urlscan.io logo urlscan.io
SecurityTrails logo

www.tpaction.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://confirmcabinet.org/
Effective URL: https://www.tpaction.com/confirm
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On November 19 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 30 domains to perform 59 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.tpaction.com.
TLS certificate: Issued by WE1 on November 5th 2024. Valid for: 3 months.
This is the only time www.tpaction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.225.128 16509 (AMAZON-02)
2 26 188.114.97.3 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 35.234.162.151 396982 (GOOGLE-CL...)
1 18.244.18.100 16509 (AMAZON-02)
2 157.240.252.13 32934 (FACEBOOK)
2 157.240.252.35 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
17 22 35.204.201.36 396982 (GOOGLE-CL...)
1 2600:9000:223... 16509 (AMAZON-02)
2 3 46.228.174.117 56396 (Amobee Am...)
1 76.223.111.18 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 52.48.165.221 16509 (AMAZON-02)
1 1 52.58.229.35 16509 (AMAZON-02)
2 2 2600:1901:0:8... 396982 (GOOGLE-CL...)
2 172.217.18.2 15169 (GOOGLE)
1 2 54.78.254.47 16509 (AMAZON-02)
1 3.218.197.83 14618 (AMAZON-AES)
1 2.23.197.190 16625 (AKAMAI-AS)
1 54.72.67.43 16509 (AMAZON-02)
1 34.253.42.51 16509 (AMAZON-02)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 1 142.250.184.194 15169 (GOOGLE)
1 1 172.217.16.130 15169 (GOOGLE)
1 1 142.250.186.68 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 37.252.171.21 29990 (ASN-APPNEX)
1 69.173.144.165 26667 (RUBICONPR...)
1 34.98.64.218 396982 (GOOGLE-CL...)
59 25
1    15.197.225.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
confirmcabinet.org
26    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
tpaction.com
www.tpaction.com
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
1    18.244.18.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-100.fra56.r.cloudfront.net
a.smtrk.net
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
2    157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
22    35.204.201.36 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.201.204.35.bc.googleusercontent.com
um.simpli.fi
1    2600:9000:223f:4400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    46.228.174.117 (United Kingdom)

ASN56396 (Amobee Amobee EMEA Limited, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4200:9512:5159:2d9d:639a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    52.48.165.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-165-221.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    52.58.229.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-229-35.eu-central-1.compute.amazonaws.com
d.agkn.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
fei.pro-market.net
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    3.218.197.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-197-83.compute-1.amazonaws.com
sync.bfmio.com
1    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    54.72.67.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-67-43.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    34.253.42.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-42-51.eu-west-1.compute.amazonaws.com
ce.lijit.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.it
2    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
Apex Domain
Subdomains		 Transfer
26 tpaction.com
tpaction.com
www.tpaction.com
566 KB
24 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 5206
i.simpli.fi — Cisco Umbrella Rank: 4244
um.simpli.fi — Cisco Umbrella Rank: 878
13 KB
3 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
665 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
285 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
2 KB
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2185
2 KB
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2363
913 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 550
d.agkn.com — Cisco Umbrella Rank: 758
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 470
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 513
730 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
216 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
77 KB
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 525
264 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
239 B
1 google.it
www.google.it — Cisco Umbrella Rank: 28358
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
24 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
23 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
98 B
1 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 973
223 B
1 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
265 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 2213
27 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1532
421 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6784
175 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
140 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1246
378 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 574
236 B
1 smtrk.net
a.smtrk.net — Cisco Umbrella Rank: 38164
395 B
1 confirmcabinet.org
confirmcabinet.org
317 B
0 intentiq.com Failed
sync.intentiq.com Failed
59 30
Domain Requested by
25 www.tpaction.com 1 redirects www.tpaction.com
22 um.simpli.fi 17 redirects
3 www.googletagmanager.com www.tpaction.com
www.googletagmanager.com
2 ib.adnxs.com 1 redirects
2 loadm.exelator.com 1 redirects
2 cm.g.doubleclick.net
2 fei.pro-market.net 2 redirects
2 pixel.tapad.com 1 redirects
2 sync.1rx.io 2 redirects
2 region1.google-analytics.com www.googletagmanager.com
2 www.facebook.com www.tpaction.com
2 connect.facebook.net www.tpaction.com
connect.facebook.net
1 us-u.openx.net
1 pixel.rubiconproject.com
1 www.google.it
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 idsync.rlcdn.com
1 ce.lijit.com
1 bcp.crwdcntrl.net
1 stags.bluekai.com
1 sync.bfmio.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 eb2.3lift.com
1 sync.targeting.unrulymedia.com
1 s.ad.smaato.net
1 i.simpli.fi tag.simpli.fi
1 a.smtrk.net www.tpaction.com
1 tag.simpli.fi www.tpaction.com
1 tpaction.com 1 redirects
1 confirmcabinet.org 1 redirects
0 sync.intentiq.com Failed
59 35

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
Subject Issuer Validity Valid
tpaction.com
WE1		 2024-11-05 -
2025-02-03		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-13 -
2025-12-14		 a year crt.sh
a.smtrk.net
Amazon RSA 2048 M02		 2024-04-14 -
2025-05-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-28 -
2024-11-26		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.tpaction.com/confirm
Frame ID: 620D7D0CEC02C446C9DE5C8A1972EBC0
Requests: 57 HTTP requests in this frame

Frame: https://www.tpaction.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: C1A8B546938C73FDF3BDB1084C1F120C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://confirmcabinet.org/ HTTP 307
    https://confirmcabinet.org/ HTTP 301
    https://tpaction.com/confirm HTTP 301
    https://www.tpaction.com/confirm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

