudC5xdWVyeVNlbGVjdG9yKGBbJHtcImRhdGEtamNcIn09XCIke2F9XCJdYCl9KDEwMyxkb2N1bWVudC5jdXJyZW50U2NyaXB0KTtpZihYPT1udWxsKXRocm93IEVycm9yKFwiSlNDIG5vdCBmb3VuZCAxMDNcIik7Y29uc3QgWT17fSxaPVguYXR0cmlidXRlcztmb3IobGV0IGE9Wi5sZW5ndGgtMTthPj0wO2EtLSl7Y29uc3QgYj1aW2FdLm5hbWU7Yi5pbmRleE9mKFwiZGF0YS1qY3AtXCIpPT09MCYmKFlbYi5zdWJzdHJpbmcoOSldPVpbYV0udmFsdWUpfSAoZnVuY3Rpb24oYSxiLGQpe3ZhciBjPXdpbmRvdzthJiZiJiZkJiZjLlJlcG9ydGluZ09ic2VydmVyJiZjLmZldGNoJiYobmV3IGMuUmVwb3J0aW5nT2JzZXJ2ZXIoKGYsZyk9PntmPWZbMF07aWYoZj8uYm9keT8uaWQ9PT1cIkhlYXZ5QWRJbnRlcnZlbnRpb25cIil7Zj0oZi5ib2R5Lm1lc3NhZ2U%2FLmluZGV4T2YoXCJuZXR3b3JrXCIpfHwwKT4wP2Q6Yjt2YXIgZT1hLnNlYXJjaChkYSk7dmFyIGg7Yjp7Zm9yKGg9MDsoaD1hLmluZGV4T2YoXCJhZF9zaWduYWxzXCIsaCkpPj0wJiZoPGU7KXt2YXIgaz1hLmNoYXJDb2RlQXQoaC0xKTtpZihrPT0zOHx8az09NjMpaWYoaz1hLmNoYXJDb2RlQXQoaCsxMCksIWt8fGs9PTYxfHxrPT0zOHx8az09MzUpYnJlYWsgYjtoKz0xMX1oPS0xfWlmKGg8MCllPW51bGw7ZWxzZXtrPWEuaW5kZXhPZihcIiZcIixoKTtpZihrPDB8fGs%2BZSlrPWU7ZT1kZWNvZGVVUklDb21wb25lbnQoYS5zbGljZShoKzExLGshPT0tMT9rOjApLnJlcGxhY2UoL1xcKy9nLFwiIFwiKSl9aWYoZSl7aWYobmF2aWdhdG9yLnNlbmRCZWFjb24oXCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3lu&i=6-7&t=adltag_m1t71drt_hkGrbVdrZ35&r=eb8be4ba3634e4a822fefcc363dbe46&c=setupad-hai&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

access-control-max-age: 3000
x-amz-version-id: gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 21683
access-control-allow-methods: GET
x-cache: Error from cloudfront
x-amz-cf-id: NoYk9x0v3-n3_G1K3pLVHkXTNQTYNCHX1-I2Xrq_WTruv4Z3JVOvFQ==
date: Thu, 03 Oct 2024 05:33:41 GMT
content-type: image/gif
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-amz-cf-pop: FRA56-P2
server: AmazonS3

POST
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 6C0A 0
419 B 110ms
109ms Ping
image/gif 18.66.102.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=ZGljYXRpb24uY29tL3BhZ2VhZC9nZW5fMjA0Lz9pZD1mbGVkZ2VfaW50ZXJhY3Rpb25zJmxhYmVsPVwiKyBmKSxlPXtoOmUsbGFiZWw6Zn0sZj1uZXcgYmEsZSE9bnVsbCYmKGUuaCE9bnVsbCYmVChmLDEsZS5oKSxlLm8hPW51bGwmJlQoZiwzLGUubyksZS5sYWJlbCE9bnVsbCYmVChmLDYsZS5sYWJlbCksZS5qIT1udWxsJiZUKGYsNyxlLmopLGUuaSE9bnVsbCYmVChmLDgsZS5pKSxlLm0hPW51bGwmJlQoZiwxMSxlLm0pKSwoZT1jYShsKS5mZW5jZSkhPW51bGwpe2g9ZS5yZXBvcnRFdmVudDt0cnl7VT0hMDt2YXIgcD1KU09OLnN0cmluZ2lmeShWKGYpLFApfWZpbmFsbHl7VT0hMX1oLmNhbGwoZSx7ZXZlbnRUeXBlOlwiaW50ZXJhY3Rpb25cIixldmVudERhdGE6cCxkZXN0aW5hdGlvbjpbXCJidXllclwiXX0pfX1lbHNlIGMuZmV0Y2goYCR7YX0mbGFiZWw9JHtmfWAse2tlZXBhbGl2ZTohMCxtZXRob2Q6XCJnZXRcIixtb2RlOlwibm8tY29yc1wifSk7Zy5kaXNjb25uZWN0KCl9fSx7dHlwZXM6W1wiaW50ZXJ2ZW50aW9uXCJdLGJ1ZmZlcmVkOiEwfSkpLm9ic2VydmUoKX0pKFkuYmFzZV91cmwsWS5jcHVfbGFiZWwsIFkubmV0X2xhYmVsKTt9KS5jYWxsKHRoaXMpOzwvc2NyaXB0PjwvYm9keT48L2h0bWw%2BPCEtLSBJRlJBTUUgSU5ORVIgQ09OVEVOVCAtLT4ifQ%3D%3D&i=7-7&t=adltag_m1t71drt_hkGrbVdrZ35&r=eb8be4ba3634e4a822fefcc363dbe46&c=setupad-hai&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

access-control-max-age: 3000
x-amz-version-id: gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 21683
access-control-allow-methods: GET
x-cache: Error from cloudfront
x-amz-cf-id: 06Dgixxwkq8PFB5gmjyoTLxyyP9F5LmtRE1P2pbyQzCBzAjwLqUWDQ==
date: Thu, 03 Oct 2024 05:33:41 GMT
content-type: image/gif
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-amz-cf-pop: FRA56-P2
server: AmazonS3

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C0A 0
0 213ms
92ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 03 Oct 2024 11:08:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2

200

setuid
prebid-stag.setupad.net/
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=7070968462635868244

86 B
639 B

160ms
159ms

Image
image/png

104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=7070968462635868244
Requested by: Host: samfw.com
URL: https://samfw.com/
Protocol: H2
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MDLHcKv4QQnv9iBlIo0dZr0i6xF5Xkw2HLWCq6ih7CUn2x3yIixeOmlpwMRem6g%2BHq3D2n%2F52dW4qyoS6xi6hYC5d9btPMGsOabSYyvqmfcmSExneZ1d4%2BmZArvMpId6dY25vzTUCo3j"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a17da1b5b09-VIE
expires: 0
content-length: 86
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: image/png
vary: Origin
server: cloudflare

Redirect headers

access-control-max-age: 86400
location: https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=7070968462635868244
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
content-length: 0
date: Thu, 03 Oct 2024 11:08:54 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Standard Show response
s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/ Frame 6C0A 97 KB
41 KB 62ms
62ms Script
text/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b2ebbfb5650ca4a0250bad372f3911b4abb2caabd3f39dc2e6fb29db7eaddaf7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=100000
content-encoding: gzip
expires: Fri, 04 Oct 2024 14:38:10 GMT
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: text/javascript
vary: Accept-Encoding
server: nginx
last-modified: Thu, 18 Jul 2024 05:44:08 GMT

GET
DATA 200
OK truncated
/ Frame 685D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e8469b33fcca65f587391ecd3c3305a28304951d604d24e7eaeb20973fd9b8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 685D 0
0 143ms
96ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumSdnuBppUQVdAlGavY-n5Ok65S_STBqEQ4actXXIP_VFDZNeV1ZTK_O4LexcwiEJWb6_4RqrPuDYpWkslQXpmm3or25bD1ZKPANmt9w0NshKdUoFMq6bx1_nt3vaQCkTYR01HayAWEt-UGQ6a_nQRmm-OpxL_rrSR7TR_NebZ6_x6-5LFdcNdee2iWa6wVZH5mr7eMSDREj9drJHK10ZT1xTMBiO5VmfV8uQ5gFS3zME6YJGk21O9ypQmm8VFiFKyp_M_cvdQXdTIweFc18qZDEa1zhvvm6UthuP8evortwZVDS1DVew4pyVlmPF73YjKeBTbb46vgDY0qQ43CtM9_hDvOExTqy859liDTCjHftuTrpDaZLRjwsBx4KlRoAcCCUiMBvqR0AZGSFbhrjTPwTxTcLtRTGBDvL74vzAGgstFMsAErYDJnEWwDxbA3STZBVH5S23fHI-8&sai=AMfl-YQl_jZTEGTpI3iYdQ0st-D3rHD_P7XTxOOco8o3vNafE0dXH8_ki564dbdt_uO6HwPCx23t3kA-z8ZjQMWnrRiehFL1E5Ulovu6U-8Lx9qNyCC9x0HjzZx7dPQ&sig=Cg0ArKJSzFZizr-Z8tnGEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:08:54 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 03 Oct 2024 11:08:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
track.adform.net/jsmetrics/ Frame 9B8B 43 B
208 B 45ms
44ms Image
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?sid=246&rid=28327&cid=147761&adfserve=197&asset=56&deviceType=Desktop

Requested by

Host: samfw.com
URL: https://samfw.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
etag: "64c396e8-2b"
accept-ranges: bytes
content-length: 43
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: image/gif
last-modified: Fri, 28 Jul 2023 10:22:32 GMT
server: nginx

GET
DATA 200
OK truncated
/ Frame 9B8B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0334bd3e680f96ae945b21cb25901dcdec5556d1fad981ee9929258b024e6f71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 685D 0
0 215ms
90ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 03 Oct 2024 11:08:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B8B 0
0 304ms
92ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 03 Oct 2024 11:08:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 /
track.adform.net/csimpr/ Frame 6C0A 35 B
588 B 56ms
53ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=68853970&csi=YkZzt-rcvVv5XqK_3G7ACj7PVQFDg0HwVKbFI6A7ZWzrygPkIxxfkxrYtAEHmZ1oW5c8r268eawZgP_w7Sgje-LSFeXTyO4ccUAcIpDuM4QFpbQmp28wyFNbLI7Czu-NUxwnQ8bGpwTT4t9VKIUTBzw00HT7UTlIZ76WMsifjnQmwJmAjreSMgO8_7rsP1jj0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

