www.askbis.com Open in urlscan Pro
54.72.3.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://r20.rs6.net/tn.jsp?f=001rpNZgFO2Krpc-Vn4CbHZelRZ2zMWweQ8sm7epWbteAY0flwP9cIEq6X6Yx7P6xyFydH4Pm3xmHhAShKxXhrP...
Effective URL:
https://www.askbis.com/lucky-charm-keeps-hackers/
Submission Tags: falconsandbox
Submission: On October 22 via api (October 22nd 2020, 1:33:05 am UTC) from US

Summary HTTP 135 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 48 IPs in 7 countries across 39 domains to perform 135 HTTP transactions. The main IP is 54.72.3.103, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.askbis.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 13th 2020. Valid for: 2 years.

This is the only time www.askbis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
1 7	54.72.3.103 54.72.3.103	16509 (AMAZON-02) (AMAZON-02)
47	2606:4700:20:... 2606:4700:20::ac43:46bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d018:71c... 2a05:d018:71c:cc00:be9b:52e7:b021:e50	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:f74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.140.39.77 51.140.39.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	2606:4700::68... 2606:4700::6813:9856	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
2	69.167.130.47 69.167.130.47	32244 (LIQUIDWEB) (LIQUIDWEB)
1	52.85.32.53 52.85.32.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
2	99.86.2.78 99.86.2.78	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:9::84 2a04:4e42:9::84	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3031::681f:4e71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	99.86.2.24 99.86.2.24	16509 (AMAZON-02) (AMAZON-02)
3	104.75.88.209 104.75.88.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	99.86.2.113 99.86.2.113	16509 (AMAZON-02) (AMAZON-02)
1	34.246.206.139 34.246.206.139	16509 (AMAZON-02) (AMAZON-02)
1	63.34.113.57 63.34.113.57	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:a913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
1 6	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.13.26.122 3.13.26.122	16509 (AMAZON-02) (AMAZON-02)
14 18	54.72.203.20 54.72.203.20	16509 (AMAZON-02) (AMAZON-02)
1	151.101.112.64 151.101.112.64	54113 (FASTLY) (FASTLY)
1	3.124.119.192 3.124.119.192	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	52.58.138.20 52.58.138.20	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1 2	54.93.211.166 54.93.211.166	16509 (AMAZON-02) (AMAZON-02)
1 2	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1	52.85.32.13 52.85.32.13	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::6818:7c49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
135	48

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.72.3.103 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-3-103.eu-west-1.compute.amazonaws.com

www.askbis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2606:4700:20::ac43:46bf (United States)

ASN13335 (CLOUDFLARENET, US)

pronto-core-cdn.prontomarketing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:71c:cc00:be9b:52e7:b021:e50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

bypronto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f74 (United States)

ASN13335 (CLOUDFLARENET, US)

os368.infusionsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.140.39.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.care5alea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9856 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

os368.infusionsoft.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

https-www-askbis-com.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.167.130.47 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)

frontend.id-visitors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.32.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-32-53.ham50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.2.78 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-78.fra6.r.cloudfront.net

app.purechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:9::84 (Ascension Island)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681f:4e71 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.simplesat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.2.24 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-24.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.75.88.209 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.2.113 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-113.fra6.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.206.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-206-139.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.113.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-113-57.eu-west-1.compute.amazonaws.com

api.simplesat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.40 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.13.26.122 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-26-122.us-east-2.compute.amazonaws.com

widgetapi.purechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.72.203.20 (Dublin, Ireland) 14 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-203-20.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.119.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-192.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.191 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.138.20 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-138-20.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.211.166 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-211-166.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.38 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.32.13 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-32-13.ham50.r.cloudfront.net

api-cdn.purechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6818:7c49 (United States)

ASN13335 (CLOUDFLARENET, US)

prod.purechatcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	prontomarketing.com pronto-core-cdn.prontomarketing.com	683 KB
23	adroll.com 14 redirects s.adroll.com d.adroll.com	29 KB
7	facebook.com www.facebook.com	770 B
7	askbis.com 1 redirects www.askbis.com	35 KB
5	purechat.com app.purechat.com widgetapi.purechat.com api-cdn.purechat.com	10 KB
5	disqus.com https-www-askbis-com.disqus.com disqus.com links.services.disqus.com	35 KB
5	gstatic.com fonts.gstatic.com	45 KB
5	facebook.net connect.facebook.net	296 KB
5	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	36 KB
4	disquscdn.com c.disquscdn.com	235 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	74 KB
4	doubleclick.net 3 redirects stats.g.doubleclick.net cm.g.doubleclick.net	3 KB
4	infusionsoft.app 1 redirects os368.infusionsoft.app	4 KB
3	pinterest.com ct.pinterest.com	1 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
2	purechatcdn.com prod.purechatcdn.com	218 KB
2	openx.net 1 redirects us-u.openx.net	478 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1003 B
2	3lift.com 1 redirects eb2.3lift.com	738 B
2	outbrain.com 1 redirects sync.outbrain.com	832 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	simplesat.io cdn.simplesat.io api.simplesat.io	88 KB
2	pinimg.com s.pinimg.com	18 KB
2	id-visitors.com frontend.id-visitors.com	2 KB
2	licdn.com snap.licdn.com	3 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
1	yahoo.com 1 redirects ads.yahoo.com	734 B
1	taboola.com sync.taboola.com	217 B
1	pubmatic.com simage2.pubmatic.com	1010 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	advertising.com pixel.advertising.com	125 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	138 B
1	google.de www.google.de	513 B
1	google.com 1 redirects www.google.com	342 B
1	care5alea.com secure.care5alea.com	408 B
1	infusionsoft.com os368.infusionsoft.com	3 KB
1	bypronto.com bypronto.com	336 B
1	rs6.net 1 redirects r20.rs6.net	366 B
135	39

	Domain	Requested by
47	pronto-core-cdn.prontomarketing.com	www.askbis.com pronto-core-cdn.prontomarketing.com
17	d.adroll.com	13 redirects
7	www.facebook.com	www.askbis.com connect.facebook.net
7	www.askbis.com	1 redirects www.askbis.com
6	s.adroll.com	1 redirects www.askbis.com s.adroll.com d.adroll.com
5	fonts.gstatic.com	fonts.googleapis.com
5	connect.facebook.net	www.askbis.com connect.facebook.net
4	c.disquscdn.com	https-www-askbis-com.disqus.com
4	os368.infusionsoft.app	1 redirects www.askbis.com os368.infusionsoft.app
3	ct.pinterest.com	s.pinimg.com www.askbis.com
3	ssl.google-analytics.com	1 redirects www.askbis.com
2	prod.purechatcdn.com	app.purechat.com www.askbis.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.outbrain.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	widgetapi.purechat.com	app.purechat.com ajax.googleapis.com
2	disqus.com	https-www-askbis-com.disqus.com
2	px.ads.linkedin.com	1 redirects www.askbis.com
2	s.pinimg.com	www.askbis.com s.pinimg.com
2	app.purechat.com	www.askbis.com app.purechat.com
2	www.google-analytics.com	www.askbis.com
2	frontend.id-visitors.com	www.askbis.com frontend.id-visitors.com
2	https-www-askbis-com.disqus.com	www.askbis.com
2	stats.g.doubleclick.net	1 redirects www.google-analytics.com
2	snap.licdn.com	www.askbis.com snap.licdn.com
1	ajax.googleapis.com	app.purechat.com
1	api-cdn.purechat.com	app.purechat.com
1	ads.yahoo.com	1 redirects
1	sync.taboola.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	pixel.advertising.com
1	links.services.disqus.com	c.disquscdn.com
1	d.adroll.mgr.consensu.org	1 redirects
1	api.simplesat.io	cdn.simplesat.io
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.linkedin.com	1 redirects
1	cdn.simplesat.io	www.askbis.com
1	static.hotjar.com	www.askbis.com
1	www.google.de	www.askbis.com
1	www.google.com	1 redirects
1	fonts.googleapis.com	www.askbis.com
1	secure.care5alea.com	www.askbis.com
1	os368.infusionsoft.com	www.askbis.com
1	bypronto.com	www.askbis.com
1	r20.rs6.net	1 redirects
135	52

This site contains links to these domains. Also see Links.

Domain
connect.askbis.com
goo.gl
techtimes.techadvisory.org
www.facebook.com
twitter.com
www.youtube.com
www.prontomarketing.com
purechat.com

Subject Issuer	Validity	Valid
www.askbis.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-07` - `2021-08-07`	a year	crt.sh
*.bypronto.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-11-06`	a year	crt.sh
*.infusionsoft.com Go Daddy Secure Certificate Authority - G2	`2020-07-10` - `2021-07-10`	a year	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-03` - `2021-05-31`	a year	crt.sh
*.infusionsoft.app GeoTrust TLS RSA CA G1	`2020-04-09` - `2021-06-08`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.id-visitors.com Go Daddy Secure Certificate Authority - G2	`2017-10-15` - `2021-01-12`	3 years	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
*.purechat.com Amazon	`2020-06-17` - `2021-07-17`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.simplesat.io Amazon	`2020-03-26` - `2021-04-26`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2018-08-30` - `2020-12-02`	2 years	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2020-10-04` - `2021-03-31`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-08-11` - `2021-12-31`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
purechatcdn.com Cloudflare Inc ECC CA-3	`2020-06-15` - `2021-06-15`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.askbis.com/lucky-charm-keeps-hackers/
Frame ID: 01ACDCCA752EF8FF708B894A35934738
Requests: 133 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 804E2F2A05C2AD5EA8B29704DC5EF9DE
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 436F8BF5D80259091FECDE7224F40C1C
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=https-www-askbis-com&t_i=7615%20http%3A%2F%2Faskbis.bypronto.com%2F%3Fp%3D7615&t_u=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&t_e=%E2%80%9CLucky%20Charm%E2%80%9D%20Keeps%20Hackers%20Out&t_d=%E2%80%9CLucky%20Charm%E2%80%9D%20Keeps%20Hackers%20Out%20-%20Mobile%2C%20Pensacola%20%7C%20BIS%2C%20Inc.&t_t=%E2%80%9CLucky%20Charm%E2%80%9D%20Keeps%20Hackers%20Out&s_o=default&l=
Frame ID: 8D3BE9CE9EA6F5053EC972A892FFCD88
Requests: 1 HTTP requests in this frame

Frame: https://os368.infusionsoft.app/app/webTracking/websiteTriggerIframe
Frame ID: BAA89854B08A83171985F11822AD6EC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://r20.rs6.net/tn.jsp?f=001rpNZgFO2Krpc-Vn4CbHZelRZ2zMWweQ8sm7epWbteAY0flwP9cIEq6X6Yx7P6xyF... HTTP 302
http://www.askbis.com/lucky-charm-keeps-hackers/ HTTP 301
https://www.askbis.com/lucky-charm-keeps-hackers/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

135
Requests

100 %
HTTPS

46 %
IPv6

39
Domains

52
Subdomains

48
IPs

7
Countries

1863 kB
Transfer

4927 kB
Size

16
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://connect.askbis.com/
Title: Remote Support