59
Requests

68 %
HTTPS

19 %
IPv6

30
Domains

35
Subdomains

25
IPs

5
Countries

938 kB
Transfer

2212 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://confirmcabinet.org/ HTTP 307
    https://confirmcabinet.org/ HTTP 301
    https://tpaction.com/confirm HTTP 301
    https://www.tpaction.com/confirm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.tpaction.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.tpaction.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Request Chain 32
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=C3A68CF631C540619D34CB6BC21CA883
Request Chain 33
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/C3A68CF631C540619D34CB6BC21CA883 HTTP 302
  • https://sync.1rx.io/usersync/simplifi/C3A68CF631C540619D34CB6BC21CA883?zcc=1&cb=1732009089537 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-51533782-06d5-4f51-ad87-87035c1be1cd-003
Request Chain 34
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=C3A68CF631C540619D34CB6BC21CA883&dongle=yf3
Request Chain 35
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=C3A68CF631C540619D34CB6BC21CA883
Request Chain 36
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=C3A68CF631C540619D34CB6BC21CA883 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=C3A68CF631C540619D34CB6BC21CA883
Request Chain 37
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=C3A68CF631C540619D34CB6BC21CA883 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1732009089572&ip=192.145.127.221&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219063205071001296790 HTTP 302
  • https://um.simpli.fi/aa_px?sk=219063205071001296790 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 38
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=C3A68CF631C540619D34CB6BC21CA883
Request Chain 41
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=C3A68CF631C540619D34CB6BC21CA883;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=C3A68CF631C540619D34CB6BC21CA883;mimetype=img;sr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=Nzk5NjkyNTcxODkyMDI1MDI0OQ==
Request Chain 42
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=C3A68CF631C540619D34CB6BC21CA883&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=C3A68CF631C540619D34CB6BC21CA883&j=0&xl8blockcheck=1
Request Chain 44
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=C3A68CF631C540619D34CB6BC21CA883
Request Chain 45
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=C3A68CF631C540619D34CB6BC21CA883
Request Chain 46
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=C3A68CF631C540619D34CB6BC21CA883
Request Chain 47
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=C3A68CF631C540619D34CB6BC21CA883
Request Chain 48
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=C3A68CF631C540619D34CB6BC21CA883
Request Chain 49
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1732009089222&cv=7&fst=1732009089222&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=602117243&cv=7&fst=1732009089222&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbEC&pscrd=IhMI36yR1IzoiQMVPZD9Bx014yjLMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy50cGFjdGlvbi5jb20v HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=602117243&cv=7&fst=1732009089222&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbEC&pscrd=IhMI36yR1IzoiQMVPZD9Bx014yjLMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy50cGFjdGlvbi5jb20v&is_vtc=1&cid=CAQSGwCa7L7dI6c72l152iUpC4nbzF7J8yPmnyQLow&random=3404686830 HTTP 302
  • https://www.google.it/pagead/1p-conversion/1026675585/?random=602117243&cv=7&fst=1732009089222&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbEC&pscrd=IhMI36yR1IzoiQMVPZD9Bx014yjLMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy50cGFjdGlvbi5jb20v&is_vtc=1&cid=CAQSGwCa7L7dI6c72l152iUpC4nbzF7J8yPmnyQLow&random=3404686830&ipr=y
Request Chain 51
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=C3A68CF631C540619D34CB6BC21CA883 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DC3A68CF631C540619D34CB6BC21CA883
Request Chain 52
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=C3A68CF631C540619D34CB6BC21CA883&expires=365
Request Chain 53
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=C3A68CF631C540619D34CB6BC21CA883

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request confirm
www.tpaction.com/
Redirect Chain
  • http://confirmcabinet.org/
  • https://confirmcabinet.org/
  • https://tpaction.com/confirm
  • https://www.tpaction.com/confirm
30 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
8d6cb2bdbbd3d9eb2ae54b0ec0b105b5553980d2041f33c20d838b3fb606feea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=31536000, stale-while-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e4f39bfa966d784-CDG
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Tue, 19 Nov 2024 09:38:08 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
priority
u=0,i
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732009088&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Qllv8VKLZA6CVz8k62I7mn7MEazO7oqR5iadYUGrPZk%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732009088&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Qllv8VKLZA6CVz8k62I7mn7MEazO7oqR5iadYUGrPZk%3D
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=40694&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5099&recv_bytes=4932&delivery_rate=1462&cwnd=12000&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=639&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
via
1.1 vegur
x-nextjs-cache
HIT
x-powered-by
Next.js

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8e4f39bf58afd784-CDG
content-length
167
content-type
text/html
date
Tue, 19 Nov 2024 09:38:07 GMT
expires
Tue, 19 Nov 2024 10:38:07 GMT
location
https://www.tpaction.com/confirm
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qngBVx869Py9tiR60CVmG%2FKlBIAta9xttPma2Gb%2BOu7sai2rnrXwubDlVkIlSrkvJqnMCu5p8g2vI4oNHnNbqW242UYGsSyAQB8%2Bfr5awbYMfHuPkgM3MIez%2BJ4vPSg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=39408&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4137&recv_bytes=4356&delivery_rate=78505&cwnd=12000&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=51&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		316 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9Z0NNF0MGG
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4254c0165516a68ae130c7d1481477355f178c0519ac8222d07dd58fba3beb9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 19 Nov 2024 09:38:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 09:38:08 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108135
x-xss-protection
0
server
Google Tag Manager
de62bca0-3d2d-013b-567e-0cc47a1f72a4
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/de62bca0-3d2d-013b-567e-0cc47a1f72a4
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
151.162.234.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
0b3d7bfd1bef9030e23949ab9a662846c4d2d448ac67e3d10c628ea13e75e04c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

x-request-id
GAlVFu4OcdDOD3jk0qnB
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Tue, 19 Nov 2024 09:38:08 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
openresty
3ef65885b8a3f237.css
www.tpaction.com/_next/static/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/css/3ef65885b8a3f237.css
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
482c4e1afdb32aef06bc81934de7d0e9e8072538f2d7c450a72312accca62525

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"7037-1920b825d90"
age
5194884
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1726814204&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=GGTjRz%2Fq%2Bqf87Ljzt4AwZg%2ByUN4RihZI1eA3qy385H0%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40145&sent=28&recv=20&lost=0&retrans=0&sent_bytes=16359&recv_bytes=5890&delivery_rate=289982&cwnd=12000&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=716&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Thu, 19 Sep 2024 18:19:06 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
priority
u=0,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1726814204&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=GGTjRz%2Fq%2Bqf87Ljzt4AwZg%2ByUN4RihZI1eA3qy385H0%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f39c37eb2d784-CDG
x-powered-by
Express
server
cloudflare
webpack-91e3b91fa763359f.js
www.tpaction.com/_next/static/chunks/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/webpack-91e3b91fa763359f.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
953352169158762199934ddbb3eecd26c79cda968b48becbffd325040f01db21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1476-1920b825d90"
age
5152070
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1726857018&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2F04BHt%2BaMznJUZadlReywJn0fvyB7jBpASUQqAT0TaU%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40145&sent=35&recv=28&lost=0&retrans=0&sent_bytes=21615&recv_bytes=8265&delivery_rate=289982&cwnd=12000&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=743&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Thu, 19 Sep 2024 18:19:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1726857018&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=%2F04BHt%2BaMznJUZadlReywJn0fvyB7jBpASUQqAT0TaU%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f39c3af1ad784-CDG
x-powered-by
Express
server
cloudflare
framework-4c3194704528425d.js
www.tpaction.com/_next/static/chunks/ 		137 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/framework-4c3194704528425d.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f4003166721fe2a3d37daee2b042bb3ebe0dde68c0276a73c6abab7ef947836b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"225e3-192da1d9200"
age
521138
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731487950&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Ai5d1RE%2FkJXQvAfLg0iUGVTStDXkhj5oS9LeE6F3h1I%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40145&sent=40&recv=28&lost=0&retrans=0&sent_bytes=26447&recv_bytes=8265&delivery_rate=289982&cwnd=12000&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=746&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Tue, 29 Oct 2024 21:10:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731487950&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Ai5d1RE%2FkJXQvAfLg0iUGVTStDXkhj5oS9LeE6F3h1I%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f39c3af2ad784-CDG
x-powered-by
Express
server
cloudflare
main-b016cec00d83af63.js
www.tpaction.com/_next/static/chunks/ 		104 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/main-b016cec00d83af63.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dc61cd7c58c7c670d393823d573ca27ce97cc2ba9a23a318d3712534baebf352

