caf.a23.mwp.accessdomain.com Open in urlscan Pro
132.148.52.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://caf.a23.mwp.accessdomain.com/
Effective URL:
https://caf.a23.mwp.accessdomain.com/
Submission: On October 22 via manual (October 22nd 2024, 1:00:23 pm UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 32 domains to perform 60 HTTP transactions. The main IP is 132.148.52.3, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is caf.a23.mwp.accessdomain.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on May 29th 2024. Valid for: a year.

This is the only time caf.a23.mwp.accessdomain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	132.148.52.3 132.148.52.3	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
4	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	162.159.135.45 162.159.135.45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
3	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
4	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
16 21	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:245... 2600:9000:2450:c000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:593c:dbb7:2512:528	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.17.74.249 52.17.74.249	16509 (AMAZON-02) (AMAZON-02)
1 1	52.58.53.23 52.58.53.23	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	3.209.58.121 3.209.58.121	14618 (AMAZON-AES) (AMAZON-AES)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.51.174.220 52.51.174.220	16509 (AMAZON-02) (AMAZON-02)
1	52.210.34.197 52.210.34.197	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
60	29

2 132.148.52.3 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 3.52.148.132.host.secureserver.net

caf.a23.mwp.accessdomain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 162.159.135.45 (None, )

ASN13335 (CLOUDFLARENET, US)

cafa23.p3cdn2.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 35.204.74.118 (Groningen, Netherlands) 16 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2450:c000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:593c:dbb7:2512:528 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.74.249 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-74-249.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.53.23 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-53-23.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom) 1 redirects

ASN203220 (YAHOO-DEB, GB)

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.58.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-58-121.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.174.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-174-220.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.34.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-34-197.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.46 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	simpli.fi 16 redirects tag.simpli.fi — Cisco Umbrella Rank: 4957 i.simpli.fi — Cisco Umbrella Rank: 4183 um.simpli.fi — Cisco Umbrella Rank: 913	13 KB
14	secureserver.net cafa23.p3cdn2.secureserver.net	659 KB
4	gstatic.com fonts.gstatic.com	72 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1113	95 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	155 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 267	2 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 283	433 B
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1779	2 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1830 ups.analytics.yahoo.com — Cisco Umbrella Rank: 495	507 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2566	868 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 542 d.agkn.com — Cisco Umbrella Rank: 782	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 446	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	181 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 ajax.googleapis.com — Cisco Umbrella Rank: 412	35 KB
2	accessdomain.com caf.a23.mwp.accessdomain.com	9 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 516	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 413	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 11271	64 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	24 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 89	23 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 462	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 912	223 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 976	266 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1137	27 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1507	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6710	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 415	140 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 582	236 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
0	intentiq.com Failed sync.intentiq.com Failed
0	1rx.io Failed sync.1rx.io Failed
60	32

	Domain	Requested by
21	um.simpli.fi	16 redirects
14	cafa23.p3cdn2.secureserver.net	caf.a23.mwp.accessdomain.com cafa23.p3cdn2.secureserver.net
4	fonts.gstatic.com	fonts.googleapis.com
4	maxcdn.bootstrapcdn.com	caf.a23.mwp.accessdomain.com maxcdn.bootstrapcdn.com
3	connect.facebook.net	caf.a23.mwp.accessdomain.com connect.facebook.net
2	ib.adnxs.com	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	www.facebook.com	caf.a23.mwp.accessdomain.com
2	www.googletagmanager.com	caf.a23.mwp.accessdomain.com www.googletagmanager.com
2	caf.a23.mwp.accessdomain.com	connect.facebook.net
1	cm.g.doubleclick.net
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.google.de
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	ups.analytics.yahoo.com
1	cms.analytics.yahoo.com	1 redirects
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	s.ad.smaato.net
1	i.simpli.fi	tag.simpli.fi
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	caf.a23.mwp.accessdomain.com
1	tag.simpli.fi	caf.a23.mwp.accessdomain.com
1	fonts.googleapis.com	caf.a23.mwp.accessdomain.com
0	sync.intentiq.com Failed
0	sync.1rx.io Failed
60	38

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
*.a23.mwp.accessdomain.com Starfield Secure Certificate Authority - G2	`2024-05-29` - `2025-06-30`	a year	crt.sh
bootstrapcdn.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.p3cdn2.secureserver.net Starfield Secure Certificate Authority - G2	`2023-10-02` - `2024-11-02`	a year	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://caf.a23.mwp.accessdomain.com/
Frame ID: E5500AC91784A490159CEA9357E70138
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Reliance Student Transportation | Reliance Student Transportation | School Bus Services

Page URL History Show full URLs

http://caf.a23.mwp.accessdomain.com/ HTTP 307
https://caf.a23.mwp.accessdomain.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

68 %
HTTPS

27 %
IPv6

32
Domains

38
Subdomains

29
IPs

6
Countries

1218 kB
Transfer

2291 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/reliancestudenttransportation
Title: Visit us on Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://caf.a23.mwp.accessdomain.com/ HTTP 307
https://caf.a23.mwp.accessdomain.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F9C7F4FC74F9401B850740ED15914AA9

Request Chain 37

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/F9C7F4FC74F9401B850740ED15914AA9

Request Chain 38

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=F9C7F4FC74F9401B850740ED15914AA9&dongle=yf3

Request Chain 39

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=F9C7F4FC74F9401B850740ED15914AA9

Request Chain 40

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=F9C7F4FC74F9401B850740ED15914AA9 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F9C7F4FC74F9401B850740ED15914AA9

Request Chain 41

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=F9C7F4FC74F9401B850740ED15914AA9 HTTP 302
https://d.agkn.com/pixel/10751/?che=1729602014769&ip=78.159.108.31&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219863205043002267667 HTTP 302
https://um.simpli.fi/aa_px?sk=219863205043002267667 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 42