GET
H2 200 Standard Show response
s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/ Frame 685D 97 KB
0 62ms
62ms Script
text/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b2ebbfb5650ca4a0250bad372f3911b4abb2caabd3f39dc2e6fb29db7eaddaf7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=100000
content-encoding: gzip
expires: Fri, 04 Oct 2024 14:38:10 GMT
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: text/javascript
vary: Accept-Encoding
server: nginx
last-modified: Thu, 18 Jul 2024 05:44:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B8B 0
0 95ms
95ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQruk1JsLUuGkr8qMU40E9pMj_xYhTmpMsv0fwxq2c3UeC5XeAGjJ0K4c2ZP9uEo0_86sBnJKaO2ttEl7QkaATbtVeaJ3NlZMy0OZ6xRnvpMXhW32XAVFwK3m23j1DA-ix-uKAD0fCvOfYTYLe3db6Pjsqb1Irgl_mLjxnCpTKd7f1UnXZvHFX4FZPANgCCWXZJIcvCAat8myGveT0U9YXzH30RUO2KEQkpQEkJ-AADSvvA-FfAHtlVk-xcpLgQuFq0OHtAdDxcTxiAyZI-e16PYpOcwDjON1VRl8hHPtFyeRQuysI9mykdVkmY_nC_o7Af-Nc4-XU_Xt4nEGpTKFUQWHiuULWnV58nMqYveZsX6Ir8gJbnmUQkzEwYSzrYxoL99GmalmNsUD-A642sADpmln8wBOuO2Irgd_VJ0UzLfmdUf92h2mJVsVZHG67WNUrVU1XPfjS4A&sai=AMfl-YQXE555NZhY7wvShO1B5FS9KhuTjkcCQgVX0xinVfBR5j9cKKyT54ekb4oMiRcAVKWc2Ssvd2bDI-G1lJedyTXfoiNjTZOx2ERfnE82Q8t1w6bP4R6BASF6C4Q&sig=Cg0ArKJSzE7yzn2z7fTxEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:08:54 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 03 Oct 2024 11:08:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 15069937.js Show response
s1.adform.net/Banners/Elements/Files/2155590/15069937/ Frame 648E 3 KB
1 KB 47ms
47ms Script
application/x-javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15069937/15069937.js?ADFassetID=15069937&bv=258
Requested by: Host: samfw.com
URL: https://samfw.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3fe84521960a4b2f629a9d3cf62a62d3befc5a4c2e3b4256941ff3939bf7582b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"a8cdc0de7c1a625ab0cd858e67375870"
x-amz-request-id: tx000007d3cc8874e31165f-0066c34cb9-32993cbc-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: application/x-javascript
vary: Accept-Encoding
server: nginx
last-modified: Wed, 29 May 2024 12:35:57 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 685D 35 B
588 B 47ms
47ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=68853971&csi=VIxJHt0iPFyG08jU0IMzBROnXes31jNih1l_ll8QK9XrygPkIxxfkwjSWbmd2_r6i6ZoEixDRshlvy00A1QOuOLSFeXTyO4ccUAcIpDuM4QFpbQmp28wyFNbLI7Czu-NUxwnQ8bGpwTT4t9VKIUTBzw00HT7UTlIZ76WMsifjnQmwJmAjreSMgO8_7rsP1jj0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

GET
H2 200 Standard Show response
s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/ Frame 9B8B 97 KB
0 62ms
62ms Script
text/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b2ebbfb5650ca4a0250bad372f3911b4abb2caabd3f39dc2e6fb29db7eaddaf7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=100000
content-encoding: gzip
expires: Fri, 04 Oct 2024 14:38:10 GMT
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: text/javascript
vary: Accept-Encoding
server: nginx
last-modified: Thu, 18 Jul 2024 05:44:08 GMT

GET
H2 200 15068987.js Show response
s1.adform.net/Banners/Elements/Files/2155590/15068987/ Frame C583 2 KB
1 KB 48ms
47ms Script
application/x-javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15068987/15068987.js?ADFassetID=15068987&bv=258
Requested by: Host: samfw.com
URL: https://samfw.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c09b0c7aff20f8b700bacf3d15188c0fb5a7377b8fc328e907d74ee9cede51a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"9b0b740e3aa4874707bfa1e058666e66"
x-amz-request-id: tx00000e9c3a133ae0db54d-0066c34ba5-3299ff77-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: application/x-javascript
vary: Accept-Encoding
server: nginx
last-modified: Wed, 29 May 2024 11:24:50 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 9B8B 35 B
588 B 45ms
45ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=68853970&csi=f8BgiCwwWn7pcH_T-GBc4Kv1PijZ3uguh1l_ll8QK9XrygPkIxxfkxNGo38XV8hvpa3DOLNE8vuu2H9WgD5oY-LSFeXTyO4ccUAcIpDuM4QFpbQmp28wyFNbLI7Czu-NUxwnQ8bGpwTT4t9VKIUTBzw00HT7UTlIZ76WMsifjnQmwJmAjreSMgO8_7rsP1jj0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

GET
H2 200 15068990.js Show response
s1.adform.net/Banners/Elements/Files/2155590/15068990/ Frame 847F 3 KB
1 KB 47ms
46ms Script
application/x-javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15068990/15068990.js?ADFassetID=15068990&bv=258
Requested by: Host: samfw.com
URL: https://samfw.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bd2fb1932146ab59338f0fc57fec9aa2d749a53efccfbccba4229b6af1b3db62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"9ead3320a4d571a160bc9ec8758a0d1c"
x-amz-request-id: tx000003d5f9f172c0dc58b-0066c34c7c-32993d2f-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: application/x-javascript
vary: Accept-Encoding
server: nginx
last-modified: Wed, 29 May 2024 11:24:50 GMT

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 648E 30 KB
14 KB 58ms
57ms Script
application/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=632
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 26cd88f80e32bf9cd9d41030edd478f71e9e41a88f06ce1467c3ea9b7d24ec83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"45f038e188b2a7f0feb9a75ead93215c"
x-amz-request-id: tx000001d88e3b1161605c1-0066c347ce-32993d2f-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Mon, 04 Mar 2024 08:01:06 GMT

GET
H2 200 main.css
s1.adform.net/Banners/Elements/Files/2155590/15069937/bvpath_258/css/ Frame 648E 10 KB
2 KB 47ms
45ms Stylesheet
text/css 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15069937/bvpath_258/css/main.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f960ea997553b79140e4235c693bd5f1729eae5cf13cd39ee52d18aed813207f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"9a09f286c82c3cb9e3769089c7bf22dd"
x-amz-request-id: tx00000e95d9172567d2275-0066c34cb9-32993d2f-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: text/css
vary: Accept-Encoding
server: nginx
last-modified: Wed, 29 May 2024 12:35:57 GMT

GET
H2 200 background.png
s1.adform.net/Banners/Elements/Files/2155590/15069937/bvpath_258/img/ Frame 648E 8 KB
8 KB 63ms
61ms Image
image/png 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15069937/bvpath_258/img/background.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 393cb2d55ece50ddff6d2fcfa2a2b6249251a6abd8b8089009d7212d69a10546

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
etag: "4acaacf8da34082c0a3d7fb3a6ddb2cc"
x-amz-request-id: tx00000985ffb1fa9425f17-0066c34cb9-3299ff77-default
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8312
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: image/png
last-modified: Wed, 29 May 2024 12:35:57 GMT
server: nginx

GET
H2 200 image.png
s1.adform.net/Banners/Elements/Files/2155590/15069937/bvpath_258/img/ Frame 648E 102 KB
103 KB 71ms
70ms Image
image/png 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15069937/bvpath_258/img/image.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9f63adfc81866b781b99b62d31325a078a7f4208b1217d02c9056772afca0574

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
etag: "f4223c075379faa4840ed5737d70609c"
x-amz-request-id: tx000000213db0fc2d684c2-0066c34cb9-32993cbc-default
accept-ranges: bytes
access-control-allow-origin: *
content-length: 104777
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: image/png
last-modified: Wed, 29 May 2024 12:35:57 GMT
server: nginx

GET
H2 200 logo.svg
s1.adform.net/Banners/Elements/Files/2155590/15069937/bvpath_258/img/ Frame 648E 3 KB
2 KB 122ms
121ms Image
image/svg+xml 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15069937/bvpath_258/img/logo.svg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5304932f235195e947a688be6541bcc93a3faf4ba385266178aae28c8751715d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"760813a8d3b1c9040f3a8f3db555d36c"
x-amz-request-id: tx000000eba6d2427bd4929-0066c34cba-3299ff77-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Wed, 29 May 2024 12:35:57 GMT

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame C583 30 KB
0 38ms
38ms Script
application/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=632
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 26cd88f80e32bf9cd9d41030edd478f71e9e41a88f06ce1467c3ea9b7d24ec83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"45f038e188b2a7f0feb9a75ead93215c"
x-amz-request-id: tx000001d88e3b1161605c1-0066c347ce-32993d2f-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Mon, 04 Mar 2024 08:01:06 GMT

GET
H2 200 main.css
s1.adform.net/Banners/Elements/Files/2155590/15068987/bvpath_258/css/ Frame C583 8 KB
2 KB 103ms
100ms Stylesheet
text/css 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15068987/bvpath_258/css/main.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 340865cafdf27fdf94b5782f38adde8e0c0f8d3071b7777b87ce3816fa5ed834

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"ec91785b420605048f64ac812932e0bb"
x-amz-request-id: tx00000d033c9b12f314636-0066c34ba5-32998a6b-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: text/css
vary: Accept-Encoding
server: nginx
last-modified: Wed, 29 May 2024 11:24:50 GMT

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/2155590/15068987/bvpath_258/img/ Frame C583 22 KB
23 KB 116ms
114ms Image
image/jpeg 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15068987/bvpath_258/img/background.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ca3af8a062541dac855ce2815a99b7e3505ad45788a62ef6ea712acf47b5d987

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
etag: "3497ca01bba531d792e566c60bac0d29"
x-amz-request-id: tx000008a2384ea9b4ac485-0066c34ba5-32998ad9-default
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22829
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
last-modified: Wed, 29 May 2024 11:24:50 GMT
server: nginx

GET
H2 200 image.png
s1.adform.net/Banners/Elements/Files/2155590/15068987/bvpath_258/img/ Frame C583 126 KB
126 KB 117ms
114ms Image
image/png 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15068987/bvpath_258/img/image.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d118783a0c33f500f8adf821df60744e52f9754cbb1fbd04b9560349f1784fbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
etag: "85cf6de0c15ee7c6adcd383e5d394d26"
x-amz-request-id: tx000004b57962c192b4098-0066c34ba5-3299ff77-default
accept-ranges: bytes
access-control-allow-origin: *
content-length: 129121
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: image/png
last-modified: Wed, 29 May 2024 11:24:50 GMT
server: nginx

GET
H2 200 logo.svg
s1.adform.net/Banners/Elements/Files/2155590/15068987/bvpath_258/img/ Frame C583 3 KB
2 KB 141ms
140ms Image
image/svg+xml 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15068987/bvpath_258/img/logo.svg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6d316fc59e3ff1d6abc4750b653a4753d63d9fd062c64bcdf5c4acc1210e0812

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"dad1fa4923b07953053b442ffc948e1d"
x-amz-request-id: tx000000e5761c05c481381-0066c34ba5-329739b6-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Wed, 29 May 2024 11:24:50 GMT

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 847F 30 KB
0 6ms
6ms Script
application/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=632
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 26cd88f80e32bf9cd9d41030edd478f71e9e41a88f06ce1467c3ea9b7d24ec83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"45f038e188b2a7f0feb9a75ead93215c"
x-amz-request-id: tx000001d88e3b1161605c1-0066c347ce-32993d2f-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Mon, 04 Mar 2024 08:01:06 GMT

GET
H2 200 main.css
s1.adform.net/Banners/Elements/Files/2155590/15068990/bvpath_258/css/ Frame 847F 8 KB
2 KB 111ms
109ms Stylesheet
text/css 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15068990/bvpath_258/css/main.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 387d774e084587ed9901f1bd05a59b2cfcff1656c7caa62726b479622c0a4360

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"4f3ec95ac7f7a3840687b36bf14d2606"
x-amz-request-id: tx0000020b36c89c4686115-0066c34c7c-32993cbc-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: text/css
vary: Accept-Encoding
server: nginx
last-modified: Wed, 29 May 2024 11:24:50 GMT