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"19f69-192da1d9200"
age
482638
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731526450&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jnt3aEioTIv6%2FPBPMetEDb9rGzQVcntWPE2gaqxFe8w%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40145&sent=42&recv=28&lost=0&retrans=0&sent_bytes=28406&recv_bytes=8265&delivery_rate=289982&cwnd=12000&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=746&x=1", cfExtPri, cfHdrFlush;dur=10
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Tue, 29 Oct 2024 21:10:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731526450&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=jnt3aEioTIv6%2FPBPMetEDb9rGzQVcntWPE2gaqxFe8w%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f39c3af2dd784-CDG
x-powered-by
Express
server
cloudflare
_app-ead8f8f424145109.js
www.tpaction.com/_next/static/chunks/pages/ 		261 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/pages/_app-ead8f8f424145109.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1fa0c7a0e7317c4b54085816c7b1009d713ca30bbdede012d331633e9d8d2f80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"41472-192da1d9200"
age
375835
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731633253&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=9bJNB%2BDrhSQl0z4fGfNq5kZDDzcezvKLpsolGeuyDYQ%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41962&sent=52&recv=30&lost=0&retrans=0&sent_bytes=38006&recv_bytes=8351&delivery_rate=100242&cwnd=16800&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=761&x=1", cfExtPri, cfHdrFlush;dur=28
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Tue, 29 Oct 2024 21:10:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731633253&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=9bJNB%2BDrhSQl0z4fGfNq5kZDDzcezvKLpsolGeuyDYQ%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f39c3af32d784-CDG
x-powered-by
Express
server
cloudflare
7983-25a5c3e929cdd1e6.js
www.tpaction.com/_next/static/chunks/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/7983-25a5c3e929cdd1e6.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ba5b9fcd0fc8b49b9362f5946ef96cd37ada5af89dbe25f34a6907d557fca72c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"47d9-192da1d9200"
age
394710
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731614378&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=yYmQPQan6CfLSS3kj8vPP7QM%2FGX8l1ks5Q1uVZq4WtU%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40145&sent=42&recv=28&lost=0&retrans=0&sent_bytes=28406&recv_bytes=8265&delivery_rate=289982&cwnd=12000&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=747&x=1", cfExtPri, cfHdrFlush;dur=9
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Tue, 29 Oct 2024 21:10:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731614378&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=yYmQPQan6CfLSS3kj8vPP7QM%2FGX8l1ks5Q1uVZq4WtU%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f39c3af34d784-CDG
x-powered-by
Express
server
cloudflare
_error-785ef34ba449b508.js
www.tpaction.com/_next/static/chunks/pages/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/pages/_error-785ef34ba449b508.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
203a503931d93e5397cc929fd89c1a664cb0acf3e6695a3f9413150b01f956f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"2e98-192da1d9200"
age
316787
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731692300&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Yf7xOi3wf288I1jNOPhohrRZZQLRMRuSL%2Be7DQecTZ8%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40145&sent=42&recv=28&lost=0&retrans=0&sent_bytes=28406&recv_bytes=8265&delivery_rate=289982&cwnd=12000&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=752&x=1", cfExtPri, cfHdrFlush;dur=4
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Tue, 29 Oct 2024 21:10:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731692300&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Yf7xOi3wf288I1jNOPhohrRZZQLRMRuSL%2Be7DQecTZ8%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f39c3af37d784-CDG
x-powered-by
Express
server
cloudflare
_buildManifest.js
www.tpaction.com/_next/static/t0Vj5FsbQJIZiCgnhO-uU/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/t0Vj5FsbQJIZiCgnhO-uU/_buildManifest.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7a48d17ab5f32b5895f144370f1f2b16236587cedcbe143a09ccee048705c7e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"16de-192da1d9200"
age
1771223
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730237865&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BEwXlJ%2BUBbp3siy2naoE26jNbxkih88PPfS9wRafMKg%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40145&sent=42&recv=28&lost=0&retrans=0&sent_bytes=28406&recv_bytes=8265&delivery_rate=289982&cwnd=12000&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=749&x=1", cfExtPri, cfHdrFlush;dur=40
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Tue, 29 Oct 2024 21:10:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730237865&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BEwXlJ%2BUBbp3siy2naoE26jNbxkih88PPfS9wRafMKg%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f39c3af3ad784-CDG
x-powered-by
Express
server
cloudflare
_ssgManifest.js
www.tpaction.com/_next/static/t0Vj5FsbQJIZiCgnhO-uU/ 		841 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/t0Vj5FsbQJIZiCgnhO-uU/_ssgManifest.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5aa294dff77717b8eb0f1d1656a2bf4ef512090eae0ea32e4a6013ccc6106143