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F9C7F4FC74F9401B850740ED15914AA9

Request Chain 45

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=F9C7F4FC74F9401B850740ED15914AA9;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=F9C7F4FC74F9401B850740ED15914AA9;mimetype=img;sr HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Request Chain 46

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=F9C7F4FC74F9401B850740ED15914AA9&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=F9C7F4FC74F9401B850740ED15914AA9&j=0&xl8blockcheck=1

Request Chain 48

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=F9C7F4FC74F9401B850740ED15914AA9

Request Chain 49

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=F9C7F4FC74F9401B850740ED15914AA9

Request Chain 50

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F9C7F4FC74F9401B850740ED15914AA9

Request Chain 51

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F9C7F4FC74F9401B850740ED15914AA9

Request Chain 52

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=F9C7F4FC74F9401B850740ED15914AA9

Request Chain 53

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1729602014508&cv=7&fst=1729602014508&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1396894715&cv=7&fst=1729602014508&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQI&pscrd=IhMI4ZG8zYWiiQMVRY6DBx1PjjijMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiVodHRwczovL2NhZi5hMjMubXdwLmFjY2Vzc2RvbWFpbi5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1396894715&cv=7&fst=1729602014508&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQI&pscrd=IhMI4ZG8zYWiiQMVRY6DBx1PjjijMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiVodHRwczovL2NhZi5hMjMubXdwLmFjY2Vzc2RvbWFpbi5jb20v&is_vtc=1&cid=CAQSGwDpaXnfx4RcA4V0FuqXNEsOIZLDV4IF4lD_dw&random=1238280681 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1396894715&cv=7&fst=1729602014508&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQI&pscrd=IhMI4ZG8zYWiiQMVRY6DBx1PjjijMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiVodHRwczovL2NhZi5hMjMubXdwLmFjY2Vzc2RvbWFpbi5jb20v&is_vtc=1&cid=CAQSGwDpaXnfx4RcA4V0FuqXNEsOIZLDV4IF4lD_dw&random=1238280681&ipr=y

Request Chain 55

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=F9C7F4FC74F9401B850740ED15914AA9 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF9C7F4FC74F9401B850740ED15914AA9

Request Chain 56

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F9C7F4FC74F9401B850740ED15914AA9&expires=365

Request Chain 57

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=F9C7F4FC74F9401B850740ED15914AA9

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
caf.a23.mwp.accessdomain.com/
Redirect Chain

http://caf.a23.mwp.accessdomain.com/
https://caf.a23.mwp.accessdomain.com/

30 KB
8 KB

1469ms
1128ms

Document
text/html

132.148.52.3
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://caf.a23.mwp.accessdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

132.148.52.3 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

3.52.148.132.host.secureserver.net

Software

openresty /

Resource Hash

b68d87ab93dd18c34a6be2abec11c4e4e02c5d83f0900567618202487b333dd8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 22 Oct 2024 13:00:13 GMT
server: openresty
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-backend: varnish_ssl
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 8.0
x-xss-protection: 1; mode=block

Redirect headers

Location: https://caf.a23.mwp.accessdomain.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 115 KB
22 KB 87ms
26ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: W/"eedf9ee80c2faa4e1b9ab9017cdfcb88"
age: 483342
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:00:13 GMT
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 03/18/2024 13:56:43
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f765aa737b66aef84b6266e1ad98e9b0
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8d69ab491f8b65a5-FRA
access-control-allow-origin: *
cdn-edgestorageid: 1077
server: cloudflare
cdn-requestcountrycode: DE

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 93ms
32ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "04425bbdc6243fc6e54bf8984fe50330"
age: 46279
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:00:13 GMT
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 09/24/2024 09:00:54
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 890d5ddd9ab19d944591e4d9074c17bd
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8d69ab491f8c65a5-FRA
access-control-allow-origin: *
cdn-edgestorageid: 1068
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 style.css
cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/ 14 KB
3 KB 257ms
193ms Stylesheet
text/css 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9298eadf363f4f8aa77420f4edd7b74ea7da6986d0f928ca5e9e3e512a30bd4c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

x-cacheproxy-retries: 0/2
content-encoding: gzip
cf-cache-status: MISS
etag: "379d-52ed08ed5ba00-gzip"
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Fri, 22 Nov 2024 13:00:13 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
date: Tue, 22 Oct 2024 13:00:13 GMT
content-type: text/css
last-modified: Thu, 24 Mar 2016 19:36:08 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab49199f383a-FRA
accept-ranges: bytes
content-length: 3240
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 94ms
29ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1fc1a2293506d032cc1cd606057ccca268701c12f29dac36b896acc6f1b036ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 13:00:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:00:13 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 11:11:40 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 style.min.css
cafa23.p3cdn2.secureserver.net/wp-includes/css/dist/block-library/ 110 KB
15 KB 255ms
192ms Stylesheet
text/css 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2&time=1729585405

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

x-cacheproxy-retries: 0/2
content-encoding: gzip
cf-cache-status: MISS
etag: "1b72b-624f8b3287829-gzip"
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Fri, 22 Nov 2024 13:00:13 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
date: Tue, 22 Oct 2024 13:00:13 GMT
content-type: text/css
last-modified: Mon, 21 Oct 2024 08:47:16 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab4919a2383a-FRA
accept-ranges: bytes
content-length: 14840
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

