urlscan.io logo urlscan.io
SecurityTrails logo

prfctr.com Open in urlscan Pro
104.21.35.141  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clicktime.symantec.com/15x8hgYJcisUoFt7Rgqmr?h=pFVhDVEc-u1UwkSlHWeg6nBDzlh6gcHZhef1hfjRKDA=&u=https://go.sparkpostmail2...
Effective URL: https://prfctr.com/?listId=132594&email=george@roycefunds.com
Submission: On December 02 via api from RU — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 22 domains to perform 25 HTTP transactions. The main IP is 104.21.35.141, located in and belongs to CLOUDFLARENET, US. The main domain is prfctr.com.
TLS certificate: Issued by WE1 on November 29th 2024. Valid for: 3 months.
This is the only time prfctr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.26.61.105 16509 (AMAZON-02)
1 1 54.148.0.131 16509 (AMAZON-02)
1 1 34.193.21.59 14618 (AMAZON-AES)
1 1 104.21.88.77 13335 (CLOUDFLAR...)
5 104.21.35.141 13335 (CLOUDFLAR...)
2 108.139.47.88 16509 (AMAZON-02)
13 16 18.208.54.26 14618 (AMAZON-AES)
1 54.82.161.96 14618 (AMAZON-AES)
1 157.240.241.1 32934 (FACEBOOK)
1 2 35.211.202.130 15169 (GOOGLE)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
2 2 3.33.220.150 16509 (AMAZON-02)
2 2 142.250.80.98 15169 (GOOGLE)
1 2 104.18.27.193 13335 (CLOUDFLAR...)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 107.178.254.65 396982 (GOOGLE-CL...)
1 69.173.146.5 26667 (RUBICONPR...)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
1 64.202.112.127 23352 (SERVERCEN...)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 2 69.147.92.11 14777 (YAHOO)
1 141.226.224.48 200478 (TABOOLA-A...)
1 2 35.71.139.29 16509 (AMAZON-02)
1 2 68.67.181.211 29990 (ASN-APPNEX)
1 44.223.154.245 14618 (AMAZON-AES)
25 18
1    52.26.61.105 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-61-105.us-west-2.compute.amazonaws.com
clicktime.symantec.com
1    54.148.0.131 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-0-131.us-west-2.compute.amazonaws.com
go.sparkpostmail2.com
1    34.193.21.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-21-59.compute-1.amazonaws.com
trk.investmentwheel.com
1    104.21.88.77 (None, )

ASN13335 (CLOUDFLARENET, US)
go.scanned-safe.net
5    104.21.35.141 (None, )

ASN13335 (CLOUDFLARENET, US)
prfctr.com
2    108.139.47.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-88.jfk50.r.cloudfront.net
s.adroll.com
16    18.208.54.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-54-26.compute-1.amazonaws.com
d.adroll.com
1    54.82.161.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-161-96.compute-1.amazonaws.com
x.adroll.com
1    157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net
connect.facebook.net
2    35.211.202.130 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com
x.bidswitch.net
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
cm.g.doubleclick.net
2    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    69.147.92.11 (Ashburn, United States)

ASN14777 (YAHOO, US)
PTR: e1.ycpi.vip.dca.yahoo.com
ups.analytics.yahoo.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
sync.taboola.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    68.67.181.211 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    44.223.154.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-223-154-245.compute-1.amazonaws.com
x.adroll.com
Apex Domain
Subdomains		 Transfer
20 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3645
d.adroll.com — Cisco Umbrella Rank: 1673
x.adroll.com — Cisco Umbrella Rank: 3549
48 KB
5 prfctr.com
prfctr.com
147 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 470
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
982 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
594 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 525
528 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
830 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 607
2 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 393
830 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1304
364 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 886
585 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 897
360 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
1 KB
1 pippio.com
pippio.com — Cisco Umbrella Rank: 805
569 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
61 KB
1 scanned-safe.net
go.scanned-safe.net
671 B
1 investmentwheel.com
trk.investmentwheel.com
554 B
1 sparkpostmail2.com
go.sparkpostmail2.com — Cisco Umbrella Rank: 277203
465 B
1 symantec.com
clicktime.symantec.com — Cisco Umbrella Rank: 201475
735 B
25 22
Domain Requested by
16 d.adroll.com 13 redirects s.adroll.com
5 prfctr.com prfctr.com
3 pixel.tapad.com 2 redirects
2 ib.adnxs.com 1 redirects
2 eb2.3lift.com 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 us-u.openx.net 1 redirects
2 idsync.rlcdn.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 cm.g.doubleclick.net 2 redirects
2 match.adsrvr.org 2 redirects
2 x.bidswitch.net 1 redirects
2 x.adroll.com s.adroll.com
2 s.adroll.com prfctr.com
s.adroll.com
1 sync.taboola.com
1 image2.pubmatic.com
1 sync.outbrain.com
1 pixel.rubiconproject.com
1 pippio.com
1 connect.facebook.net s.adroll.com
1 go.scanned-safe.net 1 redirects
1 trk.investmentwheel.com 1 redirects
1 go.sparkpostmail2.com 1 redirects
1 clicktime.symantec.com 1 redirects
25 24

This site contains no links.