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/kTCCZ
Title: Get Directions

Search URL Search Domain Scan URL

URL: http://techtimes.techadvisory.org/2017/01/lucky-charm-keeps-hackers-out/
Title: Source.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ASKBIS

Search URL Search Domain Scan URL

URL: https://twitter.com/ASKBIS

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCqfgjJ5tlmYVn0v6zbNrFOQ

Search URL Search Domain Scan URL

URL: https://goo.gl/iWYM46

Search URL Search Domain Scan URL

URL: https://www.prontomarketing.com/
Title: Website by Pronto

Search URL Search Domain Scan URL

URL: https://purechat.com/powered-by-purechat?c=Business%20Information%20Solutions%2C%20Inc.&utm_source=www.askbis.com&utm_medium=widget&utm_campaign=poweredby
Title: Ruby

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://r20.rs6.net/tn.jsp?f=001rpNZgFO2Krpc-Vn4CbHZelRZ2zMWweQ8sm7epWbteAY0flwP9cIEq6X6Yx7P6xyFydH4Pm3xmHhAShKxXhrPbR9nxgOmKtSnnwZtMuFHXYK5q6UQVWePhjYrq0nV4uwkl1OTE7WndX3kLUX1wnqiHiFAlSY-imsSudvt80tdmvoJLucQhCpXe0vepgeLvQmBWz2tr_fBMXVCh_CGUebQIg%3D%3D&c=kedvSeSdXd6zMS6e4Sq4R3AZ_YmFJqQghsZTyIG_8yTtjkX-NIyk6w%3D%3D&ch=5HqPbQM-mqq7VkedbLmzgjExhWpwHMjzXw9PeBnnzymrZmYgO024hA%3D%3D HTTP 302
http://www.askbis.com/lucky-charm-keeps-hackers/ HTTP 301
https://www.askbis.com/lucky-charm-keeps-hackers/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=48767822&utmhn=www.askbis.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E2%80%9CLucky%20Charm%E2%80%9D%20Keeps%20Hackers%20Out%20-%20Mobile%2C%20Pensacola%20%7C%20BIS%2C%20Inc.&utmhid=1332999158&utmr=-&utmp=%2Flucky-charm-keeps-hackers%2F&utmht=1603330368552&utmac=UA-2952577-1&utmcc=__utma%3D194298429.575520704.1603330369.1603330369.1603330369.1%3B%2B__utmz%3D194298429.1603330369.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1788292868&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAgAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2952577-1&cid=575520704.1603330369&jid=1788292868&_v=5.7.2&z=48767822 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2952577-1&cid=575520704.1603330369&jid=1788292868&_v=5.7.2&z=48767822 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2952577-1&cid=575520704.1603330369&jid=1788292868&_v=5.7.2&z=48767822&slf_rd=1&random=260962616

Request Chain 76

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=350946&time=1603330368686&url=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D350946%26time%3D1603330368686%26url%3Dhttps%253A%252F%252Fwww.askbis.com%252Flucky-charm-keeps-hackers%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=350946&time=1603330368686&url=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&liSync=true

Request Chain 107

https://s.adroll.com/j/exp/QRURHZ3E6VADRI6NZBURHN/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 109

https://d.adroll.mgr.consensu.org/consent/iabcheck/QRURHZ3E6VADRI6NZBURHN?_s=4704f63cd70dc77bc05de940da1b88b2&_b=2 HTTP 302
https://d.adroll.com/consent/check/QRURHZ3E6VADRI6NZBURHN/?_s=4704f63cd70dc77bc05de940da1b88b2&_b=2

Request Chain 110

https://d.adroll.com/pixel/QRURHZ3E6VADRI6NZBURHN/U2KLE2FA3RE33CODUGG6WS?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&pv=1150978399.611158&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/QRURHZ3E6VADRI6NZBURHN/U2KLE2FA3RE33CODUGG6WS/KCA2NWDTV5B3DFX7DBF3XG.js

Request Chain 116

https://d.adroll.com/cm/aol/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 117

https://d.adroll.com/cm/index/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&expiration=1634866369 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&expiration=1634866369&C=1

Request Chain 118

https://d.adroll.com/cm/n/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&expires=365

Request Chain 119

https://d.adroll.com/cm/outbrain/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&rdrctExp=true

Request Chain 120

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 121

https://d.adroll.com/cm/taboola/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA

Request Chain 122

https://d.adroll.com/cm/triplelift/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 123

https://d.adroll.com/cm/r/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 124

https://d.adroll.com/cm/b/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA

Request Chain 125

https://d.adroll.com/cm/x/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA

Request Chain 127

https://d.adroll.com/cm/o/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=a0eaff126c74873a309e91194d1a25f0 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a0eaff126c74873a309e91194d1a25f0

Request Chain 128

https://d.adroll.com/cm/g/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=oOr_Emx0hzownpEZTRol8A HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=oOr_Emx0hzownpEZTRol8A&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 129

https://os368.infusionsoft.app/app/webTracking/contact/1603330368590?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=www.askbis.com&location=https://www.askbis.com/lucky-charm-keeps-hackers/&referrer= HTTP 302
https://os368.infusionsoft.app/slices/spacer.gif

135 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.askbis.com/lucky-charm-keeps-hackers/
Redirect Chain

http://r20.rs6.net/tn.jsp?f=001rpNZgFO2Krpc-Vn4CbHZelRZ2zMWweQ8sm7epWbteAY0flwP9cIEq6X6Yx7P6xyFydH4Pm3xmHhAShKxXhrPbR9nxgOmKtSnnwZtMuFHXYK5q6UQVWePhjYrq0nV4uwkl1OTE7WndX3kLUX1wnqiHiFAlSY-imsSudvt80...
http://www.askbis.com/lucky-charm-keeps-hackers/
https://www.askbis.com/lucky-charm-keeps-hackers/

69 KB
22 KB

116ms
51ms

Document
text/html

54.72.3.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.askbis.com/lucky-charm-keeps-hackers/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.72.3.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-3-103.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

794c145112c0c3c4ec6b1ff968c5842b1ad2686746e0f781df82aaca3ae8722f

Security Headers

Name	Value
Content-Security-Policy
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.askbis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Thu, 22 Oct 2020 01:32:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 21728
Connection: keep-alive
Set-Cookie: mtsnb_lastvisited=1603254179; expires=Sat, 19-Oct-2030 04:22:59 GMT; Max-Age=315360000; path=/; domain=www.askbis.com; secure mtsnb_lastvisit_posts=%5B7615%5D; expires=Sat, 19-Oct-2030 04:22:59 GMT; Max-Age=315360000; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
X-Pingback: https://www.askbis.com/xmlrpc.php
Link: <https://www.askbis.com/wp-json/>; rel="https://api.w.org/" <https://www.askbis.com/?p=7615>; rel=shortlink
Content-Security-Policy
Content-Encoding: gzip
X-Cache-Status: MISS
Vary: Accept-Encoding
X-Cache-Varnish: HIT West
Accept-Ranges: bytes

Redirect headers

Server: nginx
Date: Thu, 22 Oct 2020 01:32:48 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.askbis.com/lucky-charm-keeps-hackers/

GET
H2 200 bootstrap.min.css
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/bootstrap/css/ 95 KB
15 KB 51ms
30ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/bootstrap/css/bootstrap.min.css
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325700
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fabb000024886219e000000001
pragma: public
last-modified: Mon, 14 May 2018 09:02:24 GMT
server: cloudflare
etag: W/"5af950a0-17c3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f77712b352488-FRA
x-amz-cf-id: e8oUYs6a4WO3xiHT4zTKCUfwllcMx0D8o3_TcCK8vThvD5jzEQT3Iw==
expires: Sat, 03 Oct 2020 11:05:07 GMT

GET
H2 200 all.min.css
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/css/ 160 KB
28 KB 43ms
22ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/css/all.min.css?v=5.11.2-pro
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8511276a27014cf836b9ebaecd1e2ac49619482c9bcc3d0a080b56e64133348a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325700
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fab7000024888a99f000000001
pragma: public
last-modified: Thu, 07 Nov 2019 07:22:54 GMT
server: cloudflare
etag: W/"5dc3c64e-280c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77712b362488-FRA
x-amz-cf-id: zpgcVgciQb8K146gF6UHKw3B8HA806LgvvXHWtytih8Irp2z0m5cyA==
expires: Mon, 12 Oct 2020 02:23:40 GMT

GET
H2 200 v4-shims.min.css
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/css/ 26 KB
4 KB 38ms
17ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/css/v4-shims.min.css?v=5.11.2-pro
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c6d5ac4c77a0cd4dcae820b87afd1ee0b18a72bf0dd8f7de168fd307ac47041

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325700
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fab70000248849396000000001
pragma: public
last-modified: Thu, 07 Nov 2019 07:22:54 GMT
server: cloudflare
etag: W/"5dc3c64e-6751"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f77712b372488-FRA
x-amz-cf-id: Do8iyN8iaQY86cXImWZiwgZA28OPkv25nZoR0rg1oS_L23ARVSUA-w==
expires: Sat, 03 Oct 2020 10:51:05 GMT

GET
H2 200 style.min.css
pronto-core-cdn.prontomarketing.com/2/wp-includes/css/dist/block-library/ 52 KB
7 KB 46ms
25ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325700
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fab800002488693b6000000001
pragma: public
last-modified: Wed, 17 Jun 2020 05:10:34 GMT
server: cloudflare
etag: W/"5ee9a5ca-d159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77712b382488-FRA
x-amz-cf-id: c0lSODOsJuK_f4Y5aBbszZHtKm4x_g_avgbYhmzRaU-X-Lre3P6hjQ==
expires: Tue, 06 Oct 2020 14:52:29 GMT

GET
H2 200 pronto_magnific_popup.css
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/pronto-magnific-popup/ 6 KB
2 KB 35ms
15ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/pronto-magnific-popup/pronto_magnific_popup.css?ver=5.4.2
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0791d9c576f8db58aa141f7309d93dcbd79c9a6177f0723b9ab3cb1afe9ff230

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325656
cf-polished: origSize=7615
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fab8000024881fb4a000000001
pragma: public
last-modified: Mon, 14 May 2018 09:02:24 GMT
server: cloudflare
etag: W/"5af950a0-1dbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Sun, 27 Sep 2020 03:47:19 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77712b392488-FRA
x-amz-cf-id: Vo2BJTdMxjCh0R1zT1VHphQHYpC1ABbc18cuYrahyQCQrrcGsrpY_Q==
cf-bgj: minify

GET
H2 200 flexslider.css
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/wooslider/assets/css/ 4 KB
2 KB 34ms
13ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/wooslider/assets/css/flexslider.css?ver=2.0.1
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b302155b6a82a3f166cf2e7f045a04d4fec13444ce93186fcbc72917a6e0cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325700
cf-polished: origSize=5466
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fab80000248809820000000001
pragma: public
last-modified: Mon, 14 May 2018 09:02:24 GMT
server: cloudflare
etag: W/"5af950a0-155a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Tue, 20 Oct 2020 04:05:02 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77712b3a2488-FRA
x-amz-cf-id: vi2BPK_OOSsCMaGSB6S6M-oNVd8isD2yHNS_8pHyPXMKpOcuvI-tlg==
cf-bgj: minify