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/2155590/15068990/bvpath_258/img/ Frame 847F 5 KB
6 KB 112ms
110ms Image
image/jpeg 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15068990/bvpath_258/img/background.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3cff84d3745f544c92745770a2e348087e789a449a98a2ae482e553e5e8bb94a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
etag: "bff61c23dbe5e6d7a0b514204e98d8dd"
x-amz-request-id: tx00000b3e81b42470dae73-0066c34c7c-3299ff77-default
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5367
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
last-modified: Wed, 29 May 2024 11:24:50 GMT
server: nginx

GET
H2 200 image.png
s1.adform.net/Banners/Elements/Files/2155590/15068990/bvpath_258/img/ Frame 847F 58 KB
58 KB 114ms
113ms Image
image/png 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15068990/bvpath_258/img/image.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c87f038ba3187db6d88262345aaa695f70bac44538d98be3e303c7b5e9a44420

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
etag: "80c9f0a7da663f2c446fa7a0c906fd5b"
x-amz-request-id: tx00000a1f007f323765889-0066c34c7c-3299ff77-default
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58891
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: image/png
last-modified: Wed, 29 May 2024 11:24:50 GMT
server: nginx

GET
H2 200 logo.svg
s1.adform.net/Banners/Elements/Files/2155590/15068990/bvpath_258/img/ Frame 847F 3 KB
2 KB 123ms
122ms Image
image/svg+xml 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2155590/15068990/bvpath_258/img/logo.svg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/load/v/0.0.250/e/.gSBgiDQ/i/uEAv-wgAAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6d316fc59e3ff1d6abc4750b653a4753d63d9fd062c64bcdf5c4acc1210e0812

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

x-cache-status: STALE
access-control-expose-headers: Content-Range,Content-Length
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"dad1fa4923b07953053b442ffc948e1d"
x-amz-request-id: tx000009f147f1978f93896-0066c34c7d-32998ad9-default
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
x-rgw-object-type: Normal
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Wed, 29 May 2024 11:24:50 GMT

GET
H3 200 gilroy-bold
fonts.cdnfonts.com/css/ Frame 648E 851 B
711 B 163ms
79ms Stylesheet
text/css 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/gilroy-bold
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2155590/15069937/bvpath_258/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fda7e6a5c86446322078ef7d532c37a954888d5e5eaf79706bb765ad1e74da60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://s1.adform.net/

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 9292576
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2B50eeYgWOzE%2FkZMb%2BY2%2Bk6e8uSuRE5DbNMaMPcUyQ9Kx4McUVvVxKw%2BAHkUTbMz1QUpWjpdWPXci8OWTqQkKCSE1Ou9JIjmVlrmEkDB9xJZRK7nlg0pTUHoO0HLukgjFiy%2BDQY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a18fb265bb3-VIE
cf-polished: origSize=1018
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
last-modified: Mon, 17 Jun 2024 21:52:38 GMT

GET
H3 200 gilroy-bold
fonts.cdnfonts.com/css/ Frame C583 851 B
446 B 205ms
107ms Stylesheet
text/css 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/gilroy-bold
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2155590/15068987/bvpath_258/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fda7e6a5c86446322078ef7d532c37a954888d5e5eaf79706bb765ad1e74da60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://s1.adform.net/

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 9292576
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOxHCF42UXg1tF0kVw%2Fey4tQ%2BafgXgGeoqx9s5P3saMCCUgAj53UVlPkFg3WXWo7OZNjwuzBEDTPC5OLR03t62VeyzD1GHOT2JwmbTnhl1NYooSM7feSjpxkRfLjBXYyE3zfrZQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a197bd95bb3-VIE
cf-polished: origSize=1018
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
last-modified: Mon, 17 Jun 2024 21:52:38 GMT
vary: Accept-Encoding
server: cloudflare
content-type: text/css;charset=UTF-8

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 75ms
75ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241001&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1839315362497448&plah=samfw.com&bust=31087565

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

90a5a60ae0b0c150f1d78d3b41a05a6768bc6959e8251a0fe8f1c323101bee18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12779
date: Thu, 03 Oct 2024 11:08:54 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 204 rum Show response
samfw.com/cdn-cgi/ 0
202 B 36ms
35ms XHR
text/plain 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://samfw.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8ccc7a18cb948da7-HEL
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:54 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 favicon.ico
samfw.com/assets/img/ 68 KB
10 KB 41ms
40ms Other
image/x-icon 2606:4700:10::6816:30d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://samfw.com/assets/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5839ac2bc1c0f926daebdd85cd9b5ab64b360f7074f3ce90aaacaadc21a4ffb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
content-encoding: br
cf-cache-status: HIT
etag: W/"5db5cd10-10e3e"
age: 4201
cf-ray: 8ccc7a18cb988da7-HEL
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: image/x-icon
last-modified: Sun, 27 Oct 2019 17:00:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 gilroy-bold
fonts.cdnfonts.com/css/ Frame 847F 851 B
444 B 254ms
79ms Stylesheet
text/css 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/gilroy-bold
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2155590/15068990/bvpath_258/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fda7e6a5c86446322078ef7d532c37a954888d5e5eaf79706bb765ad1e74da60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://s1.adform.net/

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 9292576
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MamrP0UdiP0OnUDa0MxShe5BxM6E6z4fCXHBskfGKhDx8glJdl79YqLSabhAPCvpHCPiCYyQeTnywDXNTDUWu1zQcFEQJgLdS71UX3Nmi1XwBQ6MoQ3SO3um4hDbFWm2a%2FrO01g%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a1a2d6d5bb3-VIE
cf-polished: origSize=1018
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:08:54 GMT
last-modified: Mon, 17 Jun 2024 21:52:38 GMT
vary: Accept-Encoding
server: cloudflare
content-type: text/css;charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 1723ms
1587ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:08:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 11:08:56 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 Gilroy-Bold.woff
fonts.cdnfonts.com/s/16219/ Frame 648E 61 KB
61 KB 205ms
134ms Font
font/woff 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16219/Gilroy-Bold.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/gilroy-bold
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c776b3baeb6873855bd5b7acda924be596cc035d48603cf3281744ffdb4348dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://fonts.cdnfonts.com/css/gilroy-bold

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "f418-5d73bbbe15fbb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PANCW3%2B7ywwe7C0xPO1PCqrxTqP2s8I4C3njM9IjIsLFZonte%2Bzx8Y2V%2Bn%2FPdwANfY8pfMusXkzp814gKwV9Ksxz%2BdnGRUZRU13dXldOamuTSxnpT6ZU5Z5sThh7JVIpwCSBufQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a19fda85ad9-VIE
accept-ranges: bytes
access-control-allow-origin: *
content-length: 62488
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: font/woff
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Gilroy-Medium.woff
fonts.cdnfonts.com/s/16219/ Frame 648E 63 KB
63 KB 389ms
319ms Font
font/woff 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16219/Gilroy-Medium.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/gilroy-bold
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47782e508a153c184ef9d43bf8b372b4f51de851124fc5893232a404f6ff04ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://fonts.cdnfonts.com/css/gilroy-bold

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "fc24-5d73bbbe163a3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lLK3BV2FGJTJk8AtoMi3vkNpQLkilm8CrrVO%2FwfYzTsYVH9H%2BJkU%2F7NEQtIf0hMhHqqCyZzIoarnKLY1TgA%2Bbe7%2BaG6CoSsZsGrJ9bSBWKKNqc6m8DA7YAs8aPluEaUxRARkM%2BA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a19fdab5ad9-VIE
accept-ranges: bytes
access-control-allow-origin: *
content-length: 64548
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: font/woff
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Gilroy-Regular.woff
fonts.cdnfonts.com/s/16219/ Frame 648E 61 KB
62 KB 185ms
115ms Font
font/woff 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16219/Gilroy-Regular.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/gilroy-bold
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc3f17c8b665912f05c72cc9299d99a204f31a1db8433a6892b805cf2e055fbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://fonts.cdnfonts.com/css/gilroy-bold

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "f59c-5d73bbbe163a3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZUPBhYiVPJwErJYcI1XG4KAd7RzOnf%2BkdXkqyA8UP5HHZIuDM%2FjOegpc5CQAk72aspweQW4QfWGJd7jfYEWIh5asOxMktnJv9pRYDl%2B%2BtlJC5q4J8qx6MyN5FinA6cX1Wy1Y0qE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a19fda95ad9-VIE
accept-ranges: bytes
access-control-allow-origin: *
content-length: 62876
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: font/woff
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Gilroy-Bold.woff
fonts.cdnfonts.com/s/16219/ Frame C583 61 KB
0 289ms
288ms Font
font/woff 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16219/Gilroy-Bold.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/gilroy-bold
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c776b3baeb6873855bd5b7acda924be596cc035d48603cf3281744ffdb4348dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://fonts.cdnfonts.com/css/gilroy-bold

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "f418-5d73bbbe15fbb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PANCW3%2B7ywwe7C0xPO1PCqrxTqP2s8I4C3njM9IjIsLFZonte%2Bzx8Y2V%2Bn%2FPdwANfY8pfMusXkzp814gKwV9Ksxz%2BdnGRUZRU13dXldOamuTSxnpT6ZU5Z5sThh7JVIpwCSBufQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a19fda85ad9-VIE
accept-ranges: bytes
access-control-allow-origin: *
content-length: 62488
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: font/woff
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Gilroy-Medium.woff
fonts.cdnfonts.com/s/16219/ Frame C583 63 KB
0 357ms
357ms Font
font/woff 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16219/Gilroy-Medium.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/gilroy-bold
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47782e508a153c184ef9d43bf8b372b4f51de851124fc5893232a404f6ff04ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://fonts.cdnfonts.com/css/gilroy-bold

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "fc24-5d73bbbe163a3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lLK3BV2FGJTJk8AtoMi3vkNpQLkilm8CrrVO%2FwfYzTsYVH9H%2BJkU%2F7NEQtIf0hMhHqqCyZzIoarnKLY1TgA%2Bbe7%2BaG6CoSsZsGrJ9bSBWKKNqc6m8DA7YAs8aPluEaUxRARkM%2BA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a19fdab5ad9-VIE
accept-ranges: bytes
access-control-allow-origin: *
content-length: 64548
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: font/woff
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Gilroy-Regular.woff
fonts.cdnfonts.com/s/16219/ Frame C583 61 KB
0 297ms
297ms Font
font/woff 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16219/Gilroy-Regular.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/gilroy-bold
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc3f17c8b665912f05c72cc9299d99a204f31a1db8433a6892b805cf2e055fbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://fonts.cdnfonts.com/css/gilroy-bold

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "f59c-5d73bbbe163a3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZUPBhYiVPJwErJYcI1XG4KAd7RzOnf%2BkdXkqyA8UP5HHZIuDM%2FjOegpc5CQAk72aspweQW4QfWGJd7jfYEWIh5asOxMktnJv9pRYDl%2B%2BtlJC5q4J8qx6MyN5FinA6cX1Wy1Y0qE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a19fda95ad9-VIE
accept-ranges: bytes
access-control-allow-origin: *
content-length: 62876
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: font/woff
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Gilroy-Bold.woff
fonts.cdnfonts.com/s/16219/ Frame 847F 61 KB
0 202ms
202ms Font
font/woff 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16219/Gilroy-Bold.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/gilroy-bold
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c776b3baeb6873855bd5b7acda924be596cc035d48603cf3281744ffdb4348dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://fonts.cdnfonts.com/css/gilroy-bold