Subject Issuer Validity Valid
prfctr.com
WE1		 2024-11-29 -
2025-02-27		 3 months crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M03		 2024-09-08 -
2025-10-07		 a year crt.sh
*.adroll.com
Amazon RSA 2048 M02		 2024-07-03 -
2025-07-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-10 -
2024-12-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://prfctr.com/?listId=132594&email=george@roycefunds.com
Frame ID: FF7C92BCAE5213A84D2FDCDA67867576
Requests: 24 HTTP requests in this frame

Frame: https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS
Frame ID: D6D56A9D11A69029F9F9193E423CD404
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://clicktime.symantec.com/15x8hgYJcisUoFt7Rgqmr?h=pFVhDVEc-u1UwkSlHWeg6nBDzlh6gcHZhef1hfjRKDA=&u=https... HTTP 307
    https://go.sparkpostmail2.com/f/a/rmf1QEaIRYqirhoH2_-IYA~~/AASACgA~/RgRpL5KEP4QPAWh0dHA6Ly90cmsuaW52ZXN0bW... HTTP 302
    http://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7ol0q7pfd3uknl6oz4rbpqfpmiz7cymxs3pi4za... HTTP 307
    https://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7ol0q7pfd3uknl6oz4rbpqfpmiz7cymxs3pi4za... HTTP 307
    http://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7ol0q7pfd3uknl6oz4rbpqfpmiz7cymxs3pi4za... HTTP 302
    https://go.scanned-safe.net/prefs/george@roycefunds.com/132594 HTTP 302
    https://prfctr.com/?listId=132594&email=george@roycefunds.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