GET
H2 200 282113f0-0493-013b-56b8-0cc47a8ffaac Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 80ms
22ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/282113f0-0493-013b-56b8-0cc47a8ffaac
Requested by: Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: a4cf2794c4977a309060eda0a03de45ef3b5452f02fccb687311f62f8cd987bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

x-request-id: GADH3iiMqKr_6owp30UC
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Tue, 22 Oct 2024 13:00:13 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 logo.jpg
cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/ 12 KB
12 KB 271ms
208ms Image
image/jpeg 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/logo.jpg

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac97bfda759b9c8e17d4f0114d0042423b7aa874fac8fadc91a021c95e17874f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

x-cacheproxy-retries: 0/2
cf-cache-status: MISS
etag: "2eb0-52ecfed3f2640"
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Fri, 22 Nov 2024 13:00:13 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
date: Tue, 22 Oct 2024 13:00:13 GMT
content-type: image/jpeg
last-modified: Thu, 24 Mar 2016 18:50:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab4919a4383a-FRA
accept-ranges: bytes
content-length: 11952
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 100ms
34ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

content-encoding: gzip
age: 551230
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:53:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:53:03 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33434
x-xss-protection: 0
server: sffe

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 35 KB
11 KB 20ms
20ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

cdn-status: 200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"8c237312864d2e4c4f03544cd4f9b195"
age: 487729
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:00:13 GMT
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 08/29/2023 17:26:00
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 91f9c321f71c7c84d5eb99e3e9a086c8
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8d69ab497fe165a5-FRA
access-control-allow-origin: *
cdn-edgestorageid: 899
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 jquery.matchHeight.js Show response
cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/js/ 11 KB
3 KB 197ms
196ms Script
text/javascript 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/js/jquery.matchHeight.js

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9d5f146fcfdb201d88d6e07f1bec1960f93216ffc3b8a28b6c411b8b66c8b4a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

x-cacheproxy-retries: 0/2
content-encoding: gzip
cf-cache-status: MISS
etag: "2a92-52ecfed4e6880-gzip"
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Fri, 22 Nov 2024 13:00:13 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
date: Tue, 22 Oct 2024 13:00:13 GMT
content-type: text/javascript
last-modified: Thu, 24 Mar 2016 18:50:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab499a23383a-FRA
accept-ranges: bytes
content-length: 2811
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

GET
H2 200 custom.js Show response
cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/js/ 871 B
614 B 167ms
164ms Script
text/javascript 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/js/custom.js

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b12ddadb62e59ad0110f9d7bed0389817ac2a3e181ec014c922e15013b7cd970

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

x-cacheproxy-retries: 0/2
content-encoding: gzip
cf-cache-status: MISS
etag: "367-52ecfed4e6880-gzip"
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Fri, 22 Nov 2024 13:00:13 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
date: Tue, 22 Oct 2024 13:00:13 GMT
content-type: text/javascript
last-modified: Thu, 24 Mar 2016 18:50:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab4a6b12383a-FRA
accept-ranges: bytes
content-length: 522
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

GET d74c2d56-bee3-47f8-8982-232d14095227
https://caf.a23.mwp.accessdomain.com/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
77 KB 89ms
32ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLB8NX4

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df03568175b8a9081f4c76637be9339784bf41a493ceae4d6f83781dc926213c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 22 Oct 2024 13:00:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:00:13 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 22 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 78255
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 228 KB
58 KB 23ms
9ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js?v=next

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

703acdc3cdd769614f6bbf701649b7775be22505deb306cac01d792893d0582b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:00:13 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4466, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: rMu4NIR7ySbhkKpy7eKqYO1Yum9K/hno0AG9RN1+ZJn1PgklX6AuCyw5aIixDypuFWdnumqtJUJBcJ1pQTG10g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59503
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 header-bg.jpg
cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/ 301 KB
301 KB 215ms
214ms Image
image/jpeg 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/header-bg.jpg

Requested by

Host: cafa23.p3cdn2.secureserver.net
URL: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f883c3ce348778a380cdad01bd9471a37a0cb6f55bfd53bca881bbc5b7cc924

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Response headers

x-cacheproxy-retries: 0/2
cf-cache-status: MISS
etag: "4b3d2-52ecfed3f2640"
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Fri, 22 Nov 2024 13:00:14 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/jpeg
last-modified: Thu, 24 Mar 2016 18:50:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab4a8aca9a30-FRA
accept-ranges: bytes
content-length: 308178
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

GET
H3 200 cut-top.png
cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/ 2 KB
2 KB 184ms
183ms Image
image/png 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/cut-top.png

Requested by

Host: cafa23.p3cdn2.secureserver.net
URL: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

958323199bf7e5cc193bd5915eab2543a148f6d6e60b2af9acc721865438644a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Response headers

x-cacheproxy-retries: 0/2
cf-cache-status: MISS
etag: "792-52ecfed2fe400"
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Fri, 22 Nov 2024 13:00:14 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/png
last-modified: Thu, 24 Mar 2016 18:50:56 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab4a8acb9a30-FRA
accept-ranges: bytes
content-length: 1938
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

GET
H3 200 cut-btm.png
cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/ 2 KB
2 KB 184ms
183ms Image
image/png 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/cut-btm.png

Requested by

Host: cafa23.p3cdn2.secureserver.net
URL: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7f39d42f00f4b0353c487b72443e4697a91bc551064f2ada777e3cdf553f2a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Response headers

x-cacheproxy-retries: 0/2
cf-cache-status: MISS
etag: "7f9-52ecfed20a1c0"
x-content-type-options: nosniff
x-cache-hit: MISS
expires: Fri, 22 Nov 2024 13:00:14 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: uncached
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/png
last-modified: Thu, 24 Mar 2016 18:50:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab4a8ace9a30-FRA
accept-ranges: bytes
content-length: 2041
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