GET
H2 200 style.css
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/wooslider/assets/css/ 4 KB
1 KB 41ms
21ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/wooslider/assets/css/style.css?ver=2.0.1
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dc22200f64ece18c1413668318154e28f312752a9fcf9d989b8bfccf95632d0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325700
cf-polished: origSize=5175
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88faba00002488149af000000001
pragma: public
last-modified: Mon, 14 May 2018 09:02:24 GMT
server: cloudflare
etag: W/"5af950a0-1437"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Tue, 13 Oct 2020 11:48:32 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77712b422488-FRA
x-amz-cf-id: 5hNh03dsIoLtbxU9O5ltBReAjFeqtrVq7E83dAhdUS3GmxJSK6r23A==
cf-bgj: minify

GET
H2 200 jquery.qtip.min.css
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/css/vendor/ 9 KB
2 KB 35ms
15ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/css/vendor/jquery.qtip.min.css?ver=3.1.19
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26f7559b1bfb4342ec375109a36cdcd6b002c336ad3b3932c75d5823868ff4f6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2310153
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fab8000024885515f000000001
pragma: public
last-modified: Tue, 14 Aug 2018 10:51:58 GMT
server: cloudflare
etag: W/"5b72b44e-2316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f77712b3b2488-FRA
x-amz-cf-id: yT4xrFTamPTnI-K8gf1zQMLhGgBB4QmqyroyGMcfNdcJ7iFDa2qkdg==
expires: Sat, 24 Oct 2020 03:22:35 GMT

GET
H2 200 default-calendar-grid.min.css
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/css/ 10 KB
2 KB 40ms
20ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/css/default-calendar-grid.min.css?ver=3.1.19
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2efd4118b4b96383fec6d38dbac289c0652473bbbae72d509bf4deb435dab036

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2310153
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fabb0000248844b78000000001
pragma: public
last-modified: Mon, 20 Aug 2018 03:48:31 GMT
server: cloudflare
etag: W/"5b7a3a0f-28a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77712b462488-FRA
x-amz-cf-id: Vfs3XEz-bf9ycTvCJ9_Hj6MxigkkPFadqlfMkurPEUzgIoBi_XEC7w==
expires: Tue, 20 Oct 2020 07:29:14 GMT

GET
H2 200 default-calendar-list.min.css
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/css/ 9 KB
2 KB 34ms
14ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/css/default-calendar-list.min.css?ver=3.1.19
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4123676544cd9f03a923e7298752be83cae12883800f63d7175810a095382f8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2310153
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fab90000248839256000000001
pragma: public
last-modified: Mon, 20 Aug 2018 03:48:31 GMT
server: cloudflare
etag: W/"5b7a3a0f-23ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f77712b3c2488-FRA
x-amz-cf-id: ylAohzOdF5m1PqOt-pQJa1VD1nNarzUKwDH5W_yYLKEMIdcLA0QUPQ==
expires: Fri, 23 Oct 2020 01:39:44 GMT

GET
H2 200 sharing.css
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/jetpack/modules/sharedaddy/ 16 KB
3 KB 36ms
16ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=7.7.1
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a6146dcfe5d7f577947b6f0387575a43a2c67481632c5b802d77db6ffd3cb2d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325656
cf-polished: origSize=19470
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fab90000248836afe000000001
pragma: public
last-modified: Fri, 20 Sep 2019 03:44:52 GMT
server: cloudflare
etag: W/"5d844b34-4c0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Tue, 06 Oct 2020 00:25:44 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77712b3d2488-FRA
x-amz-cf-id: E1V5Xhkw9JdS5DaYkt9paUF6i77BAP436g6VA66i9BEHVJ9ZF0-pJw==
cf-bgj: minify

GET
H2 200 social-logos.min.css
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/jetpack/_inc/social-logos/ 26 KB
19 KB 37ms
17ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1ced1bd0736a56a0c44fd7b3bf8134850398ecddd52a0f5e6e437c5d527999

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325656
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fabb00002488572d5000000001
pragma: public
last-modified: Wed, 09 Jan 2019 10:15:00 GMT
server: cloudflare
etag: W/"5c35c9a4-6866"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77712b442488-FRA
x-amz-cf-id: lN5-SyOcgo71okyF241YligaZbsfWRIUFOHSFPBim7KzTo9pBrGBkQ==
expires: Sun, 18 Oct 2020 01:45:36 GMT

GET
H2 200 jquery.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-includes/js/jquery/ 95 KB
32 KB 45ms
26ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325761
cf-polished: origSize=96873
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fabc000024880a395000000001
pragma: public
last-modified: Thu, 18 Jul 2019 05:00:05 GMT
server: cloudflare
etag: W/"5d2ffcd5-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Sat, 24 Oct 2020 10:56:01 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f77712b492488-FRA
x-amz-cf-id: mB8ieTaIv6GSrFfov5D4uHtqXVoUUJeBEVK2McSHH8TXhQvdjVqQAQ==
cf-bgj: minify

GET
H2 200 jquery-migrate.min.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-includes/js/jquery/ 10 KB
4 KB 41ms
22ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325761
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fabb00002488192f9000000001
pragma: public
last-modified: Mon, 14 May 2018 09:02:25 GMT
server: cloudflare
etag: W/"5af950a1-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77712b482488-FRA
x-amz-cf-id: fXUNw_mWIxV-e1vgm_mqBiSS5gkwLmp7FWa3s0CgR5-I9v-AIB-xBw==
expires: Fri, 09 Oct 2020 04:56:35 GMT

GET
H/1.1 200
OK / Show response
bypronto.com/ 0
336 B 363ms
290ms Script
text/html 2a05:d018:71c:cc00:be9b:52e7:b021:e50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bypronto.com/?dm=5dfb0719a6fad5747864eacbb96eddc8&action=load&blogid=515&siteid=1&t=102021396&back=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a05:d018:71c:cc00:be9b:52e7:b021:e50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Pingback: https://bypronto.com/xmlrpc.php
Date: Thu, 22 Oct 2020 01:32:48 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Transfer-Encoding: chunked
X-Cache-Varnish: MISS West
Accept-Ranges: bytes

GET
H2 200 main.css
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/css/ 41 KB
8 KB 41ms
22ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/css/main.css?1592375304
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9253337ca1e61322a2786816f554274187178115ce3394297e60d70a2f867c04

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325700
cf-polished: origSize=62085
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88faba000024881eb52000000001
pragma: public
last-modified: Wed, 17 Jun 2020 06:28:24 GMT
server: cloudflare
etag: W/"5ee9b808-f285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Sun, 04 Oct 2020 04:41:09 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77712b432488-FRA
x-amz-cf-id: HjcsYU-buoneGyEg8LoeHltZWxlwm1YRWwaWVELx8RnebH8CGLUnjA==
cf-bgj: minify

GET
H2 200 style.css
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix-child/ 36 KB
6 KB 39ms
21ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix-child/style.css?1526288544
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f188c3017f993444dc8c267139cd5dd9466e29b181ace0f310933aa9c704851

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325700
cf-polished: origSize=46408
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88faba000024884aa9e000000001
pragma: public
last-modified: Mon, 14 May 2018 09:02:24 GMT
server: cloudflare
etag: W/"5af950a0-b548"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Sun, 18 Oct 2020 13:27:32 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77712b402488-FRA
x-amz-cf-id: fJkymBLC_493HbSzfiyMUwPh76olXpoUIDT5cNmI_4UKQcZ8qOSXHw==
cf-bgj: minify

GET
H/1.1 200
OK /
www.askbis.com/ 31 KB
6 KB 37ms
35ms Stylesheet
text/css 54.72.3.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.askbis.com/?custom-css=195b43ea68
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.72.3.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-3-103.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b25a64e44873ac61b4c46b4843e7b416ee6fe5e40938a6c57dffb21bbd8d412a

Request headers

Referer: https://www.askbis.com/lucky-charm-keeps-hackers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 01:32:48 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
X-Cache-Varnish: HIT West
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 22 Oct 2021 00:44:09 GMT

GET
H2 200 hamburgers.css
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/js/jQuery.mmenu-master/dist/ 22 KB
2 KB 34ms
16ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/js/jQuery.mmenu-master/dist/hamburgers.css
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da3b53cad6493e4bc3ebc4119f4ac0aaa836719a62badf32047a78efb5a794b0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325667
cf-polished: origSize=27049
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88faba000024885db8f000000001
pragma: public
last-modified: Fri, 31 Aug 2018 02:00:22 GMT
server: cloudflare
etag: W/"5b88a136-69a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Fri, 09 Oct 2020 05:09:43 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77712b3f2488-FRA
x-amz-cf-id: pqZzs_XHaQ8vkeZL_jbZRQS8ZMmkzLDUe1qUx1wFOw5JPrOSUeZf6A==
cf-bgj: minify

GET
H2 200 jquery.mmenu.all.css
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/js/jQuery.mmenu-master/dist/ 61 KB
7 KB 46ms
28ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/js/jQuery.mmenu-master/dist/jquery.mmenu.all.css
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78b7e339a157dcfd478816c0b11e30b622716c383308390e49b9882c011881ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325667
cf-polished: origSize=62190
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fab900002488593ce000000001
pragma: public
last-modified: Thu, 30 Aug 2018 08:35:27 GMT
server: cloudflare
etag: W/"5b87ac4f-f2ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Sat, 10 Oct 2020 04:21:04 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77712b3e2488-FRA
x-amz-cf-id: UWxKPOjpjrXzorjGkDTmxakuGQJDiTunvEXPiGnW-N6SrH0L2fB65g==
cf-bgj: minify

GET
H2 200 logo.png
pronto-core-cdn.prontomarketing.com/2/wp-content/uploads/sites/515/2014/06/ 7 KB
8 KB 30ms
25ms Image
image/webp 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/uploads/sites/515/2014/06/logo.png
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eebb0081c749d5d90982cbc3878eec483f3487f269bbbd451f3b2c590e82fcba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 c68aa4270b22c7e4e7044fd6df451f71.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 851931
cf-polished: origFmt=png, origSize=13288
x-cache: Hit from cloudfront
status: 200
content-disposition: inline; filename="logo.webp"
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-length: 7204
cf-request-id: 05ef88fb31000024881c012000000001
pragma: public
last-modified: Wed, 04 Jun 2014 04:32:51 GMT
server: cloudflare
etag: "538ea173-33e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 22 Dec 2028 06:13:00 GMT
cache-control: public, max-age=259200000
x-amz-cf-pop: HEL50-C1
accept-ranges: bytes
cf-ray: 5e5f7771ec092488-FRA
access-control-allow-headers: Content-Type
x-amz-cf-id: 23-b2GqzTLtFYd9dnfeTvIqQFW3Wovx2Zte-6e8s-r3aopRLcPm9Sg==
cf-bgj: imgq:100,h2pri