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "f418-5d73bbbe15fbb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PANCW3%2B7ywwe7C0xPO1PCqrxTqP2s8I4C3njM9IjIsLFZonte%2Bzx8Y2V%2Bn%2FPdwANfY8pfMusXkzp814gKwV9Ksxz%2BdnGRUZRU13dXldOamuTSxnpT6ZU5Z5sThh7JVIpwCSBufQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a19fda85ad9-VIE
accept-ranges: bytes
access-control-allow-origin: *
content-length: 62488
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: font/woff
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Gilroy-Medium.woff
fonts.cdnfonts.com/s/16219/ Frame 847F 63 KB
0 268ms
268ms Font
font/woff 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16219/Gilroy-Medium.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/gilroy-bold
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47782e508a153c184ef9d43bf8b372b4f51de851124fc5893232a404f6ff04ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://fonts.cdnfonts.com/css/gilroy-bold

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "fc24-5d73bbbe163a3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lLK3BV2FGJTJk8AtoMi3vkNpQLkilm8CrrVO%2FwfYzTsYVH9H%2BJkU%2F7NEQtIf0hMhHqqCyZzIoarnKLY1TgA%2Bbe7%2BaG6CoSsZsGrJ9bSBWKKNqc6m8DA7YAs8aPluEaUxRARkM%2BA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a19fdab5ad9-VIE
accept-ranges: bytes
access-control-allow-origin: *
content-length: 64548
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: font/woff
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Gilroy-Regular.woff
fonts.cdnfonts.com/s/16219/ Frame 847F 61 KB
0 211ms
211ms Font
font/woff 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16219/Gilroy-Regular.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/gilroy-bold
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc3f17c8b665912f05c72cc9299d99a204f31a1db8433a6892b805cf2e055fbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://samfw.com
Referer: https://fonts.cdnfonts.com/css/gilroy-bold

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "f59c-5d73bbbe163a3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZUPBhYiVPJwErJYcI1XG4KAd7RzOnf%2BkdXkqyA8UP5HHZIuDM%2FjOegpc5CQAk72aspweQW4QfWGJd7jfYEWIh5asOxMktnJv9pRYDl%2B%2BtlJC5q4J8qx6MyN5FinA6cX1Wy1Y0qE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccc7a19fda95ad9-VIE
accept-ranges: bytes
access-control-allow-origin: *
content-length: 62876
date: Thu, 03 Oct 2024 11:08:54 GMT
content-type: font/woff
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6C0A 42 B
65 B 94ms
94ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssegFVUZTkX4CfVGN_2sk36NH1-5DbVGxmh3SX0Fb31G4fybV1wIXtSpjJ4Uk9J_AWsBrl8gpjUJm9Vr8GTnQg2SAjVRLqVbrQV_vns5xQdXQ9hzO95xx7h8YOphkdfGTzAIg1qoBy0ZWNYMNFMID1JCGHMeiwHMbPWHWCAmpknhUTuOVd2-0D41dxuY50ZdQ52GA&sig=Cg0ArKJSzKyG10SUFEkBEAE&id=lidar2&mcvt=1000&p=1081,0,1098,160&tm=1028.2000007629395&tu=27.800000190734863&mtos=158,1000,1000,1000,1000&tos=158,842,0,0,0&v=20240930&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=673818581&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2388653400&rst=1727953733362&rpt=756&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 03 Oct 2024 11:08:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 685D 42 B
65 B 93ms
93ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrARcdgT8mT4tV7Apcy3iXsY22AfG3kE1zsHi8ue-e8cS_mkJd2CVDlgk_mjrQFBK7p4XVA-p81fA9wIKbH2xrtLMahFo0QgOoECSXkPAr3dTErySTTDDi3wc0F9JkUdm45PMiMDAeINmmXSExcpmIbSJ1yOgW838GHbaXEI4w0YGOMrEkH9mA6T55UUF3xCQVNA&sig=Cg0ArKJSzCIwt5_3oVylEAE&id=lidar2&mcvt=1000&p=1186,0,1203,728&tm=1047.1999998092651&tu=47&mtos=87,1000,1000,1000,1000&tos=87,913,0,0,0&v=20240930&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3976149839&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2388653400&rst=1727953733534&rpt=658&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 03 Oct 2024 11:08:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B8B 42 B
65 B 93ms
92ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqASyr8cUZ6zLpTS3P5R5SVPinmY7l-vV7lAUwsgNFrZgY6A8ALjv-3DB1Q7D9deOGXgDCRH36T3VFRhYZY9vogI79M_K9pK5jYQK9o_Jrv59mj4PYZpC8VHbjhQNTAWSgRxncVKhsRm8Ws3dzZIlQE3ftaN1ktagVwRXn-r3RvJHVGi28wCTlG3eZvSAaQGW__Q&sig=Cg0ArKJSzF_8vA3j6fIkEAE&id=lidar2&mcvt=1001&p=1081,1440,1098,1600&tm=1074&tu=73.39999961853027&mtos=62,1001,1001,1001,1001&tos=62,939,0,0,0&v=20240930&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2625510504&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2388653400&rst=1727953733506&rpt=785&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-904ac2d-717a3b2c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://samfw.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 03 Oct 2024 11:08:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 isyn
prebid.a-mo.net/ Frame 20A5 0
0 204ms
69ms Document
text/plain 163.5.194.30
SECUREDSERVERS-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.30 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
date: Thu, 03 Oct 2024 11:08:55 GMT
server: envoy
vary: accept-encoding, Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 sync
eb2.3lift.com/ Frame 252B 0
0 57ms
56ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 03 Oct 2024 11:08:55 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame A55D 0
0 212ms
59ms Document
text/html 2.19.126.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-149.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 03 Oct 2024 11:08:55 GMT
ETag: "623de86a-cf34"
Expires: Fri, 04 Oct 2024 11:08:57 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 pd
setupad-d.openx.net/w/1.0/ Frame C289 0
0 80ms
68ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/pd
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Thu, 03 Oct 2024 11:08:55 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 pd
u.openx.net/w/1.0/ Frame EDF5 0
0 65ms
65ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Thu, 03 Oct 2024 11:08:54 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sync
eb2.3lift.com/ Frame 3D88 0
0 97ms
55ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 03 Oct 2024 11:08:55 GMT

GET
H2 204 isyn
prebid.a-mo.net/ Frame 668E 0
0 251ms
69ms Document
text/plain 163.5.194.30
SECUREDSERVERS-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.30 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
date: Thu, 03 Oct 2024 11:08:55 GMT
server: envoy
vary: accept-encoding, Accept-Encoding
x-envoy-upstream-service-time: 0

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 6C0A 35 B
485 B 47ms
45ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1727953735852

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
expires: -1
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:55 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 685D 35 B
485 B 48ms
46ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1727953735960

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
expires: -1
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:55 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 9B8B 35 B
485 B 48ms
46ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1727953736101

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
expires: -1
access-control-allow-origin: https://samfw.com
date: Thu, 03 Oct 2024 11:08:56 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H2 200 /
track.adform.net/serving/unload/ Frame 685D 35 B
579 B 46ms
46ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=Y4DQ2xKO9Yqn3rerfxkVcZgYdxFLsHJvTLdu7hs4k70KBS34LP63BLI0aUc36e0LH4Z5mt5HjDPss-tTxYJwtN2bxVqCxXCZMZ2skdeYACuvShYrteOpZ4HCzTTmL21SCEmHQxVgp85JQ500o2C7hqYC-yEkarF4gS_lVhmkpIvDeIjrSAcYFw2&unload=8768052392753076706@@68853971,6790050119064666326,100|1100|0|0|0|0|0|0|0||38|0|||||1|0|0|7nLn_flps_1Wgnf2ewtpCf5eIxQK0OjX0C_BK-lP13w5_oVwDE1fLW9pA1ZXTtuzGk-HNGyCNOR1mH2fgnG9sieFU30JwIriHP-6W_N-ibJOKM69MGN_2_YPLhNvprreWXybBLR8ecIa1tQXEKE-M2jiQ7KgGLBu0|bZ5LM0N6LckqHMLsI0XOHSwlvCEKZ_h6RIWxhjLXP4m_rg3XcUPkupT7WXJg35mTwj3cdub5AxPd4SfRj-orjOKvS_XcjtKjgHZGMkiP8SSwgnSEQkwrgJJpsAGI7cEJWL9AFM5gjStTj-rBdyJstVuLyRCqCGlWcQJTu6gA2T7MKTGE3iBDkug3j6Zd34QYBdtwXAphFRYUYJPcf2WLum9k96n7b9reImKpzx2E7nZ6-nlK8k0kIM651OhNuGQTVCjU4iHxIrrj8JZJTF3dwsluPPQNf6Dm0nD0-RHawcJK578CFesXj8651OhNuGQT_sZedlFf5IzJGbRLITRFX8TuXZQVD5H0evp5SvJNJCCniQvpFE1WiRftUGcDPfQ_OR0-U9ecpzr1k97N1bT1sZt8XrTQLxMskqcgAIH_8co1||11|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:56 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 685D 35 B
579 B 48ms
47ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=68853971&event=178&time=2&baid=63915717&name=Viewable%20impressions&imprid=6790050119064666326&icid=8768052392753076706&eData=VIxJHt0iPFw9mfwhAWMLUhTSBT6nBsnU4fn4X_ACi5jpUkvSdeQmKKUzJlJgczrjkonWiwPrevUgfQuHuRVUBSTvO_Fq2i9m6SfpqJteppU8MGUnyfAbQZH9GTjSqpkRLFzCSbvAwniAR-lZaDPnQr0dSuahSM0pVfBfusCTGtM1&adxvars=bZ5LM0N6LckqHMLsI0XOHSwlvCEKZ_h6RIWxhjLXP4m_rg3XcUPkupT7WXJg35mTwj3cdub5AxPd4SfRj-orjOKvS_XcjtKjgHZGMkiP8SSwgnSEQkwrgJJpsAGI7cEJWL9AFM5gjStTj-rBdyJstVuLyRCqCGlWcQJTu6gA2T7MKTGE3iBDkug3j6Zd34QYBdtwXAphFRYUYJPcf2WLum9k96n7b9reImKpzx2E7nZ6-nlK8k0kIM651OhNuGQTVCjU4iHxIrrj8JZJTF3dwsluPPQNf6Dm0nD0-RHawcJK578CFesXj8651OhNuGQT_sZedlFf5IzJGbRLITRFX8TuXZQVD5H0evp5SvJNJCCniQvpFE1WiRftUGcDPfQ_OR0-U9ecpzr1k97N1bT1sZt8XrTQLxMskqcgAIH_8co1&rtbdata=UZSwcrEA-zlUUExwa27HXwR7P4xcQzglTsg9OeqLdd5wkHceuccgKEhbSG7tzHq_WL9AFM5gjStTj-rBdyJstVuLyRCqCGlWZzkjGIILGUIF1E1jzCTIE8GxflpxFYP1RJwFcjGV3wF1wmY87o9h5SnuGV7LeIvs7U5JqzacAoY4DoRWWrhyHtWgeV0YuOs_O0aKMIdnjK4GyIIqRNXgIQi66w45a2WcXTSDRoTpQ_LXVeRygR7ZPeyk21BazGM4_-lLLx95zc3UY-n4pNyCIVfjahYyJV3tAtGSkEt3T4-x0ZryP3JDpYJ6wqKerBtR0&rtbwp=vYcdZ7sdoPBusN6FuI1hLPCj2Y0s6mpb0&rnd=676735241

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:56 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