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"349-192da1db140"
age
1771223
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730237865&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BEwXlJ%2BUBbp3siy2naoE26jNbxkih88PPfS9wRafMKg%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40145&sent=39&recv=28&lost=0&retrans=0&sent_bytes=25260&recv_bytes=8265&delivery_rate=289982&cwnd=12000&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=744&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Tue, 29 Oct 2024 21:10:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730237865&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BEwXlJ%2BUBbp3siy2naoE26jNbxkih88PPfS9wRafMKg%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f39c3af3bd784-CDG
x-powered-by
Express
server
cloudflare
visit-our-website.svg
www.tpaction.com/static/images/error/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tpaction.com/static/images/error/visit-our-website.svg
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8ea2e7970ed7582ddf7a438b51ca68f655464e33eb4e03737ec42dfe8bd2339a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"18f2-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=45034&sent=204&recv=81&lost=0&retrans=0&sent_bytes=206661&recv_bytes=11873&delivery_rate=1885439&cwnd=99300&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=939&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=2,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f39c37eb7d784-CDG
x-powered-by
Express
server
cloudflare
gtm.js
www.googletagmanager.com/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MZDSTCQ
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a76d6bbd3c04f3a9ac78c33245c1df2261a6aed6d608c785ef95a1f85a5105e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 19 Nov 2024 09:38:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 09:38:08 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
74711
x-xss-protection
0
server
Google Tag Manager
trk
a.smtrk.net/ 		0
395 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.smtrk.net/trk?t=s&i=654d3469fb401ef534c01be6&p=t,i,x&s=33870813776546dc7a7e0ffd6897631a&r=&u=https%3A//www.tpaction.com/confirm
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-100.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
private, no-cache, no-store
x-amz-apigw-id
BfNkOE_VvHcEBmg=
x-amzn-trace-id
Root=1-673c5c81-299c0ab31803fda97e61adcc;Parent=66700edffdd383e7;Sampled=0;Lineage=1:a0059c7e:0
x-amzn-requestid
dd032205-b48c-469f-8b6f-768343db5575
via
1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
Vd4Z22v7Qhg5_UARN7xGFY0Lterey0A_el_T-vpjvPZWeHT19-2XKg==
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-P11
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-FB8IB0EJ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 19 Nov 2024 09:38:08 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-FB8IB0EJ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=4430, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
P+TraiCGuUQFAYmQ7HIOZAYohjcI7qRHEt5jKqqybRTYMP3f0iJEve90Z5bHixsBVCYNJzfkKmXyxyRipMHyKw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
biden.png
www.tpaction.com/static/images/error/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tpaction.com/static/images/error/biden.png
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8c08d65bd879c3f99a00092f923e56e2e0c17c5ff9d2730dba6caf3473afd4e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"277a0-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=45034&sent=231&recv=82&lost=0&retrans=0&sent_bytes=236778&recv_bytes=12144&delivery_rate=1885439&cwnd=99300&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=971&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f39c3f839d784-CDG
x-powered-by
Express
server
cloudflare
typography-arrengement-cut.png
www.tpaction.com/static/images/error/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tpaction.com/static/images/error/typography-arrengement-cut.png
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
41cfd9913f732e06dff8e4e97db64c80da6a122147e2cc915f9d01ece26ba927

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"63be-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=45034&sent=207&recv=81&lost=0&retrans=0&sent_bytes=210099&recv_bytes=11873&delivery_rate=1885439&cwnd=99300&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=970&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f39c3f83cd784-CDG
x-powered-by
Express
server
cloudflare
ProximaNova-Bold.otf
www.tpaction.com/static/fonts/proxima-nova/ 		62 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/static/fonts/proxima-nova/ProximaNova-Bold.otf
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/_next/static/css/3ef65885b8a3f237.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.tpaction.com
Referer
https://www.tpaction.com/_next/static/css/3ef65885b8a3f237.css

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"f940-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730238228&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=qfnDecEuwG16%2FAvSuLUxWIW2NaUbc3fCaETGC15zvEk%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=45034&sent=289&recv=82&lost=0&retrans=0&sent_bytes=305985&recv_bytes=12144&delivery_rate=1885439&cwnd=99300&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=976&x=1", cfExtPri, cfHdrFlush;dur=8
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
font/otf
vary
Accept-Encoding
priority
u=0,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730238228&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=qfnDecEuwG16%2FAvSuLUxWIW2NaUbc3fCaETGC15zvEk%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f39c40866d784-CDG
x-powered-by
Express
server
cloudflare
ProximaNova-Light.otf
www.tpaction.com/static/fonts/proxima-nova/ 		61 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/static/fonts/proxima-nova/ProximaNova-Light.otf
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/_next/static/css/3ef65885b8a3f237.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.tpaction.com
Referer
https://www.tpaction.com/_next/static/css/3ef65885b8a3f237.css

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"f5f8-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=45034&sent=289&recv=82&lost=0&retrans=0&sent_bytes=305985&recv_bytes=12144&delivery_rate=1885439&cwnd=99300&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=976&x=1", cfExtPri, cfHdrFlush;dur=33
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
font/otf
vary
Accept-Encoding
priority
u=0,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732004439&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JHdGB5WjHVQ%2FIVX3059OVb4%2Fi6uoxt6JB3jZAkSSB78%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f39c40867d784-CDG
x-powered-by
Express
server
cloudflare
814122570866359
connect.facebook.net/signals/config/ 		78 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/814122570866359?v=2.9.177&r=stable&domain=www.tpaction.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
a37ab350ffeadb81b9757ac1ac538ccbcc1327964f0396fd8c25aab23e9de98c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-rw1kjZs7' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 19 Nov 2024 09:38:08 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-rw1kjZs7' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=76, mss=1232, tbw=70956, tp=67, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
QlULHGUCSXV1Da1Iw9WEQhjCCscrcdxEjigmYik0c9HN7ZQN3/jlNL7d/djNo527qQjTYHTGxK/paDjF6ngLgA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
15978
x-xss-protection
0
origin-agent-cluster
?1
main.js
www.tpaction.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame C1A8
Redirect Chain
  • https://www.tpaction.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.tpaction.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8ed6bbc60218e6e9226a0b1aab868ff42d176b38bdec65a4a871a4f82355ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H2PJK0kg1FkCozmrNd6m%2FFoA%2FDysoipjCxlZy7VDc9gVWePcbY5c0m28KbTTSNJyRb7wzADzj5cQxz1Qfynh6AQ54yEif9R1UgKHSTuVAKTnFARU%2BNRmOzZN0bdiR9zujCeL"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e4f39c64f54d784-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47533&sent=468&recv=116&lost=14&retrans=14&sent_bytes=510225&recv_bytes=15279&delivery_rate=869851&cwnd=125159&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=1160&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mQ1Kgi4MmuJxceCinXMr%2BfnQfXd5woZET%2Bcwiv%2FcWlyezd%2B3SoToA4BJBcKuks1WWpP0IqLUwNU7dhrfI8DFbP5my0TGNAgMF8j6QEvqGVgrpi0Oyi0ybBbWI4kccfWslsyU"}],"group":"cf-nel","max_age":604800}
cf-ray
8e4f39c52c35d784-CDG
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=45034&sent=289&recv=82&lost=0&retrans=0&sent_bytes=305985&recv_bytes=12144&delivery_rate=1885439&cwnd=99300&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=975&x=1", cfExtPri, cfHdrFlush;dur=34
date
Tue, 19 Nov 2024 09:38:08 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
7506.f86382382d907a79.js
www.tpaction.com/_next/static/chunks/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/_next/static/chunks/7506.f86382382d907a79.js
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/_next/static/chunks/webpack-91e3b91fa763359f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b23ab26f5a076e99e7180e56de17b618d393d02082997b9896bae78a90090b14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"11e6-191e32a7058"
age
5596717
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1726412370&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=c%2By8b%2FRodYewAiDLHV3w86P1OersTJvhyEBUrDQmAZE%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44353&sent=293&recv=83&lost=0&retrans=0&sent_bytes=310323&recv_bytes=12447&delivery_rate=78043&cwnd=100200&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=992&x=1", cfExtPri, cfHdrFlush;dur=17
date
Tue, 19 Nov 2024 09:38:08 GMT
last-modified
Wed, 11 Sep 2024 22:18:15 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1726412370&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=c%2By8b%2FRodYewAiDLHV3w86P1OersTJvhyEBUrDQmAZE%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=31536000, immutable
via
1.1 vegur
cf-ray
8e4f39c53c85d784-CDG
x-powered-by
Express
server
cloudflare
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=814122570866359&ev=PageView&dl=https%3A%2F%2Fwww.tpaction.com%2Fconfirm&rl=&if=false&ts=1732009088876&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1732009088857.671865530508602966&cs_est=true&ler=empty&cdl=API_unavailable&it=1732009088730&coo=false&rqm=GET
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=4477, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 19 Nov 2024 09:38:08 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=814122570866359&ev=PageView&dl=https%3A%2F%2Fwww.tpaction.com%2Fconfirm&rl=&if=false&ts=1732009088876&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1732009088857.671865530508602966&cs_est=true&ler=empty&cdl=API_unavailable&it=1732009088730&coo=false&rqm=FGET
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438922395437935493"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438922395437935493", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
VRcVWuuI/TMGn/SbUq13RDZ0wk/mzBXguOdWgvKMi0MwtVGZglwKrTW2kcjhu7Y8RLvoAoooFCjrnU+B3qvbLA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=4845, tp=13, tpl=0, uplat=181, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
tpaction-appicon.svg
www.tpaction.com/static/images/common/ 		111 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tpaction.com/static/images/common/tpaction-appicon.svg
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d44a5a0d4e63d11b8b8e3329b2848247499e0b325d4ef2b3c888359256ec1008