GET
H2 200 Bis_MoneyBack-Logo.png
pronto-core-cdn.prontomarketing.com/2/wp-content/uploads/sites/515/2018/02/ 11 KB
11 KB 32ms
28ms Image
image/webp 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/uploads/sites/515/2018/02/Bis_MoneyBack-Logo.png
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d671180eeb634e7a923ec4a930f33e48c9d586e5861f7f12a7175971264d7a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 1af5cf4385642d0f2bca9faac179c6e5.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 851931
cf-polished: origFmt=png, origSize=16803
x-cache: Hit from cloudfront
status: 200
content-disposition: inline; filename="Bis_MoneyBack-Logo.webp"
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-length: 10900
cf-request-id: 05ef88fb31000024888683d000000001
pragma: public
last-modified: Fri, 23 Feb 2018 09:32:41 GMT
server: cloudflare
etag: "5a8fdfb9-41a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 22 Dec 2028 06:13:00 GMT
cache-control: public, max-age=259200000
x-amz-cf-pop: HEL50-C1
accept-ranges: bytes
cf-ray: 5e5f7771ec0a2488-FRA
access-control-allow-headers: Content-Type
x-amz-cf-id: tJjxZVU6eWVZoQTO4VYweJVRauuXgsh2WvVl5m5jpIMZr6_O4Jrd1Q==
cf-bgj: imgq:100,h2pri

GET
H2 200 getTrackingCode Show response
os368.infusionsoft.com/app/webTracking/ 7 KB
3 KB 194ms
169ms Script
text/javascript 2606:4700::6812:f74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://os368.infusionsoft.com/app/webTracking/getTrackingCode

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1a9c6940fb184bc792720d866a133e7f5480e07b89410980e49637fcb59e842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000;includeSubDomains
cf-request-id: 05ef88faf60000325c61a9c000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 google
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
cf-ray: 5e5f77718bd5325c-FRA
expires: Thu, 22 Oct 2020 01:32:48 GMT

GET
H2 200 formreset.min.css
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/gravityforms/css/ 4 KB
897 B 11ms
11ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/gravityforms/css/formreset.min.css?ver=2.4.14
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 784a99d40268afc0eab1bd5c2cd3f4c46e80748dd5d511b5fb53c1abf027eb24

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325656
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fae1000024881fb4c000000001
pragma: public
last-modified: Mon, 14 May 2018 09:02:23 GMT
server: cloudflare
etag: W/"5af9509f-f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f77716b8f2488-FRA
x-amz-cf-id: 8khfLAlg0xBrLTgDHiLfpksne4TPdozMOlAcAKo3ZCd0ZoCcJGL1YA==
expires: Sun, 18 Oct 2020 14:39:36 GMT

GET
H2 200 formsmain.min.css
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/gravityforms/css/ 72 KB
11 KB 16ms
16ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/gravityforms/css/formsmain.min.css?ver=2.4.14
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b54e94d980151a120eb0d3c161b0af28e988d8c2b257d52e9958c6157a631e6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325656
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb220000248861bc6000000001
pragma: public
last-modified: Wed, 30 Oct 2019 05:00:03 GMT
server: cloudflare
etag: W/"5db918d3-11e5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f7771dbe62488-FRA
x-amz-cf-id: veqwIh5ggYDy8JyvZPbQsNKXWOP9TgQOmB2bklaMBuekMI6enYCe2g==
expires: Sat, 26 Sep 2020 05:19:32 GMT

GET
H2 200 readyclass.min.css
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/gravityforms/css/ 29 KB
3 KB 17ms
10ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/gravityforms/css/readyclass.min.css?ver=2.4.14
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b36c610adf667f8f1f228e6d2390947a81257cdae72b98c1c07cbe50f9ff06d3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325656
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb2d0000248809825000000001
pragma: public
last-modified: Thu, 21 Jun 2018 04:07:14 GMT
server: cloudflare
etag: W/"5b2b2472-75df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f7771ebf12488-FRA
x-amz-cf-id: jmF4hqs01o3k0HKu-YhcLvZ7hIwa8646HQKOxieTY1jXETGL7HtdPA==
expires: Fri, 16 Oct 2020 07:29:11 GMT

GET
H2 200 browsers.min.css
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/gravityforms/css/ 7 KB
1 KB 23ms
16ms Stylesheet
text/css 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/gravityforms/css/browsers.min.css?ver=2.4.14
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e84eb055418b1d5b659bbc2e6022fe0ae37548287e6717e80cc13a2251e5abf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325656
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb2e000024883925c000000001
pragma: public
last-modified: Wed, 21 Nov 2018 07:23:13 GMT
server: cloudflare
etag: W/"5bf507e1-1c78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f7771ebf22488-FRA
x-amz-cf-id: BqEPb2SGCmOu4mtCplP08TJRKKzAUsctx4TCxNtNCCPqsVSCr_6NNA==
expires: Sun, 04 Oct 2020 02:39:40 GMT

GET
H2 200 logo_footer.png
pronto-core-cdn.prontomarketing.com/2/wp-content/uploads/sites/515/2014/05/ 6 KB
7 KB 24ms
20ms Image
image/webp 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/uploads/sites/515/2014/05/logo_footer.png
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3bd10d1522533f272c8ddd12f61e3e4f3892df9efb2c744fddb3aacdcec6abf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 9462251ec1005d8753d5e222d6623243.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 65429
cf-polished: origFmt=png, origSize=12546
x-cache: Hit from cloudfront
status: 200
content-disposition: inline; filename="logo_footer.webp"
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-length: 6402
cf-request-id: 05ef88fb31000024882506c000000001
pragma: public
last-modified: Wed, 04 Jun 2014 08:53:05 GMT
server: cloudflare
etag: "538ede71-3102"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 22 Dec 2028 06:13:00 GMT
cache-control: public, max-age=259200000
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
cf-ray: 5e5f7771ec0b2488-FRA
access-control-allow-headers: Content-Type
x-amz-cf-id: teIWpkp-r-7T2CdChxpejEVQRXZzDb_XbZ3X6WTzgH_cQG1I4vMngQ==
cf-bgj: imgq:100,h2pri

GET
H2 200 MSP_2017.jpg
pronto-core-cdn.prontomarketing.com/2/wp-content/uploads/sites/515/2014/05/ 5 KB
6 KB 28ms
24ms Image
image/webp 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/uploads/sites/515/2014/05/MSP_2017.jpg
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06dcbc7ddd5bed2b7ff90a7499473cc7be36f95fb1a9e0c07338f2e77f45b96f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 648267
cf-polished: origFmt=jpeg, origSize=6584
x-cache: Hit from cloudfront
status: 200
content-disposition: inline; filename="MSP_2017.webp"
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-length: 5604
cf-request-id: 05ef88fb3100002488401e9000000001
pragma: public
last-modified: Wed, 15 Feb 2017 19:08:48 GMT
server: cloudflare
etag: "58a4a740-19b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 25 Dec 2028 12:46:38 GMT
cache-control: public, max-age=259200000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 5e5f7771ec0c2488-FRA
access-control-allow-headers: Content-Type
x-amz-cf-id: pO-APJt7G_3E0KDWOzTfVKxdCp5DEl2vHflcCClfXDGi1kedo_Pokw==
cf-bgj: imgq:100,h2pri

GET
H2 200 IT_google_review.png
pronto-core-cdn.prontomarketing.com/2/wp-content/uploads/sites/515/2014/05/ 27 KB
27 KB 24ms
20ms Image
image/webp 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/uploads/sites/515/2014/05/IT_google_review.png
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6284a869888d1c4e20cdb3aafe8e7c84021b78f47e690166194e6d9bdc7341fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 65429
cf-polished: origFmt=png, origSize=64923
x-cache: Miss from cloudfront
status: 200
content-disposition: inline; filename="IT_google_review.webp"
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-length: 27496
cf-request-id: 05ef88fb3100002488853ea000000001
pragma: public
last-modified: Thu, 14 Jul 2016 04:09:17 GMT
server: cloudflare
etag: "5787106d-fd9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 07 Jan 2029 07:22:19 GMT
cache-control: public, max-age=259200000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
cf-ray: 5e5f7771ec0d2488-FRA
access-control-allow-headers: Content-Type
x-amz-cf-id: pbQvIfMj1tf4iNEBrmjCblgVxKaojRUJKVQOBfOAS4n1VcORtVGd-Q==
cf-bgj: imgq:100,h2pri

GET
H2 200 sharing.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/jetpack/modules/sharedaddy/ 10 KB
3 KB 18ms
10ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=4
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdc21e1d1c0a67812e193214ac25750e86d3e7d203ceece71cad72c0be2ca40c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325700
cf-polished: origSize=15504
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb2e00002488593d3000000001
pragma: public
last-modified: Fri, 20 Sep 2019 03:44:52 GMT
server: cloudflare
etag: W/"5d844b34-3c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Fri, 16 Oct 2020 20:49:25 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f7771ebf32488-FRA
x-amz-cf-id: eGx8CEcS3dSS9Tu2JHlx7gK5P2EVN4SROaicFlQQW0DZsC5h474bnQ==
cf-bgj: minify

GET
H2 200 pronto_jquery_magnific_popup.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/pronto-magnific-popup/ 28 KB
9 KB 19ms
12ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/pronto-magnific-popup/pronto_jquery_magnific_popup.js?ver=5.4.2
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb70b9cc07531fe496c6727a15a0ddcc4de52301fbbf2b66b68740d1acc33ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325761
cf-polished: origSize=45280
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb2e000024885db94000000001
pragma: public
last-modified: Mon, 14 May 2018 09:02:24 GMT
server: cloudflare
etag: W/"5af950a0-b0e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Mon, 19 Oct 2020 01:56:42 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f7771ebf42488-FRA
x-amz-cf-id: 1oNsZfs9laOzcei-1ytweRltoLsu22Qc1MWRplMaleEjwlhZBzKJeA==
cf-bgj: minify

GET
H2 200 pronto_jquery_initialize.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/pronto-magnific-popup/ 414 B
457 B 21ms
14ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/pronto-magnific-popup/pronto_jquery_initialize.js?ver=5.4.2
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6a1b5f700bc92dd2be0a45fcd1b0afda68ee2d0645420d24bc32e162ffb1f5a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325761
cf-polished: origSize=736
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb2e000024884aaa3000000001
pragma: public
last-modified: Mon, 14 May 2018 09:02:24 GMT
server: cloudflare
etag: W/"5af950a0-2e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Sat, 03 Oct 2020 10:51:05 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f7771ebf52488-FRA
x-amz-cf-id: 5DSemuXBbOxln4r9FqaOgJ7a8dCOOQz_BpY8p8f_5NY8Bg4hlHYsNQ==
cf-bgj: minify