GET
H3 200 callout-img1.jpg
cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/ 69 KB
70 KB 546ms
546ms Image
image/jpeg 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/callout-img1.jpg

Requested by

Host: cafa23.p3cdn2.secureserver.net
URL: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

233ff371632714911f9d6d01113006cd08705786ae08275eb44b4c4c0bcd8ca4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Response headers

x-cacheproxy-retries: 0/2
cf-cache-status: MISS
etag: "11556-52ecfecf2db00"
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Fri, 22 Nov 2024 13:00:14 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/jpeg
last-modified: Thu, 24 Mar 2016 18:50:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab4a8acf9a30-FRA
accept-ranges: bytes
content-length: 70998
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

GET
H3 200 callout-img2.jpg
cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/ 62 KB
62 KB 188ms
188ms Image
image/jpeg 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/callout-img2.jpg

Requested by

Host: cafa23.p3cdn2.secureserver.net
URL: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af43199e711b3ffea4b5a8bf8cda50ee850cf254c34b2ae4e9c684091f4ab92b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Response headers

x-cacheproxy-retries: 0/2
cf-cache-status: MISS
etag: "f84f-52ecfed021d40"
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Fri, 22 Nov 2024 13:00:14 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/jpeg
last-modified: Thu, 24 Mar 2016 18:50:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab4a8ad09a30-FRA
accept-ranges: bytes
content-length: 63567
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

GET
H3 200 callout-img3.jpg
cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/ 61 KB
61 KB 196ms
195ms Image
image/jpeg 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/callout-img3.jpg

Requested by

Host: cafa23.p3cdn2.secureserver.net
URL: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f03b095a19e6f9b7bfc534c1038838c7310f00823fb54636d9042b14bc829920

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Response headers

x-cacheproxy-retries: 0/2
cf-cache-status: MISS
etag: "f255-52ecfed021d40"
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Fri, 22 Nov 2024 13:00:14 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/jpeg
last-modified: Thu, 24 Mar 2016 18:50:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab4a8ad19a30-FRA
accept-ranges: bytes
content-length: 62037
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

GET
H3 200 callout-img4.jpg
cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/ 115 KB
115 KB 210ms
210ms Image
image/jpeg 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/callout-img4.jpg

Requested by

Host: cafa23.p3cdn2.secureserver.net
URL: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7785a0dc47ea2661a259adb2e4c3ad58fa71c7d58c10f6296584907c6a6a09ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/style.css

Response headers

x-cacheproxy-retries: 0/2
cf-cache-status: MISS
etag: "1cbe6-52ecfed115f80"
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Fri, 22 Nov 2024 13:00:14 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/jpeg
last-modified: Thu, 24 Mar 2016 18:50:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab4a8ad29a30-FRA
accept-ranges: bytes
content-length: 117734
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 57ms
23ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://caf.a23.mwp.accessdomain.com
Referer: https://fonts.googleapis.com/

Response headers

age: 40648
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 01:42:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 01:42:45 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 89ms
55ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://caf.a23.mwp.accessdomain.com
Referer: https://fonts.googleapis.com/

Response headers

age: 50875
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 22:52:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 22:52:18 GMT
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18436
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 47ms
15ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://caf.a23.mwp.accessdomain.com
Referer: https://fonts.googleapis.com/

Response headers

age: 552332
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:34:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:34:41 GMT
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18492
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 89ms
57ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://caf.a23.mwp.accessdomain.com
Referer: https://fonts.googleapis.com/

Response headers

age: 603691
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 55 KB
56 KB 53ms
32ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://caf.a23.mwp.accessdomain.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Response headers

cdn-status: 200
cf-cache-status: MISS
etag: "97493d3f11c0a3bd5cbd959f5d19b699"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:00:13 GMT
content-type: font/woff2
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/20/2024 16:37:30
cdn-cache: HIT
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 1
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f773cb32f880a9f69bde84fa85809adf
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8d69ab4adbf618d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56780
cdn-edgestorageid: 755
server: cloudflare
cdn-requestcountrycode: DE

GET
H3 200 openbridge3.js Show response
connect.facebook.net/signals/plugins/ 241 KB
83 KB 13ms
12ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/openbridge3.js?v=next

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js?v=next

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

ec9a8f0959a8c347581d8c97e62279b57b2cd744b7216ed1c7055eebdc88d377

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:00:13 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=48, mss=1232, tbw=70226, tp=67, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: B6onMa1u1Rpj3i8oAGrPYAmRt4cjcujHvR+UhXHUl6YtZC8wWOWpHvIAYcJLevgc3vzFRkPGxDp0JsIbGP4YRA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 84471
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 571989364649317 Show response
connect.facebook.net/signals/config/ 74 KB
15 KB 175ms
174ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/571989364649317?v=next&r=stable&domain=caf.a23.mwp.accessdomain.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js?v=next

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

645d9c925116c1a55f61e41625415f80868c817fe857e31b4868908034245de7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=69, mss=1232, tbw=156722, tp=139, tpl=0, uplat=160, ullat=0
pragma: public
x-fb-debug: N6C13Nam5bTVOmOygMIHaLE+PkjfnapjimP2ActMEcbspVjBqRZtz1dPqh8DfYDHdOVwiu1+9nzfjHKynSPmNQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 310 KB
104 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HX8HRBGTYZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLB8NX4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bb19f8c587a432fd1f55a6cbad9e994e7827bed9232a32a341352415c7fb173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 22 Oct 2024 13:00:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106342
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 wp-emoji-release.min.js Show response
cafa23.p3cdn2.secureserver.net/wp-includes/js/ 18 KB
5 KB 170ms
170ms Script
text/javascript 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2&time=1729585405