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"1bde0-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730237865&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BEwXlJ%2BUBbp3siy2naoE26jNbxkih88PPfS9wRafMKg%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46767&sent=475&recv=117&lost=14&retrans=14&sent_bytes=517661&recv_bytes=15324&delivery_rate=47343&cwnd=125159&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=1301&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:09 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=3,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730237865&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=BEwXlJ%2BUBbp3siy2naoE26jNbxkih88PPfS9wRafMKg%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f39c60ebfd784-CDG
x-powered-by
Express
server
cloudflare
app-store.svg
www.tpaction.com/static/images/common/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tpaction.com/static/images/common/app-store.svg
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e51f0a777985badcec155b88b2d589fbf3eabcf4160da05f40c000e057b2d181

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"2464-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731062361&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uK8tpfchlMGuHyaIrkE3Mi%2B9Q%2F5Sn9obG9BhH04ZJLY%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46767&sent=549&recv=117&lost=14&retrans=14&sent_bytes=606295&recv_bytes=15324&delivery_rate=47343&cwnd=125159&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=1302&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:09 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=3,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731062361&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uK8tpfchlMGuHyaIrkE3Mi%2B9Q%2F5Sn9obG9BhH04ZJLY%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f39c60ec2d784-CDG
x-powered-by
Express
server
cloudflare
google-play.svg
www.tpaction.com/static/images/common/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tpaction.com/static/images/common/google-play.svg
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6addd74fbf99d8e3bd9b7c03634801373e700d475759905a964b5659b302cefd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"13c6-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730237866&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Dml7ghkurlb4%2FUWaOL11Qacvoo3%2Be7ZIG6YUqsaP6ps%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46767&sent=472&recv=117&lost=14&retrans=14&sent_bytes=514859&recv_bytes=15324&delivery_rate=47343&cwnd=125159&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=1297&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:09 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=3,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730237866&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Dml7ghkurlb4%2FUWaOL11Qacvoo3%2Be7ZIG6YUqsaP6ps%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f39c60ec3d784-CDG
x-powered-by
Express
server
cloudflare
js
www.googletagmanager.com/gtag/ 		316 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9Z0NNF0MGG&l=dataLayer&cx=c&gtm=45He4be0v9116452991za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZDSTCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24cda0b06b362521d7e1ec6dc63cea13bdd922b8321772ae7e6703165f65632f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 19 Nov 2024 09:38:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 09:38:08 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108288
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9Z0NNF0MGG&gtm=45je4be0v871649596za200zb9116452991&_p=1732009088556&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=1329143580.1732009089&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732009089&sct=1&seg=0&dl=https%3A%2F%2Fwww.tpaction.com%2Fconfirm&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1444
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Z0NNF0MGG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.tpaction.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
text/plain
server
Golfe2
8e4f39bfa966d784
www.tpaction.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C1A8 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e4f39bfa966d784
Requested by
Host: www.tpaction.com
URL: https://www.tpaction.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BdY80r0WPaAy%2B65Jne1q8tdOyEVDwtGVzO%2BcSdZT5nsZHQzl%2Bs5RbkeA49fLtw%2BExffiJT9KBhgyHlMIUIUE%2BhrItO%2BoOYARRED4%2Byweyp%2FPk4CV01veF7fTEPRlcZWbSO4C"}],"group":"cf-nel","max_age":604800}
cf-ray
8e4f39c76a56d784-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42597&sent=560&recv=139&lost=14&retrans=14&sent_bytes=610488&recv_bytes=32841&delivery_rate=2214652&cwnd=125159&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=1352&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
p
i.simpli.fi/ 		798 B
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=393551&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/de62bca0-3d2d-013b-567e-0cc47a1f72a4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
151.162.234.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
9c09c1e3ffd71161795967bff6a2f48c0cbf45a1d8918d291d5442452ed2c5c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
openresty
favicon.ico
www.tpaction.com/static/favicon/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/static/favicon/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e8714ccc46aa301e89e111ad8bec176b1b1a28fa6b5cb9a8be8c3a034875a672

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"47e-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731614380&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=vwp9tWOO%2FunHJ6mU0FCdyv%2BSXQ6uA3Y8v3cFdzpn2Pw%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43162&sent=562&recv=142&lost=14&retrans=14&sent_bytes=611694&recv_bytes=33392&delivery_rate=105837&cwnd=125159&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=1555&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:09 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/x-icon
vary
Accept-Encoding
priority
u=1,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731614380&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=vwp9tWOO%2FunHJ6mU0FCdyv%2BSXQ6uA3Y8v3cFdzpn2Pw%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f39c79b0fd784-CDG
x-powered-by
Express
server
cloudflare
/
s.ad.smaato.net/c/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=C3A68CF631C540619D34CB6BC21CA883
0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=C3A68CF631C540619D34CB6BC21CA883
Protocol
H2
Server
2600:9000:223f:4400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
cache-control
no-cache, must-revalidate
x-cache
Miss from cloudfront
x-amz-cf-id
10CQVtSJmg3pO_UPVywmLs9pSF2MGXIvX426kxtsA203DAoqNAL-yg==
date
Tue, 19 Nov 2024 09:38:09 GMT
x-amz-cf-pop
FRA56-P5
server
CloudFront