48 %
HTTPS

0 %
IPv6

22
Domains

24
Subdomains

18
IPs

2
Countries

251 kB
Transfer

555 kB
Size

43
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clicktime.symantec.com/15x8hgYJcisUoFt7Rgqmr?h=pFVhDVEc-u1UwkSlHWeg6nBDzlh6gcHZhef1hfjRKDA=&u=https://go.sparkpostmail2.com/f/a/rmf1QEaIRYqirhoH2_-IYA HTTP 307
    https://go.sparkpostmail2.com/f/a/rmf1QEaIRYqirhoH2_-IYA~~/AASACgA~/RgRpL5KEP4QPAWh0dHA6Ly90cmsuaW52ZXN0bWVudHdoZWVsLmNvbS8_eHRsPTNna3I2Zzg2Y3Y4dGFicndjM3o0dHNrNGgyZWI0MXljN29sMHE3cGZkM3Vrbmw2b3o0cmJwcWZwbWl6N2N5bXhzM3BpNHphZmZzYjZvMHhienJvaWg1cHE4aXhqM3NrYmQ0YXpibzZlejlkaHoycWk1MTlpbTBtZjI5MTZlOWdmOHRlbW8xaGFqNXNua25tdm8zM25ubGU3eWNqMmxqZiZlaT1nZW9yZ2VAcm95Y2VmdW5kcy5jb20mX19zdG1wPXNudWV0ZiZfX29ubHQ9aCZlbWFpbD1nZW9yZ2VAcm95Y2VmdW5kcy5jb21XA3NwY0IKZ0aEDU1nFfceGFIVZ2VvcmdlQHJveWNlZnVuZHMuY29tWAQAAABo HTTP 302
    http://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7ol0q7pfd3uknl6oz4rbpqfpmiz7cymxs3pi4zaffsb6o0xbzroih5pq8ixj3skbd4azbo6ez9dhz2qi519im0mf2916e9gf8temo1haj5snknmvo33nnle7ycj2ljf&ei=george@roycefunds.com&__stmp=snuetf&__onlt=h&email=george@roycefunds.com HTTP 307
    https://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7ol0q7pfd3uknl6oz4rbpqfpmiz7cymxs3pi4zaffsb6o0xbzroih5pq8ixj3skbd4azbo6ez9dhz2qi519im0mf2916e9gf8temo1haj5snknmvo33nnle7ycj2ljf&ei=george@roycefunds.com&__stmp=snuetf&__onlt=h&email=george@roycefunds.com HTTP 307
    http://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7ol0q7pfd3uknl6oz4rbpqfpmiz7cymxs3pi4zaffsb6o0xbzroih5pq8ixj3skbd4azbo6ez9dhz2qi519im0mf2916e9gf8temo1haj5snknmvo33nnle7ycj2ljf&ei=george@roycefunds.com&__stmp=snuetf&__onlt=h&email=george@roycefunds.com HTTP 302
    https://go.scanned-safe.net/prefs/george@roycefunds.com/132594 HTTP 302
    https://prfctr.com/?listId=132594&email=george@roycefunds.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://d.adroll.com/cm/b/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
Request Chain 11
  • https://d.adroll.com/cm/experian/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d9176086-daa1-4e20-a3ae-365bf30777ee%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d9176086-daa1-4e20-a3ae-365bf30777ee%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=fc11607c-2afc-425d-ab73-bbab546c447b&ttd_puid=d9176086-daa1-4e20-a3ae-365bf30777ee%2C%2C
Request Chain 12
  • https://d.adroll.com/cm/g/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=rgIFMrfNW6WKk3AFpf6m9A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=rgIFMrfNW6WKk3AFpf6m9A&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in
Request Chain 13
  • https://d.adroll.com/cm/index/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&expiration=1764642366 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&expiration=1764642366&C=1
Request Chain 14
  • https://d.adroll.com/cm/l/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=ae020532b7cd5ba58a937005a5fea6f4 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogYWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQQABoNCL61tLoGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=c06a67f4728351ba09d1014ae7383a6926d02da3672dc115b78317a48b69cefd791426b5417dce21&_=2
Request Chain 15
  • https://d.adroll.com/cm/n/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&expires=365
Request Chain 16
  • https://d.adroll.com/cm/o/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=ae020532b7cd5ba58a937005a5fea6f4&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=ae020532b7cd5ba58a937005a5fea6f4&gdpr=0&gdpr_consent=&cc=1
Request Chain 17
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 18
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 19
  • https://d.adroll.com/cm/r/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Request Chain 20
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
Request Chain 21
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Request Chain 22
  • https://d.adroll.com/cm/x/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
prfctr.com/
Redirect Chain
  • https://clicktime.symantec.com/15x8hgYJcisUoFt7Rgqmr?h=pFVhDVEc-u1UwkSlHWeg6nBDzlh6gcHZhef1hfjRKDA=&u=https://go.sparkpostmail2.com/f/a/rmf1QEaIRYqirhoH2_-IYA
  • https://go.sparkpostmail2.com/f/a/rmf1QEaIRYqirhoH2_-IYA~~/AASACgA~/RgRpL5KEP4QPAWh0dHA6Ly90cmsuaW52ZXN0bWVudHdoZWVsLmNvbS8_eHRsPTNna3I2Zzg2Y3Y4dGFicndjM3o0dHNrNGgyZWI0MXljN29sMHE3cGZkM3Vrbmw2b3o0c...
  • http://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7ol0q7pfd3uknl6oz4rbpqfpmiz7cymxs3pi4zaffsb6o0xbzroih5pq8ixj3skbd4azbo6ez9dhz2qi519im0mf2916e9gf8temo1haj5snknmvo33nnle7ycj2ljf&e...
  • https://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7ol0q7pfd3uknl6oz4rbpqfpmiz7cymxs3pi4zaffsb6o0xbzroih5pq8ixj3skbd4azbo6ez9dhz2qi519im0mf2916e9gf8temo1haj5snknmvo33nnle7ycj2ljf&...
  • http://trk.investmentwheel.com/?xtl=3gkr6g86cv8tabrwc3z4tsk4h2eb41yc7ol0q7pfd3uknl6oz4rbpqfpmiz7cymxs3pi4zaffsb6o0xbzroih5pq8ixj3skbd4azbo6ez9dhz2qi519im0mf2916e9gf8temo1haj5snknmvo33nnle7ycj2ljf&e...
  • https://go.scanned-safe.net/prefs/george@roycefunds.com/132594
  • https://prfctr.com/?listId=132594&email=george@roycefunds.com
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prfctr.com/?listId=132594&email=george@roycefunds.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.35.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da8cd2f46be6cf03848f657973630ae6a7b0e015d4621afbd0be54cc96ba6b11

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8eb7dec1ff3e36b7-YYZ
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 02:26:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lwOmffnmrvweo%2Bi9vvKq90Kw8oD663yIFx0FbAanNO4onyK9AUieTEpwdwcE6MayDloOOAaRH3xgWE0d676I4Z72ihjdAd%2B9x3akzuTgWXH2SIfI4DZWprJduJGu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=24175&min_rtt=23821&rtt_var=4162&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4163&recv_bytes=4516&delivery_rate=568&cwnd=12000&unsent_bytes=0&cid=b575ecb5fa8fa770&ts=153&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8eb7debf983bac7b-YYZ
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 02:26:05 GMT
expires
Mon, 02 Dec 2024 02:36:04 GMT
location
https://prfctr.com/?listId=132594&email=george@roycefunds.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g9fZQewKG7iaHesTodYLAWqMkyro8ip0XLsCbVXxos0gP%2FNGo3AbbPNN2gVwX7raS8Vevr7HYmdSHYxRSGVW8OKvKfasO8iu4Wq%2BQddwkg1tLrUQuPZbQSoUhMJL0OPg6jMe0DrL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=28941&min_rtt=23588&rtt_var=13438&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4048&recv_bytes=2382&delivery_rate=166708&cwnd=191&unsent_bytes=0&cid=6bfc4510d39eb42e&ts=299&x=0"
vary
User-Agent
jquery-3.6.0.min.js
prfctr.com/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prfctr.com/js/jquery-3.6.0.min.js
Requested by
Host: prfctr.com
URL: https://prfctr.com/?listId=132594&email=george@roycefunds.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.35.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/?listId=132594&email=george@roycefunds.com