POST
H2 200 /
track.adform.net/serving/unload/ Frame 685D 35 B
579 B 46ms
46ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8768052392753076706@@68853971,6790050119064666326,100|1101|0|0|0|0|0|0|0||38|0|||||1|0|0|7nLn_flps_1Wgnf2ewtpCf5eIxQK0OjX0C_BK-lP13w5_oVwDE1fLW9pA1ZXTtuzGk-HNGyCNOR1mH2fgnG9sieFU30JwIriHP-6W_N-ibJOKM69MGN_2_YPLhNvprreWXybBLR8ecIa1tQXEKE-M2jiQ7KgGLBu0|bZ5LM0N6LckqHMLsI0XOHSwlvCEKZ_h6RIWxhjLXP4m_rg3XcUPkupT7WXJg35mTwj3cdub5AxPd4SfRj-orjOKvS_XcjtKjgHZGMkiP8SSwgnSEQkwrgJJpsAGI7cEJWL9AFM5gjStTj-rBdyJstVuLyRCqCGlWcQJTu6gA2T7MKTGE3iBDkug3j6Zd34QYBdtwXAphFRYUYJPcf2WLum9k96n7b9reImKpzx2E7nZ6-nlK8k0kIM651OhNuGQTVCjU4iHxIrrj8JZJTF3dwsluPPQNf6Dm0nD0-RHawcJK578CFesXj8651OhNuGQT_sZedlFf5IzJGbRLITRFX8TuXZQVD5H0evp5SvJNJCCniQvpFE1WiRftUGcDPfQ_OR0-U9ecpzr1k97N1bT1sZt8XrTQLxMskqcgAIH_8co1||01|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:56 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9B8B 35 B
579 B 49ms
48ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=Y4DQ2xKO9YqJNT3bPli5eTYBQMTt6aOhTLdu7hs4k73XYHrGxbHo3QqplAKhq7_c7NTnUznaLzhj01GQeGjq1d2bxVqCxXCZ5wCLkLnooU79QQDaJKM5HwWo0kvKLpdIgGToGxkPLjzbYFAuiOPf10FqGgt9gY9j7cfAZ6BAKkE1&unload=7070968462635868244@@68853970,4753794863194716544,100|1094|0|0|0|0|0|0|0||55|0|||||1|0|0|Fy5TCLL1_GJWgnf2ewtpCVrp6TiqlLHur-vCx5NDvdOsepxeXlKPnW9pA1ZXTtuzGk-HNGyCNOR1mH2fgnG9sieFU30JwIriHP-6W_N-ibJOKM69MGN_2_YPLhNvprreWXybBLR8ecIa1tQXEKE-M2jiQ7KgGLBu0|bZ5LM0N6LcmKovA2kn69IkVWzzO6HVqLxiwDhr7WBfCQR2bO9G_8V5G4dWAZeGGw21STnirM7ec9jYIL0kNpjUamUfsu_iZqBQcCxbrcrXrm4Gd2nrVp3zKHgwaPdeK11lYk6w27rNd3uCz7tGg-SUUYYsGb7iOFETzwvaENhWWy87Y39yINYUxFj9hnTxEg6r1TK497azX9RgtC1t5aX3W8_6Vvtj6SNSIXWPuy9hFvZPep-2_a3urVH69VHWtZhSRPiY8YRlhapv2sGg_cSS4krwTpdvFJgwkJTlIOwVbSR5wpPCEfzOrVH69VHWtZREVlfL0lY7cJ7adne_h1xWGwPMda5NVjb2T3qftv2t40w_RbyZMM1wGgKQKrE1Vt4_CWSUxd3cKaCOL5JH0wxIaD7LN6gnSkxaMB7E3Is5U1||11|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:56 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 9B8B 35 B
579 B 49ms
48ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=68853970&event=178&time=2&baid=63915719&name=Viewable%20impressions&imprid=4753794863194716544&icid=7070968462635868244&eData=f8BgiCwwWn7IESQQ76Fg-RTSBT6nBsnU4fn4X_ACi5hUJ3sBas6ZtyAvEZ39fZLnkonWiwPrevUgfQuHuRVUBSTvO_Fq2i9m6SfpqJteppU8MGUnyfAbQZH9GTjSqpkRLFzCSbvAwniAR-lZaDPnQr0dSuahSM0pVfBfusCTGtM1&adxvars=bZ5LM0N6LcmKovA2kn69IkVWzzO6HVqLxiwDhr7WBfCQR2bO9G_8V5G4dWAZeGGw21STnirM7ec9jYIL0kNpjUamUfsu_iZqBQcCxbrcrXrm4Gd2nrVp3zKHgwaPdeK11lYk6w27rNd3uCz7tGg-SUUYYsGb7iOFETzwvaENhWWy87Y39yINYUxFj9hnTxEg6r1TK497azX9RgtC1t5aX3W8_6Vvtj6SNSIXWPuy9hFvZPep-2_a3urVH69VHWtZhSRPiY8YRlhapv2sGg_cSS4krwTpdvFJgwkJTlIOwVbSR5wpPCEfzOrVH69VHWtZREVlfL0lY7cJ7adne_h1xWGwPMda5NVjb2T3qftv2t40w_RbyZMM1wGgKQKrE1Vt4_CWSUxd3cKaCOL5JH0wxIaD7LN6gnSkxaMB7E3Is5U1&rtbdata=UZSwcrEA-zlUUExwa27HXwR7P4xcQzglTsg9OeqLdd5wkHceuccgKI3RWQmeHCKjEgSe11q746lJ5Xa2QWpDE1bavN6C5_uMxABAxpyV1dIF1E1jzCTIE8GxflpxFYP1RJwFcjGV3wF1wmY87o9h5SnuGV7LeIvs7U5JqzacAoY4DoRWWrhyHg6SzAJzO7h_O0aKMIdnjK7oiqzmaa5sDgi66w45a2WcXTSDRoTpQ_LXVeRygR7ZPeyk21BazGM4_-lLLx95zc3UY-n4pNyCIVfjahYyJV3tAtGSkEt3T4-x0ZryP3JDpYJ6wqKerBtR0&rtbwp=W-A1gQ1UOpLzX2bEKjM8oqzboUFQG3yp0&rnd=698135296

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:56 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9B8B 35 B
579 B 47ms
46ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=7070968462635868244@@68853970,4753794863194716544,100|1095|0|0|0|0|0|0|0||55|0|||||1|0|0|Fy5TCLL1_GJWgnf2ewtpCVrp6TiqlLHur-vCx5NDvdOsepxeXlKPnW9pA1ZXTtuzGk-HNGyCNOR1mH2fgnG9sieFU30JwIriHP-6W_N-ibJOKM69MGN_2_YPLhNvprreWXybBLR8ecIa1tQXEKE-M2jiQ7KgGLBu0|bZ5LM0N6LcmKovA2kn69IkVWzzO6HVqLxiwDhr7WBfCQR2bO9G_8V5G4dWAZeGGw21STnirM7ec9jYIL0kNpjUamUfsu_iZqBQcCxbrcrXrm4Gd2nrVp3zKHgwaPdeK11lYk6w27rNd3uCz7tGg-SUUYYsGb7iOFETzwvaENhWWy87Y39yINYUxFj9hnTxEg6r1TK497azX9RgtC1t5aX3W8_6Vvtj6SNSIXWPuy9hFvZPep-2_a3urVH69VHWtZhSRPiY8YRlhapv2sGg_cSS4krwTpdvFJgwkJTlIOwVbSR5wpPCEfzOrVH69VHWtZREVlfL0lY7cJ7adne_h1xWGwPMda5NVjb2T3qftv2t40w_RbyZMM1wGgKQKrE1Vt4_CWSUxd3cKaCOL5JH0wxIaD7LN6gnSkxaMB7E3Is5U1||01|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:56 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame E26A 0
0 292ms
59ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 182776
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:22:40 GMT
expires: Wed, 01 Oct 2025 08:22:40 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame FCA7 0
0 300ms
72ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L-hDrQmK95kDge2ZOJZm4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://samfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-L-hDrQmK95kDge2ZOJZm4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 11:08:56 GMT
expires: Thu, 03 Oct 2024 11:08:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame 6C0A 35 B
588 B 47ms
46ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=Y4DQ2xKO9YqKN_pyyKt5sBxaZ4pzEhhmTLdu7hs4k73XYHrGxbHo3QqplAKhq7_c7NTnUznaLzhj01GQeGjq1d2bxVqCxXCZ5wCLkLnooU79QQDaJKM5HwWo0kvKLpdIgGToGxkPLjzbYFAuiOPf10FqGgt9gY9j7cfAZ6BAKkE1&unload=2795478104261320356@@68853970,161235417088418634,100|1199|0|0|0|0|0|0|0||60|0|||||1|0|0|Fy5TCLL1_GJWgnf2ewtpCXSarnkAwMv478yAdZgPyCyhNvPguPRjHm9pA1ZXTtuzGk-HNGyCNOR1mH2fgnG9sieFU30JwIriHP-6W_N-ibJOKM69MGN_2_YPLhNvprreWXybBLR8ecIa1tQXEKE-M2jiQ7KgGLBu0|bZ5LM0N6LcmKovA2kn69IkVWzzO6HVqLxiwDhr7WBfCQR2bO9G_8V5G4dWAZeGGw21STnirM7ec9jYIL0kNpjUamUfsu_iZqBQcCxbrcrXrm4Gd2nrVp3_C-VuwEip4Pq1T1yO_xmR-NYx3qqPi8RaVZ98Mnd060GOA52nm7p1J5M6PTEZlQl0xFj9hnTxEg6r1TK497azX9RgtC1t5aX3W8_6Vvtj6SNSIXWPuy9hFvZPep-2_a3urVH69VHWtZhSRPiY8YRlhapv2sGg_cSS4krwTpdvFJgwkJTlIOwVbSR5wpPCEfzOrVH69VHWtZREVlfL0lY7cJ7adne_h1xWGwPMda5NVjb2T3qftv2t40w_RbyZMM1wGgKQKrE1Vt4_CWSUxd3cKaCOL5JH0wxIaD7LN6gnSkxaMB7E3Is5U1||11|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:56 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 6C0A 35 B
588 B 47ms
46ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=68853970&event=178&time=2&baid=63917089&name=Viewable%20impressions&imprid=161235417088418634&icid=2795478104261320356&eData=YkZzt-rcvVsAl3Trlu2KcRTSBT6nBsnU4fn4X_ACi5i5hkH5LeoVntNeuRU0Mx4NOWouV5aqj70gfQuHuRVUBSTvO_Fq2i9m6SfpqJteppU8MGUnyfAbQZH9GTjSqpkRLFzCSbvAwniAR-lZaDPnQr0dSuahSM0pVfBfusCTGtM1&adxvars=bZ5LM0N6LcmKovA2kn69IkVWzzO6HVqLxiwDhr7WBfCQR2bO9G_8V5G4dWAZeGGw21STnirM7ec9jYIL0kNpjUamUfsu_iZqBQcCxbrcrXrm4Gd2nrVp3_C-VuwEip4Pq1T1yO_xmR-NYx3qqPi8RaVZ98Mnd060GOA52nm7p1J5M6PTEZlQl0xFj9hnTxEg6r1TK497azX9RgtC1t5aX3W8_6Vvtj6SNSIXWPuy9hFvZPep-2_a3urVH69VHWtZhSRPiY8YRlhapv2sGg_cSS4krwTpdvFJgwkJTlIOwVbSR5wpPCEfzOrVH69VHWtZREVlfL0lY7cJ7adne_h1xWGwPMda5NVjb2T3qftv2t40w_RbyZMM1wGgKQKrE1Vt4_CWSUxd3cKaCOL5JH0wxIaD7LN6gnSkxaMB7E3Is5U1&rtbdata=UZSwcrEA-zlUUExwa27HXwR7P4xcQzglTsg9OeqLdd5wkHceuccgKHjvvwShfvzmy-j28otgKK43avrN8kWK4sjZsfleOWuS7mh-d4iWwmwF1E1jzCTIE8GxflpxFYP1RJwFcjGV3wF1wmY87o9h5SnuGV7LeIvs7U5JqzacAoY4DoRWWrhyHtWgeV0YuOs_O0aKMIdnjK7oiqzmaa5sDgi66w45a2WcXTSDRoTpQ_LXVeRygR7ZPeyk21BazGM4_-lLLx95zc3UY-n4pNyCIVfjahYyJV3tAtGSkEt3T4-x0ZryP3JDpYJ6wqKerBtR0&rtbwp=W-A1gQ1UOpLzX2bEKjM8oqzboUFQG3yp0&rnd=668616425