GET
H2 200 jquery.flexnav.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/pronto-sidebar-navigation/js/ 4 KB
1 KB 18ms
11ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/pronto-sidebar-navigation/js/jquery.flexnav.js?ver=4.0
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2724c5c9101f3ff26dae3f9dbcdd60b4ceb05a96c42b4c2e1f44d41646655a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325761
cf-polished: origSize=5751
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb2e00002488149b5000000001
pragma: public
last-modified: Mon, 14 May 2018 09:02:24 GMT
server: cloudflare
etag: W/"5af950a0-1677"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Sun, 18 Oct 2020 13:27:32 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f7771ebf62488-FRA
x-amz-cf-id: 5dvNNKlu9S4P6uTTug8imqahGuCSNckl7a-mpGeZ63wWlOdtTmNyDQ==
cf-bgj: minify

GET
H2 200 skip-link-focus-fix.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/js/ 597 B
490 B 19ms
12ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/js/skip-link-focus-fix.js?ver=20130115
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1603064e2edd4b76a3a5a0e970b1b756000cfe0937c320cb6f223a08b43df0b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325761
cf-polished: origSize=733
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb2e00002488662dc000000001
pragma: public
last-modified: Mon, 14 May 2018 09:02:24 GMT
server: cloudflare
etag: W/"5af950a0-2dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Sat, 03 Oct 2020 11:05:07 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f7771ebf72488-FRA
x-amz-cf-id: 9_O1hRmDsRZsGFIztDUW6VFONbEvNXFtqYeI4hBnalIwkUkqsfr1EA==
cf-bgj: minify

GET
H2 200 comment-reply.min.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-includes/js/ 2 KB
1 KB 18ms
11ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-includes/js/comment-reply.min.js?ver=5.4.2
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2321436
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb2f000024881eb57000000001
pragma: public
last-modified: Wed, 17 Jun 2020 05:10:34 GMT
server: cloudflare
etag: W/"5ee9a5ca-974"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f7771ebf82488-FRA
x-amz-cf-id: zJMRdhgJXAPYHlsOwSAOjj3BVtCPqaKfxdR70299RysFTVqVy5NSLA==
expires: Sun, 04 Oct 2020 12:02:01 GMT

GET
H2 200 jquery.qtip.min.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/js/vendor/ 43 KB
16 KB 22ms
16ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/js/vendor/jquery.qtip.min.js?ver=3.1.19
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6be3d1ab735bc8adc6d3c0688a8f57ebec85887a53488adb13bbb366faa60da7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2320285
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb2f00002488572da000000001
pragma: public
last-modified: Tue, 14 Aug 2018 10:51:58 GMT
server: cloudflare
etag: W/"5b72b44e-ad0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f7771ebf92488-FRA
x-amz-cf-id: oQ9lgj7Xetqp4DrQn19mdJREOuBw0hCXxdhRcoRh7e_RlH00eCU1Ew==
expires: Sat, 17 Oct 2020 11:21:20 GMT

GET
H2 200 moment.min.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/js/vendor/ 50 KB
17 KB 32ms
25ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/js/vendor/moment.min.js?ver=3.1.19
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 814faccbc899c623ea413ca14fe07c55.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2919
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb2f0000248811949000000001
pragma: public
last-modified: Tue, 14 Aug 2018 10:51:58 GMT
server: cloudflare
etag: W/"5b72b44e-c909"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: MXP64-C2
cf-ray: 5e5f7771ebfa2488-FRA
x-amz-cf-id: 5QTQdxF6ETsJvKXR-vvq9Gr3h3tdW1fU9zb26ym51qODBzOikX_Klw==
expires: Tue, 27 Oct 2020 07:42:57 GMT

GET
H2 200 moment-timezone-with-data.min.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/js/vendor/ 180 KB
24 KB 35ms
29ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/js/vendor/moment-timezone-with-data.min.js?ver=3.1.19
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77a9de343eb778a99a51928390593cd92cf9bd277e216be6da96556881fe715a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2320285
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb2f000024880a39a000000001
pragma: public
last-modified: Tue, 14 Aug 2018 10:51:58 GMT
server: cloudflare
etag: W/"5b72b44e-2cf7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f7771ebfb2488-FRA
x-amz-cf-id: MrG0T6FAfmBeICCJnVUlpr9qQYktc48xLXljNebMHrRzo9yC1U_fog==
expires: Mon, 19 Oct 2020 07:30:41 GMT

GET
H2 200 default-calendar.min.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/js/ 5 KB
2 KB 26ms
19ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/js/default-calendar.min.js?ver=3.1.19
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb2b86b706833eebc48de3549e2767386ae5e343703700e39ba77e6017e88f4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2320285
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb30000024880a96a000000001
pragma: public
last-modified: Mon, 20 Aug 2018 03:48:31 GMT
server: cloudflare
etag: W/"5b7a3a0f-13b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f7771ebfd2488-FRA
x-amz-cf-id: dBQ1y439adon9WNFhQAMbG9Z85MUQ69KTJLOAdHvH9P9lMDuS1V66A==
expires: Sat, 17 Oct 2020 12:30:12 GMT

GET
H2 200 lip.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/pronto-lead-insights/js/ 3 KB
1 KB 19ms
13ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/pronto-lead-insights/js/lip.js?ver=20150324
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f49cf987c70df95fda53db7399991e76854f8c5364a61d1b4532073ac60390da

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325761
cf-polished: origSize=5514
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb3000002488812e4000000001
pragma: public
last-modified: Mon, 14 May 2018 09:02:24 GMT
server: cloudflare
etag: W/"5af950a0-158a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Tue, 20 Oct 2020 09:32:59 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f7771ebfe2488-FRA
x-amz-cf-id: e_KXIs0Gle60Tr8U87V4u8hNaoLLnklu7NRmAdti4oisfUCM7SZ5Bg==
cf-bgj: minify

GET
H2 200 imagesloaded.pkgd.min.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/js/vendor/ 5 KB
2 KB 21ms
15ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/google-calendar-events/assets/js/vendor/imagesloaded.pkgd.min.js?ver=3.1.19
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7b3dc94297cd47d4b2195477eff1acd681aa73851590061b58b32fc05a4a007

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2320285
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb3000002488192fe000000001
pragma: public
last-modified: Tue, 14 Aug 2018 10:51:58 GMT
server: cloudflare
etag: W/"5b72b44e-15b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f7771ec002488-FRA
x-amz-cf-id: 5uA6UpHaoTOrx9cnd0a0WRWkgF6QYmehYT3uQ7T3qtxvQX8jgiOV1g==
expires: Tue, 29 Sep 2020 08:07:16 GMT

GET
H2 200 wp-embed.min.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-includes/js/ 1 KB
844 B 18ms
12ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-includes/js/wp-embed.min.js?ver=5.4.2
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325761
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb300000248844b7d000000001
pragma: public
last-modified: Wed, 17 Jun 2020 05:10:34 GMT
server: cloudflare
etag: W/"5ee9a5ca-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f7771ec012488-FRA
x-amz-cf-id: 86cWSsxnhq2Fi7qHb2KyFh4pNpN0bybgIq40yzN7ygKhoOsFu9nzEA==
expires: Mon, 19 Oct 2020 17:01:49 GMT

GET
H/1.1 200
OK disqus.js Show response
www.askbis.com/wp-content/plugins/disqus-comment-system/media/js/ 2 KB
1 KB 37ms
32ms Script
application/javascript 54.72.3.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.askbis.com/wp-content/plugins/disqus-comment-system/media/js/disqus.js?ver=5.4.2
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.72.3.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-3-103.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ffa77dd7afcfeb6eb4458ff34abb51110edac673765b306f56a67f109b564611

Request headers

Referer: https://www.askbis.com/lucky-charm-keeps-hackers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 22 Oct 2020 01:32:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 May 2018 09:02:23 GMT
Server: nginx
ETag: W/"5af9509f-85b"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=2592000, max-age=259200, public
Transfer-Encoding: chunked
X-Cache-Varnish: HIT West
Expires: Fri, 20 Nov 2020 12:54:26 GMT

GET
H/1.1 200
OK count.js Show response
www.askbis.com/wp-content/plugins/disqus-comment-system/media/js/ 879 B
864 B 70ms
32ms Script
application/javascript 54.72.3.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.askbis.com/wp-content/plugins/disqus-comment-system/media/js/count.js?ver=5.4.2
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.72.3.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-3-103.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5aa090666860bfb6aea6fd75dc1fad91145ed250dd67d1df5c38359458a6691e

Request headers

Referer: https://www.askbis.com/lucky-charm-keeps-hackers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 22 Oct 2020 01:32:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 May 2018 09:02:23 GMT
Server: nginx
ETag: W/"5af9509f-36f"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=2592000, max-age=259200, public
Transfer-Encoding: chunked
X-Cache-Varnish: HIT West
Expires: Sat, 21 Nov 2020 00:44:09 GMT

GET
H2 200 jquery.rwdImageMaps.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/uploads/sites/515/scripts/ 1 KB
981 B 20ms
14ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/uploads/sites/515/scripts/jquery.rwdImageMaps.js
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f938d6c19b2fb82401ee3f8db84153160822663b423d82ae9fd680c92a02cb02

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 92deec7c8876604efe2f17b072bc68d7.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 851929
cf-polished: origSize=1882
x-cache: Miss from cloudfront
status: 200
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-encoding: br
cf-request-id: 05ef88fb300000248878850000000001
pragma: public
last-modified: Thu, 31 May 2018 22:02:35 GMT
server: cloudflare
etag: W/"5b1070fb-75a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 29 Dec 2028 04:53:59 GMT
cache-control: public, max-age=259200000
x-amz-cf-pop: HEL50-C1
cf-ray: 5e5f7771ec032488-FRA
access-control-allow-headers: Content-Type
x-amz-cf-id: qWDS4hJcY_6SqQnHz9hTWw-_qXhSHMUaJWkpyZoUxaXkHwnDwDqM2A==
cf-bgj: minify

GET
H/1.1 200
OK 149077.js Show response
secure.care5alea.com/js/ 16 B
408 B 190ms
26ms Script
text/javascript 51.140.39.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.care5alea.com/js/149077.js
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.140.39.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: b33180eee81e03f8c96e6bfe64a91067a030cc0b6f1e8793a32fe1ab9a1279b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 01:32:47 GMT
Content-Encoding: gzip
Server: Kestrel
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, must-revalidate
Transfer-Encoding: chunked
Expires: 0

GET
H2 200 jquery.mmenu.all.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/js/jQuery.mmenu-master/dist/ 58 KB
15 KB 26ms
21ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/js/jQuery.mmenu-master/dist/jquery.mmenu.all.js
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a5417e5f6ca399b82350e9af08a68bf070facbad05754a61728b5eef22bb513

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325667
cf-polished: origSize=62029
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb300000248834357000000001
pragma: public
last-modified: Thu, 30 Aug 2018 08:35:27 GMT
server: cloudflare
etag: W/"5b87ac4f-f24d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Sun, 11 Oct 2020 07:14:34 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 5e5f7771ec042488-FRA
x-amz-cf-id: Jm_iM9M8YHu5HMKTEhig_V4Q2KNy4S4z6EP4B660WQQVDO0-MYbEGg==
cf-bgj: minify