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
265
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6NpcoLJnpMlbET3po1%2FMnc3Ht90Sjjda9Pl0tzAxrr5jW9dzc8xEGKDan2PQuqWTM1iUSQerCvTH08I5UDWdxrVQGw0hkPqzOcAcvwEwcKa1j89Xc%2Fy0EFrvWcO"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb7dec2f86336b7-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24116&min_rtt=23821&rtt_var=2441&sent=18&recv=15&lost=0&retrans=0&sent_bytes=9150&recv_bytes=5656&delivery_rate=160588&cwnd=12000&unsent_bytes=0&cid=b575ecb5fa8fa770&ts=209&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 02:26:05 GMT
content-type
application/javascript
last-modified
Mon, 10 May 2021 20:40:52 GMT
vary
Accept-Encoding
priority
u=1,i=?0
ajax-loader.gif
prfctr.com/images/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prfctr.com/images/ajax-loader.gif?rand=371740142
Requested by
Host: prfctr.com
URL: https://prfctr.com/?listId=132594&email=george@roycefunds.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.35.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8491a487c4cc4fb7fd43d0cde567907ef48fd13b39df64da05e8e179b5bfad2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/?listId=132594&email=george@roycefunds.com

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M4GDWh84pXedgrzF5oJNC5%2FMxKmxPfTb%2FeNIy3Ac7KaNipwPlwNzBKyqW6A577e5Tp0vTpwY3R7cat0kc32ER%2FB6MZUytGeeaSRN31YgmZWHQMNtmKGBdDF0VWnf"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb7dec2f86536b7-YYZ
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25619&min_rtt=23657&rtt_var=3061&sent=48&recv=31&lost=0&retrans=0&sent_bytes=43444&recv_bytes=6345&delivery_rate=829503&cwnd=26400&unsent_bytes=0&cid=b575ecb5fa8fa770&ts=374&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
106039
date
Mon, 02 Dec 2024 02:26:06 GMT
content-type
image/gif
last-modified
Mon, 10 May 2021 20:40:52 GMT
vary
Accept-Encoding
priority
u=2,i
email-decode.min.js
prfctr.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prfctr.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: prfctr.com
URL: https://prfctr.com/?listId=132594&email=george@roycefunds.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.35.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/?listId=132594&email=george@roycefunds.com

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"6740aa56-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7eAKBYndMT6%2BTKzJ11q44BmFkWYef5hPc6XgJ99PY1aJTkcURG1Y2f%2FTM5LKgRl52rz4XLPTbUauXyPQlQSM3n7RUMXXDAotOCtUifN5V%2BV6rUsLs4M6b%2FKdfAbL"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8eb7dec2f86936b7-YYZ
expires
Wed, 04 Dec 2024 02:26:05 GMT
date
Mon, 02 Dec 2024 02:26:05 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 15:59:18 GMT
server
cloudflare
vary
Accept-Encoding
roundtrip.js
s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/roundtrip.js
Requested by
Host: prfctr.com
URL: https://prfctr.com/?listId=132594&email=george@roycefunds.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-88.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78f8c2de532c0e5071f69ef0572aab838c84157703427ab35e883f23696e0681

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
kTovR.NpyXP3GBeJbr.lC4H5sVMzU8eD
Etag
W/"758ef16c53a848ca88a00ad7c3cd5aad"
Age
2401
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
hMQSUCFz2ezsQXw_0n0JpBgwFRiIB7IU6Etq7g_ILGius_fEeWdMvg==
Date
Mon, 02 Dec 2024 01:54:02 GMT
Content-Type
text/javascript; charset=utf-8
Vary
accept-encoding
Last-Modified
Mon, 25 Nov 2024 11:25:57 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 e60ffc5cb1078c77d0ecabfc06b14cd0.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
JFK50-P1
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
favicon.ico
prfctr.com/ 		10 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://prfctr.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.35.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a49d6bad79a8040b083cc0ce993da79f904cf20e02a91e91281c041277bdb56d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/?listId=132594&email=george@roycefunds.com