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

x-cacheproxy-retries: 0/2
content-encoding: gzip
cf-cache-status: MISS
etag: "4926-624f8b332d492-gzip"
x-content-type-options: nosniff
x-cache-hit: MISS
expires: Fri, 22 Nov 2024 13:00:14 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: uncached
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/javascript
last-modified: Mon, 21 Oct 2024 08:47:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab4c3c4a9a30-FRA
accept-ranges: bytes
content-length: 5062
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

POST
H2 200 / Show response
caf.a23.mwp.accessdomain.com/ 0
609 B 486ms
483ms XHR
text/html 132.148.52.3
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://caf.a23.mwp.accessdomain.com/?ob=open-bridge/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/plugins/openbridge3.js?v=next

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

132.148.52.3 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

3.52.148.132.host.secureserver.net

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

access-control-max-age: 86400
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: no-store, no-cache, must-revalidate
x-backend: varnish_ssl
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://caf.a23.mwp.accessdomain.com
content-length: 0
x-xss-protection: 1; mode=block
server: openresty
x-fawn-proc-count: 1,0,24
x-php-version: 8.0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 106ms
21ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=571989364649317&ev=PageView&dl=https%3A%2F%2Fcaf.a23.mwp.accessdomain.com%2F&rl=&if=false&ts=1729602014154&sw=1600&sh=1200&v=next&r=stable&a=wordpress-6.6.2-4.0.0&ec=0&o=12318&eid=ob3_plugin-set_90f9c5eabc6f84929cdb1b048730cac497bd5615e444e7552a378697592d9cf9&fbp=fb.1.1729602014150.992092884476511113&cs_est=true&ler=empty&cdl=API_unavailable&it=1729602013908&coo=false&rqm=GET

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1297, tbw=2966, tp=-1, tpl=-1, uplat=1, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 318ms
233ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=571989364649317&ev=PageView&dl=https%3A%2F%2Fcaf.a23.mwp.accessdomain.com%2F&rl=&if=false&ts=1729602014154&sw=1600&sh=1200&v=next&r=stable&a=wordpress-6.6.2-4.0.0&ec=0&o=12318&eid=ob3_plugin-set_90f9c5eabc6f84929cdb1b048730cac497bd5615e444e7552a378697592d9cf9&fbp=fb.1.1729602014150.992092884476511113&cs_est=true&ler=empty&cdl=API_unavailable&it=1729602013908&coo=false&rqm=FGET

Requested by

Host: caf.a23.mwp.accessdomain.com
URL: https://caf.a23.mwp.accessdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428584087262818651"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 9WT298Q534cJqAZVRPtxcBeGulaZUuRc4b1YUgBtnjAL/QJkhzScyix9bhmXXBaJyBLiQ6G0BFMyVaQVqV9IrQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428584087262818651", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=14, mss=1297, tbw=3284, tp=-1, tpl=-1, uplat=218, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 79ms
22ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HX8HRBGTYZ&gtm=45je4ah0v893220175z8893218961za200zb893218961&_p=1729602013816&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685~101823848~101836706&cid=634663196.1729602014&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729602014&sct=1&seg=0&dl=https%3A%2F%2Fcaf.a23.mwp.accessdomain.com%2F&dt=Reliance%20Student%20Transportation%20%7C%20Reliance%20Student%20Transportation%20%7C%20School%20Bus%20Services&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2218
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HX8HRBGTYZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://caf.a23.mwp.accessdomain.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 p Show response
i.simpli.fi/ 798 B
761 B 29ms
28ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=385808&cb=sifi_att_15927._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/282113f0-0493-013b-56b8-0cc47a8ffaac
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: f8df88b5fecab8602e7593c0ac1d34b908c81f6e1153e792aa7f1c06169fb906

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: openresty

GET
H3 200 favicon.png
cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/ 6 KB
6 KB 189ms
189ms Other
image/png 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cafa23.p3cdn2.secureserver.net/wp-content/themes/reliance/images/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fdf4389934a0c4d7fdc4bab306b20215c7391f198918f0300217932801816c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

x-cacheproxy-retries: 0/2
cf-cache-status: MISS
etag: "1635-52ed0a8e1d140"
x-content-type-options: nosniff
x-cache-hit: HIT
expires: Fri, 22 Nov 2024 13:00:14 GMT
x-cacheable: YES
alt-svc: h3=":443"; ma=86400
x-cache: cached
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/png
last-modified: Thu, 24 Mar 2016 19:43:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=2678400
cf-ray: 8d69ab4eae839a30-FRA
accept-ranges: bytes
content-length: 5685
x-xss-protection: 1; mode=block
server: cloudflare
x-php-version: 8.0

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F9C7F4FC74F9401B850740ED15914AA9

0
236 B

104ms
55ms

Image
text/plain

2600:9000:2450:c000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F9C7F4FC74F9401B850740ED15914AA9
Protocol: H2
Server: 2600:9000:2450:c000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

via: 1.1 18c175f0712f202f852e6fa991d829d0.cloudfront.net (CloudFront)
cache-control: no-cache, must-revalidate
x-cache: Miss from cloudfront
x-amz-cf-id: uc-ZMfwdOAlLpJgpsBO-w5Rm1_aSDYsbSMw9Vde-WvrFYQbrIawTTw==
date: Tue, 22 Oct 2024 13:00:14 GMT
x-amz-cf-pop: CDG50-P4
server: CloudFront

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F9C7F4FC74F9401B850740ED15914AA9
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 21 Oct 2024 13:00:14 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET

F9C7F4FC74F9401B850740ED15914AA9
sync.1rx.io/usersync/simplifi/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/F9C7F4FC74F9401B850740ED15914AA9

0
0

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=F9C7F4FC74F9401B850740ED15914AA9&dongle=yf3