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=C3A68CF631C540619D34CB6BC21CA883
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:38:09 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
RX-51533782-06d5-4f51-ad87-87035c1be1cd-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/C3A68CF631C540619D34CB6BC21CA883
  • https://sync.1rx.io/usersync/simplifi/C3A68CF631C540619D34CB6BC21CA883?zcc=1&cb=1732009089537
  • https://sync.targeting.unrulymedia.com/csync/RX-51533782-06d5-4f51-ad87-87035c1be1cd-003
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-51533782-06d5-4f51-ad87-87035c1be1cd-003
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (Amobee Amobee EMEA Limited, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Tue, 19 Nov 2024 09:38:09 GMT
content-length
43

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-51533782-06d5-4f51-ad87-87035c1be1cd-003
date
Tue, 19 Nov 2024 09:38:09 GMT
pragma
no-cache
content-type
text/html
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=C3A68CF631C540619D34CB6BC21CA883&dongle=yf3
37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=C3A68CF631C540619D34CB6BC21CA883&dongle=yf3
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://eb2.3lift.com/xuid?mid=7969&xuid=C3A68CF631C540619D34CB6BC21CA883&dongle=yf3
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:38:09 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=C3A68CF631C540619D34CB6BC21CA883
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=C3A68CF631C540619D34CB6BC21CA883
Protocol
H2
Server
2600:1f18:612b:4200:9512:5159:2d9d:639a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
image/gif
server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://simplifi.partners.tremorhub.com/sync?UISF=C3A68CF631C540619D34CB6BC21CA883
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:38:09 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=C3A68CF631C540619D34CB6BC21CA883
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=C3A68CF631C540619D34CB6BC21CA883
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=C3A68CF631C540619D34CB6BC21CA883
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
image/png
server
Jetty(11.0.13)

Redirect headers

strict-transport-security
max-age=31536000
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=C3A68CF631C540619D34CB6BC21CA883
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Tue, 19 Nov 2024 09:38:09 GMT
server
Jetty(11.0.13)
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=C3A68CF631C540619D34CB6BC21CA883
  • https://d.agkn.com/pixel/10751/?che=1732009089572&ip=192.145.127.221&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219063205071001296790
  • https://um.simpli.fi/aa_px?sk=219063205071001296790
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
35.204.201.36 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.201.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
43
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
location
/empty.gif
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=C3A68CF631C540619D34CB6BC21CA883
0
0
pubmatic
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.201.36 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.201.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:38:09 GMT
access-control-allow-origin
*
content-length
43
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
freewheel
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.201.36 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.201.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:38:09 GMT
access-control-allow-origin
*
content-length
43
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=C3A68CF631C540619D34CB6BC21CA883;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=C3A68CF631C540619D34CB6BC21CA883;mimetype=img;sr
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=Nzk5NjkyNTcxODkyMDI1MDI0OQ==
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=Nzk5NjkyNTcxODkyMDI1MDI0OQ==
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Tue, 19 Nov 2024 09:38:09 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=Nzk5NjkyNTcxODkyMDI1MDI0OQ==
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
anserver
gapp-eu-7.c.datonics-gcp-01.internal
expires
Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin
*
alt-svc
clear
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-length
0
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
image/gif
server
Apache-Coyote/1.1
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=C3A68CF631C540619D34CB6BC21CA883&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=C3A68CF631C540619D34CB6BC21CA883&j=0&xl8blockcheck=1
0
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=C3A68CF631C540619D34CB6BC21CA883&j=0&xl8blockcheck=1
Protocol
H2
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-cache
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Tue, 19 Nov 2024 09:38:09 GMT
x-powered-by
Undertow/1
server
nginx
access-control-allow-credentials
true

Redirect headers

cache-control
no-cache
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=C3A68CF631C540619D34CB6BC21CA883&j=0&xl8blockcheck=1
access-control-allow-credentials
true
content-length
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
image/gif
x-powered-by
Undertow/1
server
nginx
yahoo
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.201.36 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.201.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:38:09 GMT
access-control-allow-origin
*
content-length
43
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=C3A68CF631C540619D34CB6BC21CA883
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=C3A68CF631C540619D34CB6BC21CA883
Protocol
HTTP/1.1
Server
3.218.197.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-197-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

Date
Tue, 19 Nov 2024 09:38:09 GMT
Connection
keep-alive

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://sync.bfmio.com/sync?pid=141&uid=C3A68CF631C540619D34CB6BC21CA883
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:38:09 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=C3A68CF631C540619D34CB6BC21CA883
27 B
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=C3A68CF631C540619D34CB6BC21CA883
Protocol
HTTP/1.1
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Tue, 19 Nov 2024 09:38:09 GMT
Content-Length
27
Date
Tue, 19 Nov 2024 09:38:09 GMT
AK-GRN
0.98d01702.1732009089.a8b4df5
Content-Type
text/html

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://stags.bluekai.com/site/29931?id=C3A68CF631C540619D34CB6BC21CA883
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:38:09 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
tpid=C3A68CF631C540619D34CB6BC21CA883
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=C3A68CF631C540619D34CB6BC21CA883
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=C3A68CF631C540619D34CB6BC21CA883
Protocol
H2
Server
54.72.67.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-67-43.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-cache
pragma
no-cache
expires
0
access-control-allow-origin
*
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
49
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
image/gif
x-server
10.45.7.77
server
Jetty(9.4.38.v20210224)

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=C3A68CF631C540619D34CB6BC21CA883
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:38:09 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=C3A68CF631C540619D34CB6BC21CA883
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=C3A68CF631C540619D34CB6BC21CA883
Protocol
H2
Server
34.253.42.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-42-51.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

expires
Fri, 20 Mar 2009 00:00:00 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 19 Nov 2024 09:38:09 GMT
pragma
no-cache
vary
Accept-Encoding
x-merge
GDPR Optout true

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://ce.lijit.com/merge?pid=2&3pid=C3A68CF631C540619D34CB6BC21CA883
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:38:09 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=C3A68CF631C540619D34CB6BC21CA883
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=C3A68CF631C540619D34CB6BC21CA883
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 19 Nov 2024 09:38:09 GMT