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZSuXZtJNTZCe%2FXw44t7RHsoGqxMH1Oe9NHfMaHFjG3Ffi%2FSKwfrlD%2FQ9JgQZHqUbQ7j4tLN%2FVHIsd%2BBmamg5qgmXrheenPN%2FBq%2B4DAMfbwpCOuGcAgcOIRZDs6VE"}],"group":"cf-nel","max_age":604800}
cf-ray
8eb7dec4ead136b7-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24326&min_rtt=23657&rtt_var=374&sent=142&recv=65&lost=0&retrans=0&sent_bytes=152594&recv_bytes=8166&delivery_rate=1823079&cwnd=76800&unsent_bytes=0&cid=b575ecb5fa8fa770&ts=628&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 02:26:06 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
FLABZ4S7ABGLXDGDZPXVMS
d.adroll.com/consent/check/ 		578 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/FLABZ4S7ABGLXDGDZPXVMS?flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&_s=258b6b06fde2291e16db95213ef1e8e7&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.54.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-54-26.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
6630411f81f04e966b964d5047b79624ce385764517f7769491ceb350602f5a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
content-length
578
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:06 GMT
pragma
no-cache
content-type
application/javascript
server
nginx/1.22.1
iframe_content.html
x.adroll.com/pxl/ Frame D6D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&advertisable=FLABZ4S7ABGLXDGDZPXVMS
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/roundtrip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.82.161.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-161-96.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://prfctr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
ad-auction-allowed
true
content-encoding
zstd
content-length
427
content-type
text/html
date
Mon, 02 Dec 2024 02:26:06 GMT
last-modified
Mon, 25 Nov 2024 21:07:41 GMT
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/roundtrip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-cUASzXz2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 02:26:06 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-cUASzXz2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4416, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
gsNJPHDKnoRLfQZzD0GLB/AiGQ1yQDPaAig5yOjAM4woGow37LUPkFxwh/JIaJcofnHQcT6DbFByzPu+WcnFPg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
sendrolling.js
s.adroll.com/j/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-88.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
CK4cMX5vZLEnRrAtBOR1tfE4_uNanswm
Etag
W/"4a64112c69b3c4b3f104f38d9547a094"
Age
106
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
pDIX4QoV60EENm36gLySfB7heGqy3LrngtqUOupYdA3enZdSI6OjHg==
Date
Mon, 02 Dec 2024 02:24:21 GMT
Content-Type
text/javascript
Vary
accept-encoding
Last-Modified
Mon, 30 Sep 2024 21:10:57 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=300, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 e60ffc5cb1078c77d0ecabfc06b14cd0.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
JFK50-P1
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
KPUNFH3A2VCZZEYDM5FE54
d.adroll.com/segment/FLABZ4S7ABGLXDGDZPXVMS/ 		42 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/segment/FLABZ4S7ABGLXDGDZPXVMS/KPUNFH3A2VCZZEYDM5FE54?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com&cookie=&adroll_s_ref=&keyw=&p0=305&adroll_external_data=&xa4=1&adroll_version=2.0
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/FLABZ4S7ABGLXDGDZPXVMS/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.54.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-54-26.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

x-rule-type
p
access-control-expose-headers
X-Advertisable-Eid, X-Attribution-Url, X-Segment-Eid, X-Segment-Display-Name, X-Segment-Name, X-Conversion-Currency, X-Conversion-Value, X-Rule, X-Rule-Type, X-Organization-Eid, X-Pixel-Eid
x-organization-eid
CIGMIDPO7FGD5FYVX3XA3Y
access-control-allow-methods
GET
x-segment-eid
LHLSFAYJMNBIZK4NL2JOCW
x-advertisable-eid
FLABZ4S7ABGLXDGDZPXVMS
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:06 GMT
x-pixel-eid
KPUNFH3A2VCZZEYDM5FE54
content-type
image/gif
x-attribution-url
https%3A%2F%2Fx.adroll.com%2Fattribution%2Ftrigger%3Ffpc%3D0c457d3a79ab795c0a4b8430b41dfdb5%26advertisable_eid%3DFLABZ4S7ABGLXDGDZPXVMS%26conversion_type%3DPageView%26conversion_value%3D0.0%26currency%3DEUR%26flg%3D1%26pv%3D39218048873.5393%26arrfrr%3Dhttps%253A%252F%252Fprfctr.com%252F%253FlistId%253D132594%2526email%253Dgeorge%2540roycefunds.com
access-control-allow-headers
Content-Type, *
x-segment-display-name
Visitors to Unsegmented Pages
cache-control
no-store, no-cache, must-revalidate
access-control-request-methods
GET
pragma
no-cache
x-conversion-currency
EUR
access-control-allow-credentials
true
x-conversion-value
0.0
access-control-allow-origin
https://prfctr.com
x-segment-name
*
content-length
42
server
nginx/1.22.1
x-rule
*
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds....
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
43 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
Protocol
H2
Server
35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.202.211.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Mon, 02 Dec 2024 02:26:06 GMT
content-type
image/gif