37 B
140 B

51ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=F9C7F4FC74F9401B850740ED15914AA9&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://eb2.3lift.com/xuid?mid=7969&xuid=F9C7F4FC74F9401B850740ED15914AA9&dongle=yf3
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 21 Oct 2024 13:00:14 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=F9C7F4FC74F9401B850740ED15914AA9

43 B
175 B

334ms
115ms

Image
image/gif

2600:1f18:612b:4264:593c:dbb7:2512:528
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=F9C7F4FC74F9401B850740ED15914AA9
Protocol: H2
Server: 2600:1f18:612b:4264:593c:dbb7:2512:528 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/gif
server: nginx

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://simplifi.partners.tremorhub.com/sync?UISF=F9C7F4FC74F9401B850740ED15914AA9
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 21 Oct 2024 13:00:14 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=F9C7F4FC74F9401B850740ED15914AA9
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F9C7F4FC74F9401B850740ED15914AA9

95 B
426 B

31ms
30ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F9C7F4FC74F9401B850740ED15914AA9

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 95
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/png
server: Jetty(11.0.13)

Redirect headers

strict-transport-security: max-age=31536000
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F9C7F4FC74F9401B850740ED15914AA9
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Tue, 22 Oct 2024 13:00:14 GMT
server: Jetty(11.0.13)

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=F9C7F4FC74F9401B850740ED15914AA9
https://d.agkn.com/pixel/10751/?che=1729602014769&ip=78.159.108.31&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219863205043002267667
https://um.simpli.fi/aa_px?sk=219863205043002267667
https://um.simpli.fi/empty.gif

43 B
361 B

25ms
24ms

Image
image/gif

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 43
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
location: /empty.gif
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 142
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F9C7F4FC74F9401B850740ED15914AA9

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 22ms
17ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 21 Oct 2024 13:00:14 GMT
access-control-allow-origin: *
content-length: 43
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 21ms
16ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 21 Oct 2024 13:00:14 GMT
access-control-allow-origin: *
content-length: 43
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58726/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=F9C7F4FC74F9401B850740ED15914AA9;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=F9C7F4FC74F9401B850740ED15914AA9;mimetype=img;sr
https://cms.analytics.yahoo.com/cms?partner_id=DATCS
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

0
108 B

64ms
57ms

Image
text/html

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Tue, 22 Oct 2024 13:00:14 GMT
age: 0
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade

Redirect headers

strict-transport-security: max-age=31536000
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
content-length: 257
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/html
content-language: en
server: ATS

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=F9C7F4FC74F9401B850740ED15914AA9&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=F9C7F4FC74F9401B850740ED15914AA9&j=0&xl8blockcheck=1

0
771 B

38ms
36ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=F9C7F4FC74F9401B850740ED15914AA9&j=0&xl8blockcheck=1
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

cache-control: no-cache
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Tue, 22 Oct 2024 13:00:14 GMT
x-powered-by: Undertow/1
server: nginx
access-control-allow-credentials: true

Redirect headers

cache-control: no-cache
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=F9C7F4FC74F9401B850740ED15914AA9&j=0&xl8blockcheck=1
access-control-allow-credentials: true
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/gif
x-powered-by: Undertow/1
server: nginx

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 27ms
22ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 21 Oct 2024 13:00:14 GMT
access-control-allow-origin: *
content-length: 43
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=F9C7F4FC74F9401B850740ED15914AA9

0
421 B

466ms
101ms

Image
text/plain

3.209.58.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=F9C7F4FC74F9401B850740ED15914AA9
Protocol: HTTP/1.1
Server: 3.209.58.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-58-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

Date: Tue, 22 Oct 2024 13:00:14 GMT
Connection: keep-alive

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://sync.bfmio.com/sync?pid=141&uid=F9C7F4FC74F9401B850740ED15914AA9
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 21 Oct 2024 13:00:14 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

500
Internal Server Error

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=F9C7F4FC74F9401B850740ED15914AA9

27 B
27 B

51ms
16ms

Image
text/html

2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=F9C7F4FC74F9401B850740ED15914AA9
Protocol: HTTP/1.1
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Tue, 22 Oct 2024 13:00:14 GMT
Content-Length: 27
Date: Tue, 22 Oct 2024 13:00:14 GMT
AK-GRN: 0.98d01702.1729602014.24ddd30
Content-Type: text/html

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://stags.bluekai.com/site/29931?id=F9C7F4FC74F9401B850740ED15914AA9
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 21 Oct 2024 13:00:14 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

404

tpid=F9C7F4FC74F9401B850740ED15914AA9
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F9C7F4FC74F9401B850740ED15914AA9

49 B
266 B

150ms
43ms

Image
image/gif

52.51.174.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F9C7F4FC74F9401B850740ED15914AA9
Protocol: H2
Server: 52.51.174.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-174-220.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

cache-control: no-cache
pragma: no-cache
expires: 0
access-control-allow-origin: *
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 49
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/gif
x-server: 10.45.27.168
server: Jetty(9.4.38.v20210224)

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F9C7F4FC74F9401B850740ED15914AA9
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 21 Oct 2024 13:00:14 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=F9C7F4FC74F9401B850740ED15914AA9

0
223 B

137ms
30ms

Image
text/plain

52.210.34.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F9C7F4FC74F9401B850740ED15914AA9
Protocol: H2
Server: 52.210.34.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-34-197.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 22 Oct 2024 13:00:14 GMT
pragma: no-cache
vary: Accept-Encoding
x-merge: GDPR Optout true

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://ce.lijit.com/merge?pid=2&3pid=F9C7F4FC74F9401B850740ED15914AA9
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 21 Oct 2024 13:00:14 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=F9C7F4FC74F9401B850740ED15914AA9

0
98 B

69ms
24ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=F9C7F4FC74F9401B850740ED15914AA9
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 22 Oct 2024 13:00:14 GMT

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://idsync.rlcdn.com/419566.gif?partner_uid=F9C7F4FC74F9401B850740ED15914AA9
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 21 Oct 2024 13:00:14 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1729602014508&cv=7&fst=1729602014508&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1396894715&cv=7&fst=1729602014508&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1396894715&cv=7&fst=1729602014508&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHD...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1396894715&cv=7&fst=1729602014508&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDs...