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:56 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

POST
H2 200 /
track.adform.net/serving/unload/ Frame 6C0A 35 B
588 B 46ms
45ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=2795478104261320356@@68853970,161235417088418634,100|1200|0|0|0|0|0|0|0||60|0|||||1|0|0|Fy5TCLL1_GJWgnf2ewtpCXSarnkAwMv478yAdZgPyCyhNvPguPRjHm9pA1ZXTtuzGk-HNGyCNOR1mH2fgnG9sieFU30JwIriHP-6W_N-ibJOKM69MGN_2_YPLhNvprreWXybBLR8ecIa1tQXEKE-M2jiQ7KgGLBu0|bZ5LM0N6LcmKovA2kn69IkVWzzO6HVqLxiwDhr7WBfCQR2bO9G_8V5G4dWAZeGGw21STnirM7ec9jYIL0kNpjUamUfsu_iZqBQcCxbrcrXrm4Gd2nrVp3_C-VuwEip4Pq1T1yO_xmR-NYx3qqPi8RaVZ98Mnd060GOA52nm7p1J5M6PTEZlQl0xFj9hnTxEg6r1TK497azX9RgtC1t5aX3W8_6Vvtj6SNSIXWPuy9hFvZPep-2_a3urVH69VHWtZhSRPiY8YRlhapv2sGg_cSS4krwTpdvFJgwkJTlIOwVbSR5wpPCEfzOrVH69VHWtZREVlfL0lY7cJ7adne_h1xWGwPMda5NVjb2T3qftv2t40w_RbyZMM1wGgKQKrE1Vt4_CWSUxd3cKaCOL5JH0wxIaD7LN6gnSkxaMB7E3Is5U1||01|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:56 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 68ms
68ms Fetch
text/plain 142.250.185.142

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JF7Y9R03YP&gtm=45je4a10v9108302557za200&_p=1727953730545&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=885069946.1727953731&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEII&sid=1727953731&sct=1&seg=0&dl=https%3A%2F%2Fsamfw.com%2F&dt=Samsung%20Firmware%20Download%20-%20Lastest%20official%20firmware%20update&_s=2&tfd=9486
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JF7Y9R03YP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.142 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://samfw.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 11:08:58 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 /
track.adform.net/serving/unload/ Frame 6C0A 35 B
588 B 46ms
45ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=2795478104261320356@@68853970,161235417088418634,100|3999|0|0|0|0|0|0|0||200|0|||||1|0|0|Fy5TCLL1_GJWgnf2ewtpCXSarnkAwMv478yAdZgPyCyhNvPguPRjHm9pA1ZXTtuzGk-HNGyCNOR1mH2fgnG9sieFU30JwIriHP-6W_N-ibJOKM69MGN_2_YPLhNvprreWXybBLR8ecIa1tQXEKE-M2jiQ7KgGLBu0|bZ5LM0N6LcmKovA2kn69IkVWzzO6HVqLxiwDhr7WBfCQR2bO9G_8V5G4dWAZeGGw21STnirM7ec9jYIL0kNpjUamUfsu_iZqBQcCxbrcrXrm4Gd2nrVp3_C-VuwEip4Pq1T1yO_xmR-NYx3qqPi8RaVZ98Mnd060GOA52nm7p1J5M6PTEZlQl0xFj9hnTxEg6r1TK497azX9RgtC1t5aX3W8_6Vvtj6SNSIXWPuy9hFvZPep-2_a3urVH69VHWtZhSRPiY8YRlhapv2sGg_cSS4krwTpdvFJgwkJTlIOwVbSR5wpPCEfzOrVH69VHWtZREVlfL0lY7cJ7adne_h1xWGwPMda5NVjb2T3qftv2t40w_RbyZMM1wGgKQKrE1Vt4_CWSUxd3cKaCOL5JH0wxIaD7LN6gnSkxaMB7E3Is5U1||01|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:59 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9B8B 35 B
588 B 47ms
47ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=7070968462635868244@@68853971,6790050119064666326,100|4200|0|0|0|0|0|0|0||143|0|||||1|0|0|7nLn_flps_1Wgnf2ewtpCf5eIxQK0OjX0C_BK-lP13w5_oVwDE1fLW9pA1ZXTtuzGk-HNGyCNOR1mH2fgnG9sieFU30JwIriHP-6W_N-ibJOKM69MGN_2_YPLhNvprreWXybBLR8ecIa1tQXEKE-M2jiQ7KgGLBu0|bZ5LM0N6LckqHMLsI0XOHSwlvCEKZ_h6RIWxhjLXP4m_rg3XcUPkupT7WXJg35mTwj3cdub5AxPd4SfRj-orjOKvS_XcjtKjgHZGMkiP8SSwgnSEQkwrgJJpsAGI7cEJWL9AFM5gjStTj-rBdyJstVuLyRCqCGlWcQJTu6gA2T7MKTGE3iBDkug3j6Zd34QYBdtwXAphFRYUYJPcf2WLum9k96n7b9reImKpzx2E7nZ6-nlK8k0kIM651OhNuGQTVCjU4iHxIrrj8JZJTF3dwsluPPQNf6Dm0nD0-RHawcJK578CFesXj8651OhNuGQT_sZedlFf5IzJGbRLITRFX8TuXZQVD5H0evp5SvJNJCCniQvpFE1WiRftUGcDPfQ_OR0-U9ecpzr1k97N1bT1sZt8XrTQLxMskqcgAIH_8co1||01|0|0|0|@@68853970,4753794863194716544,100|4194|0|0|0|0|0|0|0||210|0|||||1|0|0|Fy5TCLL1_GJWgnf2ewtpCVrp6TiqlLHur-vCx5NDvdOsepxeXlKPnW9pA1ZXTtuzGk-HNGyCNOR1mH2fgnG9sieFU30JwIriHP-6W_N-ibJOKM69MGN_2_YPLhNvprreWXybBLR8ecIa1tQXEKE-M2jiQ7KgGLBu0|bZ5LM0N6LcmKovA2kn69IkVWzzO6HVqLxiwDhr7WBfCQR2bO9G_8V5G4dWAZeGGw21STnirM7ec9jYIL0kNpjUamUfsu_iZqBQcCxbrcrXrm4Gd2nrVp3zKHgwaPdeK11lYk6w27rNd3uCz7tGg-SUUYYsGb7iOFETzwvaENhWWy87Y39yINYUxFj9hnTxEg6r1TK497azX9RgtC1t5aX3W8_6Vvtj6SNSIXWPuy9hFvZPep-2_a3urVH69VHWtZhSRPiY8YRlhapv2sGg_cSS4krwTpdvFJgwkJTlIOwVbSR5wpPCEfzOrVH69VHWtZREVlfL0lY7cJ7adne_h1xWGwPMda5NVjb2T3qftv2t40w_RbyZMM1wGgKQKrE1Vt4_CWSUxd3cKaCOL5JH0wxIaD7LN6gnSkxaMB7E3Is5U1||01|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/mink/632/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://samfw.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: -1
access-control-allow-origin: https://samfw.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 03 Oct 2024 11:08:59 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241001&jk=951297560501306&bg=!_v2l_bLNAAax3igvkd47ADQBe5WfOJG_n9GTUwfHBXZlfmxWJVfBWrva0Vd1U6myU0-AcZY1Pb9f-9iF-IvEzgADl5QoAgAAAF1SAAAABGgBB34ANsP6irQXJzTGWCSxDdej_ZGVwINCP35YU48IyAXkMXxISRn2jETW0w7cKE46PR2uWOMAFfiiaZkCl_q7UDY8bXausudGgs8SBctEMM4oTY1w824RVrHIW7GGI2sJSJw0Bgm31aokJWbafJIC5_BuZoPSr5COVKXryTz4W-_22Ezcy6xMZLzYtBEC9oUE__YC6Yuxd0jHJuyjRHpFX_X3nuCwJ7IkWn6joTd0BV9YhOXf5SG42AfvvcqUXNKRkQF3F_1RCBWgC3K9EhiysL9HmRW734cebfAUPV4_o67qjrTY0EwLfsWIFm_aZChwXNO-zTAwH3a0LEIjKpiM_4LXxwtgrRjHSI0ZSRxwbKbiQ6BCEtrkBeneA6S45-Ff60NUOtI9PwPBlOQo7Bx4Ue5PUSH94A9i33RxAVeAXrA4pMJIUNNXOVGT-4iFJPH7IMgWXY085cCdTBQfmy7RWv5awWSQvn1QG1Rh3v1uXBfX-ND22vJvO-gnpOqnF6I8FKHALkLFXiljbVCTlEe5i9qLPbRvvWbS_lcixTprR5Z2dVWTABqVoCImivJnC3YcFdvWJljQZForGMFQC4ebYVQnh_J9B0Cr6zd5WbmsS7OA0Jzr0VAnFsCrNfuQSgh4lfkPoTFEtbaxGbgFSRuxhYsomP9-0TvBRBtojq70SUUCqtvKKKVDIpNhdKFDFqVMGqfKk67OT3dGFxMS3Gwu-Yzpbz3VJDUe485fur9Ngzehz6rbsh4POrXjdy1oarynAKia099dIRToVProrjoitQq0dIbpCICTQ5QjZbxapwNFT0nX-bGYDy6nU4TB0r5YegvusDAWDBKxkTV3SPqSOqVhVZQqbbtKz9iua8LVlqYoxC7e3CJ6XYQTyIq-1LVIH0ljKZYhQWiME9SSf3uJKOBwmWQDlZEaW5TxuqFNTZ6XilpgdNyE1M3_vvcqzO8HtwhToA