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 02:26:06 GMT
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://d.adroll.com/cm/experian/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40royc...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d9176086-daa1-4e20-a3ae-365bf30777ee%252C%252C&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d9176086-daa1-4e20-a3ae-365bf30777ee%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=fc11607c-2afc-425d-ab73-bbab546c447b&ttd_puid=d9176086-daa1-4e20-a3ae-365bf30777ee%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=fc11607c-2afc-425d-ab73-bbab546c447b&ttd_puid=d9176086-daa1-4e20-a3ae-365bf30777ee%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Mon, 02 Dec 2024 02:26:06 GMT
content-type
image/png
server
Jetty(11.0.13)

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=fc11607c-2afc-425d-ab73-bbab546c447b&ttd_puid=d9176086-daa1-4e20-a3ae-365bf30777ee%2C%2C
content-length
359
date
Mon, 02 Dec 2024 02:26:06 GMT
server
Kestrel
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds....
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=rgIFMrfNW6WKk3AFpf6m9A
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=rgIFMrfNW6WKk3AFpf6m9A&google_tc=
  • https://d.adroll.com/cm/g/in
42 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Server
18.208.54.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-54-26.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-result
g.-1.-1.-1
content-length
42
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:06 GMT
content-type
image/gif
server
nginx/1.22.1

Redirect headers

cache-control
no-cache, must-revalidate
location
https://d.adroll.com/cm/g/in
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
225
date
Mon, 02 Dec 2024 02:26:06 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefu...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&expiration=1764642366
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&expiration=1764642366&C=1
43 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&expiration=1764642366&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BUphosO978sGC2mZjQNztul%2BZ3ADU0JAEmmRM%2Bm%2BgDqGHos1DTicGF5mhTGTJO1DJCS7%2BqRLuv2TcByG5kxhdkQjuFoEelhDI4r5858R0agUSIRd9f8UG7hS83Z3FoCy1IwgPryfc27LHg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Mon, 02 Dec 2024 02:26:06 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8eb7dec788deab51-YYZ
content-length
43
server
cloudflare

Redirect headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QSrPC%2BcA2YRF3mA8GV5W7CxK11PhSindgjldDcLuP2TvcWI%2F4LLwdWUhHnBlwgkJBiYzWtFjXHWAFnmxHClw6BhqA1p01mlU59jBOGZYog%2F%2BgPJxNrmZ9sN5jpwY41wycz1pDMqT0Ylicg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Mon, 02 Dec 2024 02:26:06 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
location
/rum?cm_dsp_id=105&external_user_id=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&expiration=1764642366&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8eb7dec72847ab51-YYZ
content-length
0
server
cloudflare
sync
pippio.com/api/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds....
  • https://idsync.rlcdn.com/377928.gif?partner_uid=ae020532b7cd5ba58a937005a5fea6f4
  • https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogYWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQQABoNCL61tLoGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=c06a67f4728351ba09d1014ae7383a6926d02da3672dc115b78317a48b69cefd791426b5417dce21&_=2
42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=5324&it=1&iv=c06a67f4728351ba09d1014ae7383a6926d02da3672dc115b78317a48b69cefd791426b5417dce21&_=2
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Mon, 02 Dec 2024 02:26:06 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://pippio.com/api/sync?pid=5324&it=1&iv=c06a67f4728351ba09d1014ae7383a6926d02da3672dc115b78317a48b69cefd791426b5417dce21&_=2
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Mon, 02 Dec 2024 02:26:06 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds....
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&expires=365
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&expires=365
Protocol
HTTP/1.1
Server
69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&expires=365
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:06 GMT
pragma
no-cache
server
nginx/1.22.1
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds....
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=ae020532b7cd5ba58a937005a5fea6f4&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=ae020532b7cd5ba58a937005a5fea6f4&gdpr=0&gdpr_consent=&cc=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537103138&val=ae020532b7cd5ba58a937005a5fea6f4&gdpr=0&gdpr_consent=&cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
154.47.17.42
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 02 Dec 2024 02:26:06 GMT
content-type
image/gif
vary
Accept
server
OXGW/0.0.0

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537103138&val=ae020532b7cd5ba58a937005a5fea6f4&gdpr=0&gdpr_consent=&cc=1
x-forwarded-for
154.47.17.42
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 02 Dec 2024 02:26:06 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
OXGW/0.0.0
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40royc...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=&us_privacy=1---
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Mon, 02 Dec 2024 02:26:06 GMT
x-traceid
55763911ba8f4251d53766a4e8268748