42 B
64 B

85ms
37ms

Image
image/gif

142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1396894715&cv=7&fst=1729602014508&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQI&pscrd=IhMI4ZG8zYWiiQMVRY6DBx1PjjijMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiVodHRwczovL2NhZi5hMjMubXdwLmFjY2Vzc2RvbWFpbi5jb20v&is_vtc=1&cid=CAQSGwDpaXnfx4RcA4V0FuqXNEsOIZLDV4IF4lD_dw&random=1238280681&ipr=y

Protocol

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 22 Oct 2024 13:00:14 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1396894715&cv=7&fst=1729602014508&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQI&pscrd=IhMI4ZG8zYWiiQMVRY6DBx1PjjijMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiVodHRwczovL2NhZi5hMjMubXdwLmFjY2Vzc2RvbWFpbi5jb20v&is_vtc=1&cid=CAQSGwDpaXnfx4RcA4V0FuqXNEsOIZLDV4IF4lD_dw&random=1238280681&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 22 Oct 2024 13:00:14 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 28ms
24ms Image
text/plain 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin: *
date: Tue, 22 Oct 2024 13:00:14 GMT
x-content-type-options: nosniff

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=F9C7F4FC74F9401B850740ED15914AA9
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF9C7F4FC74F9401B850740ED15914AA9

43 B
1 KB

20ms
19ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF9C7F4FC74F9401B850740ED15914AA9

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 78.159.108.31; 78.159.108.31; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 06114f17-11a8-44dc-8c77-55b771fe05a2
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 22 Oct 2024 13:00:14 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF9C7F4FC74F9401B850740ED15914AA9
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 78.159.108.31; 78.159.108.31; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 276c8770-8e84-4fbd-a2fd-7ce8fca9e91a
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 22 Oct 2024 13:00:14 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F9C7F4FC74F9401B850740ED15914AA9&expires=365

0
239 B

75ms
17ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F9C7F4FC74F9401B850740ED15914AA9&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 14d90060180bca4b3b64f131b647e645
Pragma: no-cache
Content-Type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F9C7F4FC74F9401B850740ED15914AA9&expires=365
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 21 Oct 2024 13:00:14 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=F9C7F4FC74F9401B850740ED15914AA9

43 B
264 B

76ms
24ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=F9C7F4FC74F9401B850740ED15914AA9
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: image/gif
vary: Accept
server: OXGW/0.0.0

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=F9C7F4FC74F9401B850740ED15914AA9
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 21 Oct 2024 13:00:14 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 22 Oct 2024 13:00:14 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 179ms
51ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://caf.a23.mwp.accessdomain.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Tue, 22 Oct 2024 13:00:14 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: caf.a23.mwp.accessdomain.com
URL: blob:https://caf.a23.mwp.accessdomain.com/d74c2d56-bee3-47f8-8982-232d14095227

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync/simplifi/F9C7F4FC74F9401B850740ED15914AA9

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F9C7F4FC74F9401B850740ED15914AA9

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.simpli.fi/	1970-01-21 09:13:44	Name: suid Value: F9C7F4FC74F9401B850740ED15914AA9
.accessdomain.com/	1970-01-21 02:36:18	Name: _fbp Value: fb.1.1729602014150.992092884476511113
.accessdomain.com/	1970-01-21 10:02:42	Name: _ga_HX8HRBGTYZ Value: GS1.1.1729602014.1.0.1729602014.0.0.0
.accessdomain.com/	1970-01-21 10:02:42	Name: _ga Value: GA1.1.634663196.1729602014
.simpli.fi/	1970-01-21 00:36:46	Name: uid_syncd_secure Value: true
.caf.a23.mwp.accessdomain.com/	1970-01-21 02:36:18	Name: PHPSESSID Value: 5pbjmkfuvsgtggag5h0jg883d5
.tapad.com/	1970-01-21 01:53:06	Name: TapAd_TS Value: 1729602014714
.tapad.com/	1970-01-21 01:53:06	Name: TapAd_DID Value: b55f10f5-5eb6-4972-ab8f-44534d5bafb0
.adnxs.com/	1970-01-21 02:36:18	Name: XANDR_PANID Value: CWxnkDv4ENa13D0j0YyCmr2I-927v4wRG1e6JDcKp5V9OTEzKmZmUqB7Qrbs3FdtNhTBbzn7eLe7AopVquhy4xVvv5zx6f76DvTo8gMGEvs.
.adnxs.com/	1970-01-21 10:02:42	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 02:36:18	Name: uuid2 Value: 8605413151971865425
.tapad.com/	1970-01-21 01:53:06	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-21 02:36:18	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2GUdMMF_M!@wnfH8KW.dG5<#Z?TyQH!ptup'svuEsgccp`a.>CzFL6qA.JEFp_QnFMVtmsDbn^(j#iP(Md+>)fy*@sjG%d
.doubleclick.net/	1970-01-21 00:26:42	Name: test_cookie Value: CheckForPermission
.pro-market.net/	1970-01-21 04:45:54	Name: anProfile Value: "u3470x1ut4qt+1+1f=1+1g=1+1j=41+rs=s+rt=2A000C982F000020000A000000000007+s2=(slrdge)+vm=24-F9C7F4FC74F9401B850740ED15914AA9"
.pro-market.net/	1970-01-21 01:09:54	Name: anHistory Value: "u3470x1ut4qt+2+!#7')%@#YwA"
.agkn.com/	1970-01-21 09:12:18	Name: ab Value: 0001%3APaysMtX3P7ACOkWxx1tlzKB4TVceAdYY
.exelator.com/	1970-01-21 03:19:30	Name: EE Value: "cdab5284471093fde2cb763818fc7c8b"
.agkn.com/	1970-01-21 09:12:18	Name: u Value: C\|0AAAAAAAALqpeXgAAAAAA
.exelator.com/	1970-01-21 03:19:30	Name: ud Value: "eJxrXxzq6XKLQSE5JTHJ1MjCxMTc0MDSOC0l1Sg5ydzM2MLQIi3ZPNkiaXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIckl%252BUWb6IhfXxUUpaQyLSopPBZ%252BM0gAAtJsqHQ%253D%253D"
.bfmio.com/	1970-01-21 09:12:18	Name: __141_cid Value: F9C7F4FC74F9401B850740ED15914AA9
.bfmio.com/	1970-01-21 09:12:18	Name: __io_cid Value: 26e3fd5e43f1a6e452930a0f2f2a4413ed09c7b2