Verdicts & Comments Add Verdict or Comment

402 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-21 02:08:49	Name: sync Value: CgoIoQEQoY3GkKUyCgoI4gEQoY3GkKUyCgoI5gEQoY3GkKUyCgoIhwIQoY3GkKUyCgkIOhChjcaQpTIKCQgbEKGNxpClMgoKCIwCEKGNxpClMgoKCKwCEKGNxpClMgoKCK0CEKGNxpClMgoJCF8QoY3GkKUy
samfw.com/	1970-01-20 23:59:20	Name: XSRF-TOKEN Value: eyJpdiI6IkNpWTNxTjRMeU9VWXNTWTJOV1l4MEE9PSIsInZhbHVlIjoiamdRN3BVOGR3OVphaG5ublBmWU14Q2s4QU5YWDhpN0svZ28wS3NTRmV0eWF1Ty9MQWt6Lzh2aVBjK1hyQ1Via2cwYk94S3hCNVZIOXFQVlpVRkQ0RWVHOTl5SDZwTmY4Y0x4aHM1NXVSZHNMbXBSY1dmTVVDVHNxVkNHV1ZUdUciLCJtYWMiOiI2ZjVmZTZhOThiMTI0ZmFkNGRjYWU1MmY5Y2MxZDhjYzIzNDc4Mjk4YzU5NTc4ODFkYjM3ZTBjODM1NTYyOTQzIn0%3D
samfw.com/	1970-01-20 23:59:20	Name: samfwcom_session Value: eyJpdiI6Im9zd0FiTVJtbW4wVC9iYjhmV3B5d2c9PSIsInZhbHVlIjoiaFRweGxRMEZyd2lQTlpJS1FzTTNCdlJPRW5ZY2dycWZIbDBwMDh3cGxRWnlkZS8wZjByaDB4OHZvbUNBRlZEUm9mS2FFd0ZyeThqbG1mNGF2aGlVMUJZQnBMU3V1WWVrdDU2QkduOHpXdTVSTlBBVXUrOGZqa21oUVFIZEtGYmciLCJtYWMiOiIzZDg3MDBiNWE1OWM1ZGE5YmQ2YTU4NDZlOGE0NzVhMGRmYTA5NjAxNTgwOGE0NTg2MGU4NmVhMWI0Y2VjZGRlIn0%3D
samfw.com/	1970-01-20 23:59:15	Name: stpdOrigin Value: {"origin":"direct"}
samfw.com/	1970-01-21 00:42:25	Name: _ssid Value: 1727953731030l5gn7q
.samfw.com/	1970-01-21 08:44:49	Name: _sharedID Value: eb6e7ad9-a131-42ad-b762-9a3c7d393ad6
.samfw.com/	1970-01-21 08:44:49	Name: _sharedID_cst Value: zix7LPQsHA%3D%3D
.samfw.com/	1970-01-21 02:08:49	Name: _gcl_au Value: 1.1.1327328940.1727953731
.adnxs.com/	1970-01-21 02:08:49	Name: XANDR_PANID Value: GRnOCfn4iv6APxFmQzgAIEk_utM-AoUPX-m2KDpIFJtoRrWbknRxWbpqGZNbPQeLrvRxioePTn8XCzdSrGBIloOGlktBZRxG2tetFjrgxg4.
.adnxs.com/	1970-01-21 02:08:49	Name: icu Value: ChgIuJJ8EAoYASABKAEww_b5twY4AUABSAEQw_b5twYYAA..
.adnxs.com/	1970-01-21 09:35:13	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 02:08:49	Name: uuid2 Value: 660339760793294773
.samfw.com/	1970-01-21 09:35:13	Name: _ga Value: GA1.2.885069946.1727953731
.samfw.com/	1970-01-21 00:00:40	Name: _gid Value: GA1.2.1941988067.1727953732
.samfw.com/	1970-01-20 23:59:13	Name: _gat_gtag_UA_163898725_1 Value: 1
.doubleclick.net/	1970-01-21 09:20:49	Name: IDE Value: AHWqTUkyFKeTOg7Bzq8sG9Kzw2FOiJpaX3gKHCPimQCS2_VxzniTdMnqitYhDxeZjtk
.criteo.com/	1970-01-21 09:20:49	Name: uid Value: 5c70c3bf-2457-4728-abc6-804e44f7faa8
.criteo.com/	1970-01-21 09:20:49	Name: receive-cookie-deprecation Value: 1
.samfw.com/	1970-01-21 09:20:49	Name: cto_bundle Value: prR-RF9LNiUyQlRoWDV1JTJCcnJ5ZlRibXdvZlJEJTJCT0dwMUZWcUZVdiUyQkd4YXpqajZGRHhRUDcwQjZLaWUlMkJScmMydk84UUhDVjRmZmhFQWJvZDVnM1pFU1ZONUZpMTBId2hmYVdLUm1CV2oyJTJCNTQ2cTVJQ0M2NHpEc3RXNkc4NmNSWEZSVDZHZ0NMYUFaRzdod01TVnRLQzZBN3hzSFElM0QlM0Q
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1
.3lift.com/	1970-01-21 02:08:49	Name: tluidp Value: 3030697080935559412028
.3lift.com/	1970-01-21 02:08:49	Name: tluid Value: 3030697080935559412028
.samfw.com/	1970-01-21 09:20:49	Name: __gads Value: ID=1c8959f11b7e8e74:T=1727953732:RT=1727953732:S=ALNI_MZCbm8Knyl1KgCfNVQxISF3L_NwWQ
.samfw.com/	1970-01-21 09:20:49	Name: __gpi Value: UID=00000f1f5f84c31e:T=1727953732:RT=1727953732:S=ALNI_MYVilzStfdBv0Xg7ncY7AhoQhqSVg
.samfw.com/	1970-01-21 04:18:25	Name: __eoi Value: ID=2c0dd6fff40e90c9:T=1727953732:RT=1727953732:S=AA-AfjaIIdUKv0bhvNtb7siiwRGN
.id5-sync.com/	1970-01-21 02:08:49	Name: id5 Value: 50dc0649-64e2-7818-9223-97dce9751617#1727953733357#1
.samfw.com/	1970-01-21 09:35:13	Name: _ga_JF7Y9R03YP Value: GS1.1.1727953731.1.0.1727953733.0.0.0
.bing.com/	1970-01-21 09:20:49	Name: MUID Value: 290678DD476D6D0A22226DD046066C67
.c.bing.com/	1970-01-21 00:09:18	Name: MR Value: 0
.adform.net/	1970-01-21 00:43:55	Name: C Value: 1
sync.srv.stackadapt.com/	1970-01-21 08:44:49	Name: sa-user-id Value: s%3A0-ec40bf78-1f0c-536c-7cba-72aed57a4f07.%2FBkNWRLDiNMUV5U15nH3AWz%2BODhfpSl57Yig4lKPb84
.srv.stackadapt.com/	1970-01-21 08:44:49	Name: sa-user-id Value: s%3A0-ec40bf78-1f0c-536c-7cba-72aed57a4f07.%2FBkNWRLDiNMUV5U15nH3AWz%2BODhfpSl57Yig4lKPb84
sync.srv.stackadapt.com/	1970-01-21 08:44:49	Name: sa-user-id-v2 Value: s%3A7EC_eB8MU2x8unKu1XpPB7nMAbk.yTxR16atF7bJP0Y2ZfDmKgZ6%2B%2B%2Bc7CCfTJ7rexECoak
.srv.stackadapt.com/	1970-01-21 08:44:49	Name: sa-user-id-v2 Value: s%3A7EC_eB8MU2x8unKu1XpPB7nMAbk.yTxR16atF7bJP0Y2ZfDmKgZ6%2B%2B%2Bc7CCfTJ7rexECoak
sync.srv.stackadapt.com/	1970-01-21 08:44:49	Name: sa-user-id-v3 Value: s%3AAQAKIEVJZ5nOOD_RKP2sn_UWzFpdtX99y3pGFYewsqF_N2qQEGcYBCDF9vm3BjABOgS9RxseQgRDKpmy.GaqNtmEcBA8pDHckJRYljwRTaZu%2Byn2BmKeVcQkqm6Y
.srv.stackadapt.com/	1970-01-21 08:44:49	Name: sa-user-id-v3 Value: s%3AAQAKIEVJZ5nOOD_RKP2sn_UWzFpdtX99y3pGFYewsqF_N2qQEGcYBCDF9vm3BjABOgS9RxseQgRDKpmy.GaqNtmEcBA8pDHckJRYljwRTaZu%2Byn2BmKeVcQkqm6Y
.adform.net/	1970-01-21 01:25:37	Name: uid Value: 7070968462635868244
.adform.net/	1970-01-21 00:09:18	Name: TPC Value: 1727953734014
.linkedin.com/	1970-01-21 08:44:49	Name: bcookie Value: "v=2&19810e60-8f57-491d-8955-bca225c82f19"
.linkedin.com/	1970-01-21 04:18:25	Name: li_gc Value: MTswOzE3Mjc5NTM3MzM7MjswMjGbdgzOD7Gk9wmstSItfPsvCObN2nhwTUQZYfNUtyd+DQ==
.linkedin.com/	1970-01-21 00:00:40	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3318:u=1:x=1:i=1727953733:t=1728040133:v=2:sig=AQHNpcW51CsGVtEdtcmuRmFuTRAwK6W6"
prebid-stag.setupad.net/	1970-01-21 02:08:49	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiNzA3MDk2ODQ2MjYzNTg2ODI0NCIsImV4cGlyZXMiOiIyMDI0LTEwLTE3VDExOjA4OjU0LjQ1MDU2MDg2NFoifX19