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=&us_privacy=1---
content-length
137
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:06 GMT
pragma
no-cache
server
nginx/1.22.1
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40royc...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...
42 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 02 Dec 2024 02:26:06 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
content-length
212
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:06 GMT
pragma
no-cache
server
nginx/1.22.1
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds....
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Protocol
H2
Server
69.147.92.11 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
e1.ycpi.vip.dca.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Mon, 02 Dec 2024 02:26:06 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=31536000
location
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Mon, 02 Dec 2024 02:26:06 GMT
content-type
text/html
server
ATS
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40royce...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

x-fastly-to-nlb-rtt
39545
date
Mon, 02 Dec 2024 02:26:06 GMT
server
nginx
access-control-allow-credentials
true

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 02 Dec 2024 02:26:06 GMT
pragma
no-cache
server
nginx/1.22.1
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40ro...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Mon, 02 Dec 2024 02:26:06 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
/xuid?ld=1&mid=4714&xuid=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Mon, 02 Dec 2024 02:26:06 GMT
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds....
  • https://ib.adnxs.com/setuid?entity=172&code=YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
Protocol
H2
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
154.47.17.42; 154.47.17.42; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
ac79f1cf-7bc0-46ba-8aee-eafc4e08b603
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 02 Dec 2024 02:26:06 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
154.47.17.42; 154.47.17.42; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
3c445d04-0738-4d73-8dcb-92779eb2fd09
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 02 Dec 2024 02:26:06 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
trigger
x.adroll.com/attribution/ 		2 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.adroll.com/attribution/trigger?fpc=0c457d3a79ab795c0a4b8430b41dfdb5&advertisable_eid=FLABZ4S7ABGLXDGDZPXVMS&conversion_type=PageView&conversion_value=0.0&currency=EUR&flg=1&pv=39218048873.5393&arrfrr=https%3A%2F%2Fprfctr.com%2F%3FlistId%3D132594%26email%3Dgeorge%40roycefunds.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.223.154.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-223-154-245.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://prfctr.com/

Response headers

content-length
2
date
Mon, 02 Dec 2024 02:26:06 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"16174639138362673821","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"16174639138362673821","filters":{"source_type":["navigation"]}}],"debug_key":"11611046600343049159","debug_reporting":true,"filters":{"0":["FLABZ4S7ABGLXDGDZPXVMS"]}}
content-type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| setCookie function| getCookie string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| loading function| __adroll__ string| adroll_sid object| __adroll_consent_data object| dataLayer object| __adroll boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called function| fbq function| _fbq object| __adroll_pxl_assistant_track function| __adroll_idem0 string| adroll_seg_eid string| adroll_rule_type