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://stags.bluekai.com/site/29931?id=F9C7F4FC74F9401B850740ED15914AA9 Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=F9C7F4FC74F9401B850740ED15914AA9 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F9C7F4FC74F9401B850740ED15914AA9 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ajax.googleapis.com
bcp.crwdcntrl.net
caf.a23.mwp.accessdomain.com
cafa23.p3cdn2.secureserver.net
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
maxcdn.bootstrapcdn.com
pixel.rubiconproject.com
pixel.tapad.com
region1.google-analytics.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
stags.bluekai.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
tag.simpli.fi
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
caf.a23.mwp.accessdomain.com
sync.1rx.io
sync.intentiq.com
104.18.10.207
13.248.245.213
132.148.52.3
142.250.185.226
142.250.185.228
142.250.185.67
142.250.186.130
142.250.186.131
157.240.252.13
162.159.135.45
185.89.210.46
2.23.197.190
2001:4860:4802:32::36
2600:1901:0:8eee::
2600:1f18:612b:4264:593c:dbb7:2512:528
2600:9000:2450:c000:1b:5138:8a40:93a1
2a00:1288:80:807::1
2a00:1450:4001:803::200a
2a00:1450:4001:813::200a
2a00:1450:4001:81d::2008
2a03:2880:f177:185:face:b00c:0:25de
3.209.58.121
34.111.113.62
34.254.143.3
34.98.64.218
35.204.74.118
35.234.162.151
35.244.174.68
52.17.74.249
52.210.34.197
52.51.174.220
52.58.53.23
69.173.144.138
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
1fc1a2293506d032cc1cd606057ccca268701c12f29dac36b896acc6f1b036ee
233ff371632714911f9d6d01113006cd08705786ae08275eb44b4c4c0bcd8ca4
2bb19f8c587a432fd1f55a6cbad9e994e7827bed9232a32a341352415c7fb173
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4
645d9c925116c1a55f61e41625415f80868c817fe857e31b4868908034245de7
6f883c3ce348778a380cdad01bd9471a37a0cb6f55bfd53bca881bbc5b7cc924
703acdc3cdd769614f6bbf701649b7775be22505deb306cac01d792893d0582b
7785a0dc47ea2661a259adb2e4c3ad58fa71c7d58c10f6296584907c6a6a09ba
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8fdf4389934a0c4d7fdc4bab306b20215c7391f198918f0300217932801816c8
9298eadf363f4f8aa77420f4edd7b74ea7da6986d0f928ca5e9e3e512a30bd4c
958323199bf7e5cc193bd5915eab2543a148f6d6e60b2af9acc721865438644a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4cf2794c4977a309060eda0a03de45ef3b5452f02fccb687311f62f8cd987bc
a9d5f146fcfdb201d88d6e07f1bec1960f93216ffc3b8a28b6c411b8b66c8b4a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac97bfda759b9c8e17d4f0114d0042423b7aa874fac8fadc91a021c95e17874f
af43199e711b3ffea4b5a8bf8cda50ee850cf254c34b2ae4e9c684091f4ab92b
b12ddadb62e59ad0110f9d7bed0389817ac2a3e181ec014c922e15013b7cd970
b68d87ab93dd18c34a6be2abec11c4e4e02c5d83f0900567618202487b333dd8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
df03568175b8a9081f4c76637be9339784bf41a493ceae4d6f83781dc926213c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f39d42f00f4b0353c487b72443e4697a91bc551064f2ada777e3cdf553f2a7
ec9a8f0959a8c347581d8c97e62279b57b2cd744b7216ed1c7055eebdc88d377
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03b095a19e6f9b7bfc534c1038838c7310f00823fb54636d9042b14bc829920
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f8df88b5fecab8602e7593c0ac1d34b908c81f6e1153e792aa7f1c06169fb906
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

caf.a23.mwp.accessdomain.com Open in urlscan Pro 132.148.52.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

68 %HTTPS

27 %IPv6

32 Domains

38 Subdomains

29 IPs

6 Countries

1218 kBTransfer

2291 kBSize

22 Cookies

1 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

caf.a23.mwp.accessdomain.com Open in urlscan Pro
132.148.52.3 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

68 %
HTTPS

27 %
IPv6

32
Domains

38
Subdomains

29
IPs

6
Countries

1218 kB
Transfer

2291 kB
Size

22
Cookies

60 HTTP transactions
0 data transactions