GET
H2 200 getTrackingCode Show response
os368.infusionsoft.app/app/webTracking/ 7 KB
3 KB 204ms
162ms Script
text/javascript 2606:4700::6813:9856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://os368.infusionsoft.app/app/webTracking/getTrackingCode

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9856 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1a9c6940fb184bc792720d866a133e7f5480e07b89410980e49637fcb59e842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000;includeSubDomains
cf-request-id: 05ef88fb55000005bfd1b7e000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 google
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
cf-ray: 5e5f77722d9c05bf-FRA
expires: Thu, 22 Oct 2020 01:32:48 GMT

GET
H2 200 bootstrap.min.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/bootstrap/js/ 27 KB
7 KB 29ms
24ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/bootstrap/js/bootstrap.min.js
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325761
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb3000002488621a3000000001
pragma: public
last-modified: Mon, 14 May 2018 09:02:24 GMT
server: cloudflare
etag: W/"5af950a0-6c4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f7771ec062488-FRA
x-amz-cf-id: YL_z7s5hUr9EgwiC6qQrViZLrTGZ0Cozj-dtt-i1dRBqFgErZULmGQ==
expires: Thu, 01 Oct 2020 06:51:31 GMT

GET
H2 200 main.js Show response
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/js/ 4 KB
2 KB 33ms
28ms Script
application/javascript 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/js/main.js?1594961994
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 636018f811bfbce8cab219d03ac80cfa82ef88786f61c66057c4288923a8957f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2325761
cf-polished: origSize=5046
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05ef88fb31000024880d3b1000000001
pragma: public
last-modified: Fri, 17 Jul 2020 04:59:54 GMT
server: cloudflare
etag: W/"5f11304a-13b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Sat, 10 Oct 2020 15:02:52 GMT
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
cf-ray: 5e5f7771ec072488-FRA
x-amz-cf-id: 8Ri34Y0IwzfZ49wsesgC9atQ84srSebi8m9ikOeF9BFqDc0F5l0uuA==
cf-bgj: minify

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.askbis.com/wp-includes/js/ 14 KB
5 KB 97ms
33ms Script
application/javascript 54.72.3.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.askbis.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.72.3.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-3-103.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: https://www.askbis.com/lucky-charm-keeps-hackers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 22 Oct 2020 01:32:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 05:10:34 GMT
Server: nginx
ETag: W/"5ee9a5ca-364d"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=2592000, max-age=259200, public
Transfer-Encoding: chunked
X-Cache-Varnish: HIT West
Expires: Sat, 21 Nov 2020 00:44:09 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 40ms
5ms Script
text/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 5926
date: Wed, 21 Oct 2020 23:54:02 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 22 Oct 2020 01:54:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/?custom-css=195b43ea68

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fabf9cf808bf1fa32ca4daec3122436ad1a587d0bb4c3a7c670f4cfb78b5721b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Oct 2020 00:04:11 GMT
server: ESF
date: Thu, 22 Oct 2020 01:32:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Oct 2020 01:32:48 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 38ms
8ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 01:32:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=31273
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: pY26PZpmYKZElHqrsJGkvkbAbUkN8RUB35fkkE+v21KehCVZJeFADHwj+ua5aP7h7Wuj9oBm9tfOJJfzfMISUQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 22 Oct 2020 01:32:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.askbis.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:20:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 223935
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:20:33 GMT

GET
H2 200 fa-solid-900.woff2
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/webfonts/ 127 KB
128 KB 94ms
69ms Font
application/octet-stream 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/webfonts/fa-solid-900.woff2?v=5.11.2-pro
Requested by: Host: pronto-core-cdn.prontomarketing.com
URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/css/all.min.css?v=5.11.2-pro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca

Request headers

Origin: https://www.askbis.com
Referer: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/css/all.min.css?v=5.11.2-pro
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 023217e9959f3d2bf7a9884037a36e3a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C2
x-cache: Hit from cloudfront
status: 200
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-length: 129832
cf-request-id: 05ef88fb4f00002b416788f000000001
last-modified: Thu, 07 Nov 2019 07:22:54 GMT
server: cloudflare
etag: "5dc3c64e-1fb28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330368"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5e5f777219c02b41-FRA
access-control-allow-headers: Content-Type
x-amz-cf-id: 1AT4Qqal4xXw6vb2CZmdzEImriv66DJM5pUjK1-TPfhQfFfK43ShKQ==

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.askbis.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:20:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 51133
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Thu, 21 Oct 2021 11:20:35 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 19ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.askbis.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:20:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 51133
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Thu, 21 Oct 2021 11:20:35 GMT

GET
H3-Q050 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v18/ 10 KB
10 KB 20ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.askbis.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:20:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:34 GMT
server: sffe
age: 51133
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9728
x-xss-protection: 0
expires: Thu, 21 Oct 2021 11:20:35 GMT

GET
DATA 200
OK truncated
/ 18 KB
18 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94b293e2c7affa223f0e3a5cfd950030c8aacee84bc93ec5f0d35c7f4e91381b

Request headers

Origin: https://www.askbis.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 1686086811483430 Show response
connect.facebook.net/signals/config/ 234 KB
68 KB 75ms
75ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1686086811483430?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c30b8caaa5fa069c6e3816db70bc6d1ae1268dd8bf026ebf6664f7c90263b43c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: +ojxjW2/q5FJali/o5+tyGqpj22O9xoQWMWWoVHntkj8sNMcy3H6FvH71yDBFUSB3isGzJ/l5t/0nuF7bX3QRA==
x-fb-trip-id: 664085054
date: Thu, 22 Oct 2020 01:32:48 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 01:32:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=69172
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.askbis.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:20:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 51133
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Thu, 21 Oct 2021 11:20:35 GMT

GET
H2 200 fa-brands-400.woff2
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/webfonts/ 74 KB
74 KB 14ms
13ms Font
application/octet-stream 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/webfonts/fa-brands-400.woff2
Requested by: Host: pronto-core-cdn.prontomarketing.com
URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/css/all.min.css?v=5.11.2-pro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b

Request headers

Origin: https://www.askbis.com
Referer: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/css/all.min.css?v=5.11.2-pro
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 b9ff2ec964f1eea80fc668bb9d85ec55.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 164113
x-cache: Hit from cloudfront
status: 200
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-length: 75308
cf-request-id: 05ef88fc1000002b411e171000000001
last-modified: Thu, 07 Nov 2019 07:22:54 GMT
server: cloudflare
etag: "5dc3c64e-1262c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330369"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
cf-ray: 5e5f77734ba52b41-FRA
access-control-allow-headers: Content-Type
x-amz-cf-id: QVMQRX8i6denuTsEaXoUpzJzas8QrIi8L7lUTrAG6iN4ePWLbQqF7w==

GET
H2 200 fa-regular-400.woff2
pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/webfonts/ 156 KB
157 KB 85ms
84ms Font
application/octet-stream 2606:4700:20::ac43:46bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/webfonts/fa-regular-400.woff2?v=5.11.2-pro
Requested by: Host: pronto-core-cdn.prontomarketing.com
URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/css/all.min.css?v=5.11.2-pro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b

Request headers

Origin: https://www.askbis.com
Referer: https://pronto-core-cdn.prontomarketing.com/2/wp-content/themes/phoenix/fontawesome-pro/css/all.min.css?v=5.11.2-pro
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 bcb4a9bca5a3ff00d0520d8a78f560dc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C2
x-cache: Hit from cloudfront
status: 200
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-length: 159884
cf-request-id: 05ef88fc1100002b414a2ed000000001
last-modified: Thu, 07 Nov 2019 07:22:54 GMT
server: cloudflare
etag: "5dc3c64e-2708c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330369"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5e5f77734ba82b41-FRA
access-control-allow-headers: Content-Type
x-amz-cf-id: TZdPqsGKL-wI82RyzaSFRTgKQtxpB8MAcMYoTSmxukcRci80hKe1rQ==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=48767822&utmhn=www.askbis.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E2%80%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2952577-1&cid=575520704.1603330369&jid=1788292868&_v=5.7.2&z=48767822
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2952577-1&cid=575520704.1603330369&jid=1788292868&_v=5.7.2&z=48767822
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2952577-1&cid=575520704.1603330369&jid=1788292868&_v=5.7.2&z=48767822&slf_rd=1&random=260962616

42 B
513 B

37ms
17ms

Image
image/gif

2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2952577-1&cid=575520704.1603330369&jid=1788292868&_v=5.7.2&z=48767822&slf_rd=1&random=260962616

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2952577-1&cid=575520704.1603330369&jid=1788292868&_v=5.7.2&z=48767822&slf_rd=1&random=260962616
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK embed.js Show response
https-www-askbis-com.disqus.com/ 69 KB
23 KB 465ms
404ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://https-www-askbis-com.disqus.com/embed.js

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/wp-content/plugins/disqus-comment-system/media/js/disqus.js?ver=5.4.2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

cf55d8c64aeef2fb227d4e87f5c6002a91fee7af979faee566e69a770def4c07

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 01:32:49 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 22909

GET
H/1.1 200
OK count.js Show response
https-www-askbis-com.disqus.com/ 1 KB
1 KB 82ms
22ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://https-www-askbis-com.disqus.com/count.js

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/wp-content/plugins/disqus-comment-system/media/js/count.js?ver=5.4.2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 01:32:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 704867
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 08 Oct 2020 19:21:32 GMT
Server: nginx
ETag: "5f7f66bc-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H/1.1 200
OK liveVisitAsync.js Show response
frontend.id-visitors.com/FrontEndWeb/Scripts/ 4 KB
2 KB 476ms
117ms Script
application/x-javascript 69.167.130.47
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.id-visitors.com/FrontEndWeb/Scripts/liveVisitAsync.js
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.130.47 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Microsoft-IIS/7.5 /
Resource Hash: d52c8770eb0e1b2064d688c90dfa490a697319e441ebf8b9fe4ddceded719e28

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 01:32:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Sep 2016 21:15:15 GMT
Server: Microsoft-IIS/7.5
ETag: "80731d133b18d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1313

GET
H2 200 hotjar-63393.js Show response
static.hotjar.com/c/ 5 KB
3 KB 116ms
62ms Script
application/javascript 52.85.32.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-63393.js?sv=5

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.32.53 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-32-53.ham50.r.cloudfront.net

Software

Resource Hash

d08070ff450c80954e1d0bc971067231408a61d00798ca33954676d2743fe863

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: HAM50-C1
etag: W/b1c63b34a4828aeb39efa0e5af87c0e9
status: 200
x-cache: RefreshHit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
vary: Accept-Encoding
x-amz-cf-id: 2LGazXYOHeTovjaRwNS5zcjEmmmjeVqkpdrlxpTckqWMXjzXQsUVKA==
via: 1.1 b601b11612dbb318dc18b8b7062715df.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 1020
date: Thu, 22 Oct 2020 01:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 22 Oct 2020 03:15:48 GMT

GET
H/1.1 200
OK WidgetScript Show response
app.purechat.com/VisitorWidget/ 10 KB
4 KB 86ms
24ms Script
application/javascript 99.86.2.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.purechat.com/VisitorWidget/WidgetScript
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.78 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-78.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1539a9c19502014dbabd45ec0ea2f7bebe48a38d37e735b1c73439d4a1b7010