43 Cookies

Domain/Path Name / Value
.d.adroll.com/ Name: receive-cookie-deprecation
Value: 1
.adroll.com/ Name: receive-cookie-deprecation
Value: 1
.prfctr.com/ Name: __adroll_fpc
Value: 0c457d3a79ab795c0a4b8430b41dfdb5-1733106366459
.prfctr.com/ Name: __ar_v4
Value: %7CFLABZ4S7ABGLXDGDZPXVMS%3A20250001%3A1%7CKPUNFH3A2VCZZEYDM5FE54%3A20250001%3A1
.casalemedia.com/ Name: CMID
Value: Z00avtHM56gAAAd4BkpVRgAA
.casalemedia.com/ Name: CMPS
Value: 5687
.casalemedia.com/ Name: CMPRO
Value: 5687
.tapad.com/ Name: TapAd_TS
Value: 1733106366628
.tapad.com/ Name: TapAd_DID
Value: d9176086-daa1-4e20-a3ae-365bf30777ee
x.adroll.com/ Name: ar_debug
Value: 1
.openx.net/ Name: i
Value: 0f5d0588-29d0-4752-9fa1-3c6a542efbaf|1733106366
.rlcdn.com/ Name: rlas3
Value: WXHxgTmYE22us1pUZtLEEiHufs+XTkmi17SjwuDj1QI=
.rubiconproject.com/ Name: audit_p
Value: 1|JwEDdxY5m1gODM70+ip7nqAg/kf84x/cTQZTl6tfh3+6DKtRtV0ye/qkUIJfaj0oy0qxN6+0pKuM1KxoLazIt7kxm0k08nop+R4DB+iLIkEJdt26juuvtxlo04NUPtcZwrNsIc6rHQT1GXfo7cVT6ANWgABDVsFLKtXknprA7m8X7o/qNs18EQ5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/ Name: khaos
Value: M46ES72J-S-1RAO
.rubiconproject.com/ Name: khaos_p
Value: M46ES72J-S-1RAO
.rubiconproject.com/ Name: audit
Value: 1|JwEDdxY5m1gODM70+ip7nqAg/kf84x/cTQZTl6tfh3+6DKtRtV0ye/qkUIJfaj0oy0qxN6+0pKuM1KxoLazIt7kxm0k08nop+R4DB+iLIkEJdt26juuvtxlo04NUPtcZwrNsIc6rHQT1GXfo7cVT6ANWgABDVsFLKtXknprA7m8X7o/qNs18EQ5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: Llr-uxPjUogDj5M5ycQBJfVexx3c1qx3t9QvPVDSc4FNBo_i-ymHzQpjSxtPGTr15m3s73NYYs2eEox-YHHV0eldgSaG7fhNLJl5_iEQJlw.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 8162265363492403668
.3lift.com/ Name: tluidp
Value: 3402807235051964850189
.3lift.com/ Name: tluid
Value: 3402807235051964850189
.taboola.com/ Name: t_gid
Value: 4c400cab-55a2-44ae-8ed7-179d04ae4a55-tucte46a03e
.taboola.com/ Name: t_pt_gid
Value: 4c400cab-55a2-44ae-8ed7-179d04ae4a55-tucte46a03e
.pubmatic.com/ Name: KRTBCOOKIE_10
Value: 22808-YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&KRTB&22883-YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&KRTB&23504-YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ&KRTB&23615-YWUwMjA1MzJiN2NkNWJhNThhOTM3MDA1YTVmZWE2ZjQ
.pubmatic.com/ Name: PugT
Value: 1733106366
.rlcdn.com/ Name: pxrc
Value: CL61tLoGEgUI6AcQABIFCOhHEAA=
.bidswitch.net/ Name: tuuid
Value: 43199ed8-d8e0-4535-ac26-e117bcd333e2
.bidswitch.net/ Name: c
Value: 1733106366
.bidswitch.net/ Name: tuuid_lu
Value: 1733106366
.adnxs.com/ Name: anj
Value: dTM7k!M4/rD>6NRF']wIg2In8jZh*G!]tbPl@/@8$-^=$U_hsfF]w(MYW5YpA2QYTCffASA/*)U:^_HO^Lg=mYPDa*AHm-N](5mxX^W>HBF`<G3If)y3KL9D3I?+s$X`MZ
.doubleclick.net/ Name: IDE
Value: AHWqTUlfH__5_Px3dSSP_J-ciza4lbOqJGYL2z4xLsMIG6AmCSjjDTYyMmdEfubCcgQ
.yahoo.com/ Name: A3
Value: d=AQABBL4aTWcCEBjmYdpADhxGV4Bkcfa-DwcFEgEBAQFsTmdWZyXaxyMA_eMAAA&S=AQAAAoBAOE-7vYLw-vlz48BUac8
.d.adroll.com/ Name: __adroll
Value: ae020532b7cd5ba58a937005a5fea6f4-g_1733106366-a_1733106366
.adroll.com/ Name: __adroll_shared
Value: ae020532b7cd5ba58a937005a5fea6f4-g_1733106366-a_1733106366
.analytics.yahoo.com/ Name: IDSYNC
Value: 1770~2m5e
.pippio.com/ Name: did
Value: gh2p4GCzzHY2d8SU
.pippio.com/ Name: didts
Value: 1733106366
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.adsrvr.org/ Name: TDID
Value: fc11607c-2afc-425d-ab73-bbab546c447b
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwi-2IPZ1qDJPRAFGAUgASgCMgsIzunKhe2gyT0QBTgB
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8090

1 Console Messages

Source Level URL
Text
network error URL: https://prfctr.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clicktime.symantec.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
go.scanned-safe.net
go.sparkpostmail2.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
match.adsrvr.org
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
prfctr.com
s.adroll.com
sync.outbrain.com
sync.taboola.com
trk.investmentwheel.com
ups.analytics.yahoo.com
us-u.openx.net
x.adroll.com
x.bidswitch.net
104.18.27.193
104.21.35.141
104.21.88.77
107.178.254.65
108.139.47.88
141.226.224.48
142.250.80.98
157.240.241.1
18.208.54.26
3.33.220.150
34.111.113.62
34.193.21.59
34.98.64.218
35.211.202.130
35.244.154.8
35.71.139.29
44.223.154.245
52.26.61.105
54.148.0.131
54.82.161.96
64.202.112.127
68.67.181.211
69.147.92.11
69.173.146.5
8.28.7.83
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6630411f81f04e966b964d5047b79624ce385764517f7769491ceb350602f5a9
78f8c2de532c0e5071f69ef0572aab838c84157703427ab35e883f23696e0681
8491a487c4cc4fb7fd43d0cde567907ef48fd13b39df64da05e8e179b5bfad2d
a49d6bad79a8040b083cc0ce993da79f904cf20e02a91e91281c041277bdb56d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
da8cd2f46be6cf03848f657973630ae6a7b0e015d4621afbd0be54cc96ba6b11
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e