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://idsync.rlcdn.com/419566.gif?partner_uid=C3A68CF631C540619D34CB6BC21CA883
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:38:09 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
/
www.google.it/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1732009089222&cv=7&fst=1732009089222&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=602117243&cv=7&fst=1732009089222&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHB...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=602117243&cv=7&fst=1732009089222&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBs...
  • https://www.google.it/pagead/1p-conversion/1026675585/?random=602117243&cv=7&fst=1732009089222&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQ...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/pagead/1p-conversion/1026675585/?random=602117243&cv=7&fst=1732009089222&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbEC&pscrd=IhMI36yR1IzoiQMVPZD9Bx014yjLMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy50cGFjdGlvbi5jb20v&is_vtc=1&cid=CAQSGwCa7L7dI6c72l152iUpC4nbzF7J8yPmnyQLow&random=3404686830&ipr=y
Protocol
H2
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 19 Nov 2024 09:38:09 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.it/pagead/1p-conversion/1026675585/?random=602117243&cv=7&fst=1732009089222&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbEC&pscrd=IhMI36yR1IzoiQMVPZD9Bx014yjLMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy50cGFjdGlvbi5jb20v&is_vtc=1&cid=CAQSGwCa7L7dI6c72l152iUpC4nbzF7J8yPmnyQLow&random=3404686830&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 19 Nov 2024 09:38:09 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
spotx_match
um.simpli.fi/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.201.36 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.201.204.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin
*
date
Tue, 19 Nov 2024 09:38:09 GMT
x-content-type-options
nosniff
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=C3A68CF631C540619D34CB6BC21CA883
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DC3A68CF631C540619D34CB6BC21CA883
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DC3A68CF631C540619D34CB6BC21CA883
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
192.145.127.221; 192.145.127.221; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
a55a9313-4889-4c7c-993a-98863f99c71c
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 19 Nov 2024 09:38:09 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DC3A68CF631C540619D34CB6BC21CA883
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
192.145.127.221; 192.145.127.221; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
1ba4b872-84ba-48bd-8405-aeb15f494bb1
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 19 Nov 2024 09:38:09 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=C3A68CF631C540619D34CB6BC21CA883&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=C3A68CF631C540619D34CB6BC21CA883&expires=365
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
08fc1f390a6968c5983b6715b2a92536
Pragma
no-cache
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=C3A68CF631C540619D34CB6BC21CA883&expires=365
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:38:09 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=C3A68CF631C540619D34CB6BC21CA883
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=C3A68CF631C540619D34CB6BC21CA883
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
image/gif
vary
Accept
server
OXGW/0.0.0

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=C3A68CF631C540619D34CB6BC21CA883
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 18 Nov 2024 09:38:09 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 19 Nov 2024 09:38:09 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pixel
cm.g.doubleclick.net/ 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Tue, 19 Nov 2024 09:38:09 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
favicon.ico
www.tpaction.com/static/favicon/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/static/favicon/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e8714ccc46aa301e89e111ad8bec176b1b1a28fa6b5cb9a8be8c3a034875a672

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"47e-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731614380&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=vwp9tWOO%2FunHJ6mU0FCdyv%2BSXQ6uA3Y8v3cFdzpn2Pw%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43162&sent=562&recv=142&lost=14&retrans=14&sent_bytes=611694&recv_bytes=33392&delivery_rate=105837&cwnd=125159&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=1555&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:09 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/x-icon
vary
Accept-Encoding
priority
u=1,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1731614380&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=vwp9tWOO%2FunHJ6mU0FCdyv%2BSXQ6uA3Y8v3cFdzpn2Pw%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f39c79b0fd784-CDG
x-powered-by
Express
server
cloudflare
favicon-32x32.png
www.tpaction.com/static/favicon/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tpaction.com/static/favicon/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dc31209426b2bddf9bcac8bdf8ace49101154234b50d9f1645038c9599716499

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/confirm

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"474-192da1c6538"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1730265349&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=ydobsb1cLFU50xxPi3NROp2ADec%2Fg0i3DdG%2BlP9gosc%3D"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42627&sent=565&recv=143&lost=14&retrans=14&sent_bytes=612967&recv_bytes=34235&delivery_rate=28544&cwnd=125159&unsent_bytes=0&cid=ee120f3dc4de95ce&ts=1786&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 09:38:09 GMT
last-modified
Tue, 29 Oct 2024 21:09:07 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=1,i
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1730265349&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=ydobsb1cLFU50xxPi3NROp2ADec%2Fg0i3DdG%2BlP9gosc%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
public, max-age=120
via
1.1 vegur
cf-ray
8e4f39c91f51d784-CDG
x-powered-by
Express
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9Z0NNF0MGG&gtm=45je4be0v871649596za200zb9116452991&_p=1732009088556&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=1329143580.1732009089&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732009089&sct=1&seg=0&dl=https%3A%2F%2Fwww.tpaction.com%2Fconfirm&dt=&en=scroll&epn.percent_scrolled=90&_et=15&tfd=6472
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Z0NNF0MGG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpaction.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.tpaction.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 09:38:14 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=C3A68CF631C540619D34CB6BC21CA883

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer object| d string| s object| n object| e function| fbq function| _fbq object| webpackChunk_N_E object| sifi_att_42656 function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY function| _ object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