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
ETag: "1e4290c6fcd6d5d40a9c08ce241e23af"
Age: 5823
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 20 Oct 2020 16:27:52 GMT
Server: AmazonS3
Date: Wed, 21 Oct 2020 23:55:46 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
Cache-Control: public,max-age=14400
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: 7tGg3lta6gkLfMYOGVcKMj8t3XreSRQa23HqYkIOJE0y3dmefYIDnA==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 42ms
13ms Script
application/javascript 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: edb66434567b603679a9fd45786ff3b3b2bf3903d0da2e1c5af626688540bcc4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
fastly-restarts: 1
x-cdn: fastly
status: 200
etag: "16423308d2b448e51a13f749cab3576e"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 bottom.js Show response
cdn.simplesat.io/js/widget/ 279 KB
86 KB 177ms
144ms Script
application/javascript 2606:4700:3031::681f:4e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.simplesat.io/js/widget/bottom.js
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681f:4e71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a70ce8cefa650350be5eb488c602720510fd33c8431527e64f5ae739f4e3ff99

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: c701b6df976e65f04186678549f2584f8bc6c64e
date: Thu, 22 Oct 2020 01:32:48 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
status: 200
x-cache-hits: 0
content-encoding: br
cf-request-id: 05ef88fcc200002484bc056000000001
x-served-by: cache-fra19158-FRA
last-modified: Tue, 20 Oct 2020 20:33:04 GMT
server: cloudflare
x-github-request-id: 2F38:4DA8:548B2F:5D45B8:5F90D5D9
x-timer: S1603330369.740916,VS0,VE87
etag: W/"5f8f4980-45a1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330369"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 5e5f77746c8f2484-FRA
x-proxy-cache: MISS
expires: Thu, 22 Oct 2020 00:54:10 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=350946&time=1603330368686&url=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D350946%26time%3D1603330368686%26url%3Dhttps%253A%252F%252Fwww.askbis.com%252Fluck...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=350946&time=1603330368686&url=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&liSync=true

0
80 B

148ms
148ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=350946&time=1603330368686&url=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&liSync=true
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:49 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: T/WB0XksQBaAFpjcSCsAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: u8Gty3ksQBaAcCDCPysAAA==
pragma: no-cache
x-li-pop: afd-prod-eda6
x-msedge-ref: Ref A: CD11CA91194241CFA4F541B351C0E6F0 Ref B: FRAEDGE0814 Ref C: 2020-10-22T01:32:48Z
x-frame-options: sameorigin
date: Thu, 22 Oct 2020 01:32:48 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=350946&time=1603330368686&url=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 main.2424edb5.js Show response
s.pinimg.com/ct/lib/ 48 KB
17 KB 13ms
13ms Script
application/javascript 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2424edb5.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 87ba34a2dac0d833ec28f5da1f52fa5a2b8279152500e1b825e241e4a64ea488

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
status: 200
etag: "f387c9c6b7338963d43f8909d77d8840"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 16965
access-control-expose-headers: X-CDN

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
460 B 44ms
14ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-XXXXXX-XX&cid=575520704.1603330369&jid=588601177&gjid=2102095525&_gid=130864083.1603330369&_u=ISBCgAABAAAAAE~&z=1052988865

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 22 Oct 2020 01:32:48 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.askbis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
424 B 27ms
13ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1332999158&t=pageview&_s=1&dl=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&ul=en-us&de=UTF-8&dt=%E2%80%9CLucky%20Charm%E2%80%9D%20Keeps%20Hackers%20Out%20-%20Mobile%2C%20Pensacola%20%7C%20BIS%2C%20Inc.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=194298429.575520704.1603330369.1603330369.1603330369.1&_utmz=194298429.1603330369.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1603330368718&_u=ISBCgAAB~&jid=588601177&gjid=2102095525&cid=575520704.1603330369&tid=UA-XXXXXX-XX&_gid=130864083.1603330369&z=836487230

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Oct 2020 16:22:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33018
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 614195662655725 Show response
connect.facebook.net/signals/config/ 234 KB
68 KB 74ms
72ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/614195662655725?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1d4ffc045f6cc85a7db84a3236d2f59135a948c25b59979a8b70ace807e58a9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: e2koa/BWK6gxLotxv6jzzZYgCRRAD/oHgAyC1ELDitqZOtdfum6THm22QVHqa9ZY4hGCjSYj7lmDlqtOpvksYg==
x-fb-trip-id: 664085054
date: Thu, 22 Oct 2020 01:32:48 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1686086811483430&ev=PageView&dl=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&rl=&if=false&ts=1603330368734&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1603330368733.823717427&it=1603330368498&coo=false&rqm=GET

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Oct 2020 01:32:48 GMT

GET
H2 200 modules.8892a865463d29e21514.js Show response
script.hotjar.com/ 361 KB
71 KB 78ms
28ms Script
application/javascript 99.86.2.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8892a865463d29e21514.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-63393.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.2.24 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-2-24.fra6.r.cloudfront.net

Software

Resource Hash

96b7353cfc0c512962840bc951b0e1009d3419defac1a37a7b1149e8ea3d43cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 11:51:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 135657
x-cache: Hit from cloudfront
status: 200
content-length: 72450
access-control-allow-origin: *
last-modified: Tue, 20 Oct 2020 11:48:03 GMT
etag: "bdab316b804b450b477b25a55b099ba6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 6-Z2a6oGaDPuZdRR-lYvVxFFfOq-qYhCQ2eX-CQ0H5W6Rl--XoH3-Q==

GET
H2 200 / Show response
ct.pinterest.com/user/ 38 B
512 B 166ms
118ms XHR
application/json 104.75.88.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614042658429&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1603330368749

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2424edb5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
pragma: no-cache
status: 200
x-envoy-upstream-service-time: 7
x-pinterest-rid: 2890325439916356
pin-unauth: dWlkPVl6SXhOVGhtWVRrdFltWmlNaTAwWTJOaUxXSmpaVGt0WXpKaFkyVTROVE0xWTJSaA
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.askbis.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 64
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
301 B 162ms
115ms Image
image/gif 104.75.88.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614042658429&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222424edb5%22%7D&cb=1603330368750

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:48 GMT
referrer-policy: origin
x-cdn: akamai
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 7
content-length: 35
x-pinterest-rid: 0583333195105157
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 804E 0
0 70ms
22ms Document
text/html 99.86.2.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-63393.js?sv=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-113.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html
content-length: 851
date: Mon, 05 Oct 2020 13:02:45 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 05 Oct 2020 11:02:22 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: q6xmYMWLeW7qmt_VWiudsUELpUEGdilnBHGU8FzkAIvJuVs9pt6N7g==
age: 1427403

GET
H2 200 319889745211238 Show response
connect.facebook.net/signals/config/ 234 KB
68 KB 71ms
71ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/319889745211238?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f33be04da7410f4806ffbbc2852736e9a94d644dac4a3522353dbb6531fe5b35

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: B1PZ9s4BQKoYsExB0g/8I1OgTZlW5rC2pGCwQzlVoZUach17hjRRfRvZz/gchWn1Fqj9u4sqaRSn8GwwgCNLEA==
x-fb-trip-id: 664085054
date: Thu, 22 Oct 2020 01:32:48 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=614195662655725&ev=PageView&dl=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&rl=&if=false&ts=1603330368822&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1603330368733.823717427&it=1603330368498&coo=false&rqm=GET

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Oct 2020 01:32:48 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/63393/ 178 B
321 B 114ms
43ms XHR
application/json 34.246.206.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/63393/visit-data?sv=5
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8892a865463d29e21514.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.206.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-206-139.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 / Show response
api.simplesat.io/api/widget/testimonials/ 2 KB
2 KB 249ms
151ms Fetch
application/json 63.34.113.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.simplesat.io/api/widget/testimonials/?owned_by=MTQxNw==&limit=10

Requested by

Host: cdn.simplesat.io
URL: https://cdn.simplesat.io/js/widget/bottom.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.34.113.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-113-57.eu-west-1.compute.amazonaws.com

Software

nginx/1.11.4 /

Resource Hash

3e5bef4f0f8c183a256b795570d9309e2560e5bd26b70a6aa791f10759db5374

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 22 Oct 2020 01:32:49 GMT
allow: GET, HEAD, OPTIONS
server: nginx/1.11.4
x-frame-options: SAMEORIGIN
vary: Accept, Origin
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization
content-length: 2059

GET
DATA 200
OK truncated
/ Frame 436F 396 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43bf8d45a7da34ca190b04e688ec3e387ad06f8ee13326d5dc12aa854a76880e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
242 B 247ms
202ms XHR
text/plain 104.75.88.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2424edb5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:49 GMT
referrer-policy: origin
x-cdn: akamai
status: 204
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 8807188421381234
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 436F 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdeba95e6623f07099d64df2712b9bd43b1eede609b8cf2b176bc8f6f57e3bf9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=319889745211238&ev=PageView&dl=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&rl=&if=false&ts=1603330368990&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1603330368733.823717427&it=1603330368498&coo=false&rqm=GET

Requested by

Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Oct 2020 01:32:48 GMT

GET
H/1.1 200
OK ProcessStats.aspx Show response
frontend.id-visitors.com/FrontEndWeb/ 0
515 B 126ms
125ms Script
text/javascript 69.167.130.47
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.id-visitors.com/FrontEndWeb/ProcessStats.aspx?host=https%3A//www.askbis.com&host_name=www.askbis.com&page=/lucky-charm-keeps-hackers/&query_string=&anchor=&title=%25E2%2580%259CLucky%2520Charm%25E2%2580%259D%2520Keeps%2520Hackers%2520Out%2520-%2520Mobile%252C%2520Pensacola%2520%257C%2520BIS%252C%2520Inc.&cur_sess_id=&cur_visitor_id=&h=3&m=32&s=49&account_id=VS7hW2E2wj&dgmt=Thu,%2022%20Oct%202020%2001:32:49%20GMT&vresol=1600x1200&ref=
Requested by: Host: frontend.id-visitors.com
URL: https://frontend.id-visitors.com/FrontEndWeb/Scripts/liveVisitAsync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.130.47 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Microsoft-IIS/7.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 01:32:47 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private
Content-Length: 119

GET
H2 200 lounge.a8dc02def3107413d47189b1bce61bd9.css
c.disquscdn.com/next/embed/styles/ 0
22 KB 37ms
20ms Other
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.a8dc02def3107413d47189b1bce61bd9.css

Requested by

Host: https-www-askbis-com.disqus.com
URL: https://https-www-askbis-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 195867
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 22091
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Mon, 19 Oct 2020 18:27:03 GMT
server: cloudflare
etag: "5f8dda77-564b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05ef88fe3f000032339d886000000001
accept-ranges: bytes
cf-ray: 5e5f7776c80a3233-FRA
expires: Tue, 19 Oct 2021 19:08:19 GMT