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://tagan.adlightning.com/setupad-hai/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/setupad-hai/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/setupad-hai/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
acdn.adnxs.com
adx.adform.net
bidder.criteo.com
c.amazon-adsystem.com
cadmus.script.ac
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.adform.net
config.aps.amazon-adsystem.com
connect.facebook.net
connectid.analytics.yahoo.com
d0935063c26ce10cd8c11bf009516a4b.safeframe.googlesyndication.com
eb2.3lift.com
fonts.cdnfonts.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
i.imgur.com
ib.adnxs.com
iccid.info
id.hadron.ad.gt
id5-sync.com
images.dmca.com
invstatic101.creativecdn.com
ipsw.pro
lb.eu-1-id5-sync.com
lgrom.com
mifirm.net
mp.4dex.io
node.setupad.com
oa.openxcdn.net
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
proc.ad.cpe.dotomi.com
rtb.openx.net
s.adtelligent.com
s1.adform.net
samfw.com
script.4dex.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
setupad-d.openx.net
setupad-hai-tagan.adlightning.com
static.cloudflareinsights.com
static.criteo.net
stpd.cloud
tagan.adlightning.com
tags.crwdcntrl.net
td.doubleclick.net
tlx.3lift.com
tpc.googlesyndication.com
track.adform.net
u.openx.net
vanced.me
www.google-analytics.com
www.google.com
www.google.fi
www.googletagmanager.com
www.gstatic.com
pagead2.googlesyndication.com
104.17.25.14
104.18.35.167
104.26.8.178
13.224.186.120
13.33.173.196
142.250.185.142
142.250.185.67
142.250.186.66
142.250.186.68
142.250.186.78
151.101.129.229
157.240.0.6
159.89.25.223
162.19.138.117
163.5.194.30
172.67.145.26
172.67.184.158
172.67.209.125
18.245.31.92
18.66.102.9
18.66.147.69
185.184.8.90
185.89.210.212
188.114.96.3
188.114.97.3
199.232.196.193
2.19.126.149
216.58.206.34
216.58.212.162
23.215.23.172
2400:52e0:1e00::1081:1
2600:9000:223c:2800:10:dd8:5e40:93a1
2600:9000:2724:3a00:a:e047:754:afe1
2606:4700:10::6816:30d3
2606:4700:10::6816:3456
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:20::ac43:4bf1
2606:4700:4400::6812:22b2
2606:4700::6810:5049
2606:4700::6812:1791
2606:4700::6812:1f31
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:813::200e
2a00:1450:4001:827::2008
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a01:4f8:272:4e01::2
2a02:2638:3::3
2a02:2638:3::39
2a02:2638:3::c
2a02:fa8:8806:13::1460
2a04:4e42::485
2a06:98c1:3120::3
3.124.64.248
34.102.146.192
34.96.70.87
34.98.64.218
35.186.253.211
37.157.2.250
37.157.4.29
37.157.5.132
65.9.66.104
76.223.111.18
0334bd3e680f96ae945b21cb25901dcdec5556d1fad981ee9929258b024e6f71
038427217743617442b03a64867931d75be8ecfeca75c8d49bd62199931a9c7d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07ac08a5e37347c8cb3cfd697957d3be5f8bb8d221f9850cbc6fcd1d79f8c651
0c1557e68e5f7f9371e83f7e8676994462c8c16a0631abca96d7f2c951d67fe3
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
140ad1b9cfaf3f8fe6858cb2f6ca09a3428811a8c769b7fe9dda5cb21b7206f3
15956e953fd36bd7f4d2f1f77dfad5a3741db9e52b094f80c6cef4f78eb6a779
162fbb544434e95e27bd345632426d982f2769f6bf9a5bd415dec7735ffc39bb
1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8
1806e8e738bd4b8d43ba38d3aeb44bbdb1793137a28d33f0bb605c99db8e5e3f
1871f6537b97797c6a6fb6a8f97f3c26a38c8dff37c6e0e8fe73bd004e9d1f95
1a37855ea33990c4331c2b05b0650c29780a1017c95e797617b9b6bf21355786
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
214433d4d49b5297ab0e1fcbb296dc3b6ef843b053c9d6100fa99435e1a68d2e
25304f55e96bc18514a5a0de5068ff792983017e85e2ce5ca7052bef0bcf166b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26cd88f80e32bf9cd9d41030edd478f71e9e41a88f06ce1467c3ea9b7d24ec83
27fe14c1052c779159f67004401580b64274333cfcac43fd426e9049f291eb90
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
2b5aad44c0e11ac29556ec8a0a4ddb7f7809006cd5fcf323e91eeeb7da258605
340865cafdf27fdf94b5782f38adde8e0c0f8d3071b7777b87ce3816fa5ed834
387d774e084587ed9901f1bd05a59b2cfcff1656c7caa62726b479622c0a4360
393cb2d55ece50ddff6d2fcfa2a2b6249251a6abd8b8089009d7212d69a10546
3a4b03a6c128b46647ca81421d1b1db2577751a66b09c13677c8d753cac18c7a
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7
3b9767e5d0bea4d284bb1e624cc6ee3244b13efedfe5424eb5140ef326511eb7
3cff84d3745f544c92745770a2e348087e789a449a98a2ae482e553e5e8bb94a
3fe84521960a4b2f629a9d3cf62a62d3befc5a4c2e3b4256941ff3939bf7582b
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47782e508a153c184ef9d43bf8b372b4f51de851124fc5893232a404f6ff04ed
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
49ce84f5ee23974e99936864b11b17c6d911c882018d3df1c8a6c598e551b188
4dd707f55fd1cb8ba02b431427c183bdeeed0adfa81d9dfb368126986d94b358
51f5ea1401fc3f292ded2892fc01ea80b0a48a165fa0df587c0523f4f2d473bc
5304932f235195e947a688be6541bcc93a3faf4ba385266178aae28c8751715d
5379e3d4fc3e0416a9b1253dd32124d108ff548e3674f290bf7777934288726e
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55395142ff59cec3edc25f2d26357b182f5fd9c0f92f4de87560b539f8bbe64c
560dfcac42ead6985d2e72778b5d4f548427fcf1e5aa439b8c4edda4ca09c5d9
56351c084d8d56437d41f1e58b7eb184b563871e88bab60f6b15486c39f13996
5839ac2bc1c0f926daebdd85cd9b5ab64b360f7074f3ce90aaacaadc21a4ffb6
5e8020e3d61bfee03a48ca66498521053b0bdcc1a3d8791250ac9bf0f768cbf2
5f20a0baae01ee5b3cf1cdeb17c9558e0238c290e7f6d07af738b56bdc49ab56
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b
6068220efe32f5b7a4694319611eabb759100caa9c20f5fb8ab9aae36c8a34de
61c3a8eb8880d786ec0c26b82638fb8e64bd6f47e93bfee58ca1df5e114e4923
6274f5fdbf0dddd7cbfbc09f3445aa206a68cdf005618c5de76ccc64d32d3658
64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1
656f106ba76a453f5497ac7ca9d2b1b2f3e75af439feafcc57768ebd474b7d3c
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
676ff4e7daaba1957f7c5d4a5f5eac6eb91c9d522296ef6f8ef16298f6b7a831
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d316fc59e3ff1d6abc4750b653a4753d63d9fd062c64bcdf5c4acc1210e0812
6e8469b33fcca65f587391ecd3c3305a28304951d604d24e7eaeb20973fd9b8d
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
726868fb1e3a84e3fcdfa52630aa9e70f6328750b335438a96fad8c5738b104d
73eac51eebe6b19992a67033fee54dbb97d5d33f4f45681c4c65cf71b566d74b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
7a931199a7636f282b78d5e1f32c849405a8223edf81542df7fa3852c545b49b
822e92296b8a874756bbf9de9dee0c5bb11978797cb862158e30f63f0b7db0ec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001
8b55fb4a75d471d1914c00f5c4cf157d3671edf76592e80883966507cf041b41
8d854204ecb4a25e674c839da7e4cf1cf9919eee0e2ea757204c8507b9951fd2
8e444ce2bb5e9acbed7fbef1b108f6ccdc97a100a9e3a36397e317e0d5963536
8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35
8ede13eb3ac23e602ec635dd77ec5321bacba2d364967ae647f45843aa2f2dc6
90a5a60ae0b0c150f1d78d3b41a05a6768bc6959e8251a0fe8f1c323101bee18
91bb0dbfeabaada68e709bced9418d0d8cd4f40cbaa27f3ffbce0c39d7426d77
920a8254dfcba550c44cf1d92d88e11f43b7f2d236662d09df3fb480e1cfa234
924aa278cd49a1313b8ce02036da16817df6af6e872e6a4c53dcb640b064503e
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
97e302decf02d2f85804708f5dab9a630d6844992f358e428671a45ce4075332
9914d1394f461493b222ec3fc32747d5c9f032fa832f6e5dbbb76cb148c9bb9e
9963f5b0e2cf0df9868755d53be44f5a1b39e88bd59ced041131ae48a8e0ed6b
9a373ae6214168509dc4fe047f320b9d27bd87ed907d66806ce9b865ca55042a
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
9f63adfc81866b781b99b62d31325a078a7f4208b1217d02c9056772afca0574
a04036b41f1461de36539a5356ee2b2a7eed4945530c1b6b873bbff9c9a8b906
a0996942afd9a0f201960aa9c55af925d0e2382b01e40bfdcdc7c1e4c7b5a089
a248065dae30f55ae236665bf3b2eff858f686c3ef42a73249c90fee5269dd19
a252cb1e19a26b01e3fadb4f8228ac9f6dcbbaeeffc41e53651a48e876dabdb7
a2e2920edac4888c304afe7d7775f91d0862f41761b06af92c18943a5ee15fca
a53e8ed68b305a1407569e8bb5257f0c9bce42b5e854254c0c9d915964d91c5e
a739c3875ed9dca18cba27f7e793228bd2308b6e231ae8166c51356114d63057
aa9f6b58881941bb89050d8b3d2c27f9893911b81a8f4739dadb51ea96331df4
abc50021338ab4551b32de53540e77bf1f970e00d8d8c569780adacbf46a18a6
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
ad414661e26221eb7e3abd5782f688e228b4216fb15c18b5ddaef7ca9ecbcbeb
b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27585c60427199e29cfb4dca14559e5b958174b7af6a78eef68d4dbfb282c52
b27a73fe72c5c4ba18484e7717a330ca08b5bf1e126a51570b066b3de727b9ba
b2ebbfb5650ca4a0250bad372f3911b4abb2caabd3f39dc2e6fb29db7eaddaf7
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bbed8abf9faeb3ec7ddab4e5c02e0633eb56b96cfbfc83ed93d8d5e7eab5bfab
bc3669e8a6af6c2c6dcdc38e114ddd31d19672e9cee2f0ba08727536aff33071
bd2fb1932146ab59338f0fc57fec9aa2d749a53efccfbccba4229b6af1b3db62
bdfa942f4824880db1808b4fb9b70fb2f308e97f7855b0ec621a1cbb90bb06a2
c06f0ff3bff18094a91fb345b425c2d6cbac9fb8ea56f6db2e879cd49fa36510
c09b0c7aff20f8b700bacf3d15188c0fb5a7377b8fc328e907d74ee9cede51a3
c278b5b684e1cc5c7bf60e2f2dc781ca7692a92dd3a95800496a6b8b7a3cb94c
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5
c601c5cd461b4bfe66c31b39c6dfc040f4da907c942230c2d4bf09d86604e939
c71a7164d8482b943db03932827683cb8ca7055e634339a717940bed1b77e06d
c72f3682c82db97d531cf0210890982f5a30a7f431c038be84d94ed24231931b
c776b3baeb6873855bd5b7acda924be596cc035d48603cf3281744ffdb4348dd
c87f038ba3187db6d88262345aaa695f70bac44538d98be3e303c7b5e9a44420
ca3af8a062541dac855ce2815a99b7e3505ad45788a62ef6ea712acf47b5d987
cc3f17c8b665912f05c72cc9299d99a204f31a1db8433a6892b805cf2e055fbe
cd39897ffb75f867dd79d60fdaefc61a8643603d2132d83823e078dc28e16de9
cd9446e12334a3051376dff3ff0d6d8bf510694251743be515be632ba1e981ef
cdf0311fb121d948316b089ba5c004739cc8e7644bdc05c88c633181ad1b39d1
ce784660775c196b3eaae5369bab374896a97a682531863832d64b8249d9ac14
cefe70262b9b05ab789ea370a235baa93acf0ec1098e1ec39afba41c744891be
d118783a0c33f500f8adf821df60744e52f9754cbb1fbd04b9560349f1784fbd
d2e32a2f0e2ef0d4105ee9762f91294140bebf5d74b2af1412906f475aaad270
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
daa4ccb4643215934abf5b0d2821ab3d8e97560db79e32b256480058c2a56c3c
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0023a4d99a8085630d1430b58a1fd920d4411830aff093c59abba26aec04ef3
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67c2983ce9f0d72efa2023c2d0e5c15de736310798d5f57cd4414edfbcc5e27
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e9a593b2e053503a82ef0205edd928d632bbc1dc35c449e4e65d2d011b6482b0
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07e0d72273195cd4e15515817290ea974c1984b67b086883471c1f5e1b40f3d
f35b3d521d98fb8e2ee632e7b6a6893bab0eb99cf4173d463b8c9e8f5bf857b2
f6bc7c9009a7c835800ccb44258f197a071804b177f7ccf506c5be4e586a451d
f821113c24955a956a7d286d0e753bf11e1c00db8a2c7281c043777d8a88489a
f960ea997553b79140e4235c693bd5f1729eae5cf13cd39ee52d18aed813207f
fda7e6a5c86446322078ef7d532c37a954888d5e5eaf79706bb765ad1e74da60
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

samfw.com Open in urlscan Pro 2606:4700:10::6816:30d3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

237 Requests

97 %HTTPS

41 %IPv6

48 Domains

68 Subdomains

68 IPs

7 Countries

3251 kBTransfer

8955 kBSize

42 Cookies

16 Outgoing links

Redirected requests

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

samfw.com Open in urlscan Pro
2606:4700:10::6816:30d3 Public Scan

Screenshot
Live screenshot

Full Image

237
Requests

97 %
HTTPS

41 %
IPv6

48
Domains

68
Subdomains

68
IPs

7
Countries

3251 kB
Transfer

8955 kB
Size

42
Cookies

237 HTTP transactions
3 data transactions