24 Cookies

Domain/Path Name / Value
.simpli.fi/ Name: suid
Value: C3A68CF631C540619D34CB6BC21CA883
.tpaction.com/ Name: _fbp
Value: fb.1.1732009088857.671865530508602966
.tpaction.com/ Name: _ga
Value: GA1.1.1329143580.1732009089
.tpaction.com/ Name: _ga_9Z0NNF0MGG
Value: GS1.1.1732009089.1.0.1732009089.0.0.0
.tpaction.com/ Name: cf_clearance
Value: B0gkxdmj7oKflnZZ3xaDVd0N2iank1uvuFo2mdtrcCA-1732009089-1.2.1.1-HRLVjgzDMhquOfSNLDkP6KZh8PTKJBmMfVy5FJ853wzQorbzSa_wsEfaAAn63dWKsjmZT57LKWzis8mInbOk7JWoxCfu5SRjv1BP_7NvxZMrvrYnWiWNhFyOe3BjKN38hM7jqDn1EHRfx1xhmm1dxWW6mYLOV0lFvygtrs0JDh5N6dx2EDQCmN7ojQNX1BCuKLGV9WyD6JtSbynyHCODY2_YI57mMk66mL0LP2DE0jpB0LZfsNvwSErr0oxARg7YqkPG3Gh4kXuGQUNsglTG9qSXkhqnjEIwNZ.BeYcBol13nrw8DYPzhYc0CjRRo2wEZQSDgmXRoM_.6bQ3l2SqJxx_a7CcGXCp6YTZ81KrMn8xYLDQaAXBU02kIuBYN9n7
.simpli.fi/ Name: uid_syncd_secure
Value: true
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tapad.com/ Name: TapAd_TS
Value: 1732009089489
.tapad.com/ Name: TapAd_DID
Value: 46be6360-16d1-41a5-ac95-2b351705182a
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-51533782-06d5-4f51-ad87-87035c1be1cd-003%22%7D
.adnxs.com/ Name: XANDR_PANID
Value: AN6N738aBmWvMycpdxhGG22ZhYpqI_dNaX7xPGt2lLoFXrm54VSncNaBPPWKfJlO28mUGfxXhg2TFhKXpxJrMdvYNMVbnwS6KjWFN-DrTK4.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 2544093850000623417
.pro-market.net/ Name: anProfile
Value: "1or8xkur1pxmx+1+1f=1+1g=1+1j=45+rs=s+rt=20010AC8002400440000000000000018+s2=(sn6yrl)+vm=24-C3A68CF631C540619D34CB6BC21CA883"
.pro-market.net/ Name: anHistory
Value: "1or8xkur1pxmx+2+!#7%.%]#_}I"
.agkn.com/ Name: ab
Value: 0001%3AjzBms9lbJRXJX4HcH0C7PLv0crshkbby
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2Hc#q0]/g!@wnfH8KW.dG5<#Z?U4ZFT08nEsKqGGmiIjEscJ@Gz]jqp5cBmpo5ypD7bi<tEeW*%(2K:$doS]%6lOTCTTY'
.exelator.com/ Name: EE
Value: "d4189d97779e331079b2483ba6f609d8"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-51533782-06d5-4f51-ad87-87035c1be1cd-003%22%7D
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHFxNDCMsXS3NzcMtXY2NDA3DLJyMTCOCnRLM3MwDLFYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYYEl%252BUWb6Is%252BQxUUpaQyLSopPBZ9c%252BBQAaecqUg%253D%253D"
.agkn.com/ Name: u
Value: C|0AAAAAAAALs8ZAQAAAAAA
.bfmio.com/ Name: __141_cid
Value: C3A68CF631C540619D34CB6BC21CA883
.bfmio.com/ Name: __io_cid
Value: f04f5c392e81ba9ed1ef1b3a8a848fc6b24d3fc4

4 Console Messages

Source Level URL
Text
network error URL: https://www.tpaction.com/confirm
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/419566.gif?partner_uid=C3A68CF631C540619D34CB6BC21CA883
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://stags.bluekai.com/site/29931?id=C3A68CF631C540619D34CB6BC21CA883
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network error URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=C3A68CF631C540619D34CB6BC21CA883
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.smtrk.net
aa.agkn.com
bcp.crwdcntrl.net
ce.lijit.com
cm.g.doubleclick.net
confirmcabinet.org
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
pixel.rubiconproject.com
pixel.tapad.com
region1.google-analytics.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
stags.bluekai.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
tpaction.com
um.simpli.fi
us-u.openx.net
www.facebook.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
www.tpaction.com
sync.intentiq.com
142.250.184.194
142.250.186.68
15.197.225.128
157.240.252.13
157.240.252.35
172.217.16.130
172.217.18.2
18.244.18.100
188.114.97.3
2.23.197.190
2001:4860:4802:34::36
2600:1901:0:8eee::
2600:1f18:612b:4200:9512:5159:2d9d:639a
2600:9000:223f:4400:1b:5138:8a40:93a1
2a00:1450:4001:812::2003
2a00:1450:4001:82f::2008
3.218.197.83
34.111.113.62
34.253.42.51
34.98.64.218
35.204.201.36
35.234.162.151
35.244.174.68
37.252.171.21
46.228.174.117
52.48.165.221
52.58.229.35
54.72.67.43
54.78.254.47
69.173.144.165
76.223.111.18
0b3d7bfd1bef9030e23949ab9a662846c4d2d448ac67e3d10c628ea13e75e04c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20
1fa0c7a0e7317c4b54085816c7b1009d713ca30bbdede012d331633e9d8d2f80
203a503931d93e5397cc929fd89c1a664cb0acf3e6695a3f9413150b01f956f2
24cda0b06b362521d7e1ec6dc63cea13bdd922b8321772ae7e6703165f65632f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41cfd9913f732e06dff8e4e97db64c80da6a122147e2cc915f9d01ece26ba927
4254c0165516a68ae130c7d1481477355f178c0519ac8222d07dd58fba3beb9c
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
482c4e1afdb32aef06bc81934de7d0e9e8072538f2d7c450a72312accca62525
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4
5aa294dff77717b8eb0f1d1656a2bf4ef512090eae0ea32e4a6013ccc6106143
5c8ed6bbc60218e6e9226a0b1aab868ff42d176b38bdec65a4a871a4f82355ef
6addd74fbf99d8e3bd9b7c03634801373e700d475759905a964b5659b302cefd
7a48d17ab5f32b5895f144370f1f2b16236587cedcbe143a09ccee048705c7e8
7a76d6bbd3c04f3a9ac78c33245c1df2261a6aed6d608c785ef95a1f85a5105e
8c08d65bd879c3f99a00092f923e56e2e0c17c5ff9d2730dba6caf3473afd4e4
8d6cb2bdbbd3d9eb2ae54b0ec0b105b5553980d2041f33c20d838b3fb606feea
8ea2e7970ed7582ddf7a438b51ca68f655464e33eb4e03737ec42dfe8bd2339a
953352169158762199934ddbb3eecd26c79cda968b48becbffd325040f01db21
9c09c1e3ffd71161795967bff6a2f48c0cbf45a1d8918d291d5442452ed2c5c6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a37ab350ffeadb81b9757ac1ac538ccbcc1327964f0396fd8c25aab23e9de98c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b23ab26f5a076e99e7180e56de17b618d393d02082997b9896bae78a90090b14
b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec
ba5b9fcd0fc8b49b9362f5946ef96cd37ada5af89dbe25f34a6907d557fca72c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d44a5a0d4e63d11b8b8e3329b2848247499e0b325d4ef2b3c888359256ec1008
dc31209426b2bddf9bcac8bdf8ace49101154234b50d9f1645038c9599716499
dc61cd7c58c7c670d393823d573ca27ce97cc2ba9a23a318d3712534baebf352
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51f0a777985badcec155b88b2d589fbf3eabcf4160da05f40c000e057b2d181
e8714ccc46aa301e89e111ad8bec176b1b1a28fa6b5cb9a8be8c3a034875a672
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4003166721fe2a3d37daee2b042bb3ebe0dde68c0276a73c6abab7ef947836b