GET
H2 200 common.bundle.847783fd9a0d1b9b80a706571a35d786.js
c.disquscdn.com/next/embed/ 0
93 KB 30ms
13ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.847783fd9a0d1b9b80a706571a35d786.js

Requested by

Host: https-www-askbis-com.disqus.com
URL: https://https-www-askbis-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 195867
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 94905
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Mon, 19 Oct 2020 18:27:03 GMT
server: cloudflare
etag: "5f8dda77-172b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05ef88fe4000003233aa0cb000000001
accept-ranges: bytes
cf-ray: 5e5f7776c80b3233-FRA
expires: Tue, 19 Oct 2021 19:08:19 GMT

GET
H2 200 lounge.bundle.f86a840f3451e5487a277f1443585291.js
c.disquscdn.com/next/embed/ 0
114 KB 36ms
20ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.f86a840f3451e5487a277f1443585291.js

Requested by

Host: https-www-askbis-com.disqus.com
URL: https://https-www-askbis-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 195867
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 115989
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Mon, 19 Oct 2020 18:27:03 GMT
server: cloudflare
etag: "5f8dda77-1c515"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05ef88fe4000003233a2140000000001
accept-ranges: bytes
cf-ray: 5e5f7776c80d3233-FRA
expires: Tue, 19 Oct 2021 19:08:19 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
9 KB 49ms
15ms Other
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: https-www-askbis-com.disqus.com
URL: https://https-www-askbis-com.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 01:32:49 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 12
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 9134
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 8D3B 0
0 285ms
285ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=https-www-askbis-com&t_i=7615%20http%3A%2F%2Faskbis.bypronto.com%2F%3Fp%3D7615&t_u=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&t_e=%E2%80%9CLucky%20Charm%E2%80%9D%20Keeps%20Hackers%20Out&t_d=%E2%80%9CLucky%20Charm%E2%80%9D%20Keeps%20Hackers%20Out%20-%20Mobile%2C%20Pensacola%20%7C%20BIS%2C%20Inc.&t_t=%E2%80%9CLucky%20Charm%E2%80%9D%20Keeps%20Hackers%20Out&s_o=default&l=

Requested by

Host: https-www-askbis-com.disqus.com
URL: https://https-www-askbis-com.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 2660
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Thu, 03 Sep 2020 05:50:24 GMT
ETag: W/"lounge:view:6155159613.b282219f19e8b4e5ca2012ee6dec8b5e.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Thu, 22 Oct 2020 01:32:49 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

POST
H2 200 /
www.facebook.com/tr/ 0
105 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarygBETMGaEBhygQj0M

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 22 Oct 2020 01:32:49 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.askbis.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarysVNsCvlkwCJP0FYN

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 22 Oct 2020 01:32:49 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.askbis.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryqeGJN9H0BdFRaBl0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 22 Oct 2020 01:32:49 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.askbis.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 websiteTriggerIframe
os368.infusionsoft.app/app/webTracking/ Frame BAA8 0
0 160ms
160ms Document
text/html 2606:4700::6813:9856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://os368.infusionsoft.app/app/webTracking/websiteTriggerIframe

Requested by

Host: os368.infusionsoft.app
URL: https://os368.infusionsoft.app/app/webTracking/getTrackingCode

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9856 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: os368.infusionsoft.app
:scheme: https
:path: /app/webTracking/websiteTriggerIframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cf_bm=1ce084df2961ca1cb895c61e5656daaad1b23f8a-1603330368-1800-ASigjNRQTKD8hhtlOZ+98k5h0hMwFvAfDzp+265tiqjitjK0akcyf1a5bVdLLOYXocUz8GNK2E+qUSi54v94VnI=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 22 Oct 2020 01:32:49 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=dae938e273bfaa6f15a37665d977cbf8d1603330369; expires=Sat, 21-Nov-20 01:32:49 GMT; path=/; domain=.infusionsoft.app; HttpOnly; SameSite=Lax; Secure JSESSIONID=EFBBC7CEA3D623CA17F3280E0E611EBA; Path=/; Secure; HttpOnly GCLB=CJyokcGzns6LiwE; path=/; HttpOnly; expires=Thu, 22-Oct-2020 13:32:49 GMT __cf_bm=71486ed47d4f3919a2afb16434553d719927b24e-1603330369-1800-ARt55jZ0t/8Vva0jICFeFzysysSDSXpBDD+LyioLmdaWWuv5M5jm2PnrT8J0XA0sqZf5qMiKNFrHRS1U9sqe9Uk=; path=/; expires=Thu, 22-Oct-20 02:02:49 GMT; domain=.infusionsoft.app; HttpOnly; Secure; SameSite=None
pragma: no-cache
cache-control: no-cache, no-store
expires: Thu, 22 Oct 2020 01:32:49 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-language: en-US
vary: Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 05ef89000d000005bf69b06000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5e5f7779aa4905bf-FRA
content-encoding: gzip

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 39 KB
13 KB 70ms
23ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c248f8404721d961fff789b4916e8b2f3ac975ffde32bb370374814712055d59

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: j1Ukz68kZImBJrgt6DlzhQICmRxkgWbz
Content-Encoding: gzip
ETag: "505601f096ee8dbb7ca2aafa3009e00c"
x-amz-request-id: 4A30A1DF02B82D40
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12342
x-amz-id-2: YGWnZLWp3a5Q/+XhlpjWllAZJKOHJKWeLtsAnTJqNwJQeVBUyMtnDCL6xRU42ao8VNLkNHGVEhY=
Last-Modified: Wed, 14 Oct 2020 20:21:11 GMT
Server: AmazonS3
Date: Thu, 22 Oct 2020 01:32:49 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 1481085d-c937-4b15-b105-f9c8fbc4bf81 Show response
widgetapi.purechat.com/api/visitorwidget/widgetversions/ 412 B
747 B 345ms
119ms XHR
application/json 3.13.26.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetapi.purechat.com/api/visitorwidget/widgetversions/1481085d-c937-4b15-b105-f9c8fbc4bf81
Requested by: Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.26.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-26-122.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: e6234342d3f35a585bfd5bac126d884cb9c2ce1241558a9bf306e2e3845ef22c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:49 GMT
server: Microsoft-IIS/10.0
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.askbis.com
access-control-expose-headers: X-Requires-Auth
cache-control: max-age=60
access-control-allow-credentials: true
content-length: 412

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/ 35 B
143 B 7ms
6ms Image
image/gif 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=834417690&utmhn=www.askbis.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E2%80%9CLucky%20Charm%E2%80%9D%20Keeps%20Hackers%20Out%20-%20Mobile%2C%20Pensacola%20%7C%20BIS%2C%20Inc.&utmhid=1332999158&utmr=-&utmp=%2Flucky-charm-keeps-hackers%2F&utmht=1603330369554&utmac=_your_tracking_code_here_&utmcc=__utma%3D194298429.575520704.1603330369.1603330369.1603330369.1%3B%2B__utmz%3D194298429.1603330369.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=rAAAAAAAAAAAAAAAAAAAgAAE~

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Oct 2020 21:35:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14264
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/QRURHZ3E6VADRI6NZBURHN/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

36ms
36ms

Script
application/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 2U8XMvdFINXJNFsilaXONuSvqmREKV3.
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 0A9DFB41B15EF3A2
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 9wtYzl8isf76a+KTcCc0hWCh/ZKrxXSL0KsmsoDDvS1VGgWl/GxdSe7DtPnOmbh4BH+84jF1nEY=
Last-Modified: Fri, 31 Jul 2020 16:11:15 GMT
Server: AmazonS3
Date: Thu, 22 Oct 2020 01:32:49 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Thu, 22 Oct 2020 01:32:49 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/QRURHZ3E6VADRI6NZBURHN/U2KLE2FA3RE33CODUGG6WS/ 0
773 B 67ms
24ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/QRURHZ3E6VADRI6NZBURHN/U2KLE2FA3RE33CODUGG6WS/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8v6pNPIOxavEVdnGoiRZplyB4vfU2Yq2
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 936624CF989FB125
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: iSumAS4uWGQtLtCVfjAyj+q9ybcXsXdPWqYKRQxVOVxmEZRcBNCapztnnDCcHmFnfoIuT41Vb8Q=
Last-Modified: Wed, 21 Oct 2020 03:28:02 GMT
Server: AmazonS3
Date: Thu, 22 Oct 2020 01:32:49 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/QRURHZ3E6VADRI6NZBURHN/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/QRURHZ3E6VADRI6NZBURHN?_s=4704f63cd70dc77bc05de940da1b88b2&_b=2
https://d.adroll.com/consent/check/QRURHZ3E6VADRI6NZBURHN/?_s=4704f63cd70dc77bc05de940da1b88b2&_b=2

394 B
861 B

37ms
35ms

Script
application/javascript

54.72.203.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/QRURHZ3E6VADRI6NZBURHN/?_s=4704f63cd70dc77bc05de940da1b88b2&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.203.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-203-20.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 9aa55aee1e205086f685818309bfcefa026630bb4ea9777a45116a12b436ee9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:49 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: application/javascript
content-length: 394

Redirect headers

status: 302
date: Thu, 22 Oct 2020 01:32:49 GMT
server: nginx/1.18.0
content-length: 105
location: https://d.adroll.com/consent/check/QRURHZ3E6VADRI6NZBURHN/?_s=4704f63cd70dc77bc05de940da1b88b2&_b=2

GET
H/1.1

200
OK

KCA2NWDTV5B3DFX7DBF3XG.js Show response
s.adroll.com/pixel/QRURHZ3E6VADRI6NZBURHN/U2KLE2FA3RE33CODUGG6WS/
Redirect Chain

https://d.adroll.com/pixel/QRURHZ3E6VADRI6NZBURHN/U2KLE2FA3RE33CODUGG6WS?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F...
https://s.adroll.com/pixel/QRURHZ3E6VADRI6NZBURHN/U2KLE2FA3RE33CODUGG6WS/KCA2NWDTV5B3DFX7DBF3XG.js

5 KB
2 KB

50ms
49ms

Script
text/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/QRURHZ3E6VADRI6NZBURHN/U2KLE2FA3RE33CODUGG6WS/KCA2NWDTV5B3DFX7DBF3XG.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d37a83019080b86870604a11a0944a010e4b1009c6fa8221f5a7e2355924548c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 4gsO3NceRC_VCdHwzA2N4z2o8V1hmfsW
Content-Encoding: gzip
ETag: "da8536609df5359d372a94a7eadfca75"
x-amz-request-id: 41A308C5DF9FB57E
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1798
x-amz-id-2: rUSC1efCzGkgjBzSB0sI9dq98tmI39tsfiqKc67ohD2FujgNeQ/95fqv0ExoTMCtn7Zatf6uOFA=
Last-Modified: Tue, 29 Sep 2020 17:43:58 GMT
Server: AmazonS3
Date: Thu, 22 Oct 2020 01:32:49 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

date: Thu, 22 Oct 2020 01:32:49 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: *
x-segment-eid: KCA2NWDTV5B3DFX7DBF3XG
location: https://s.adroll.com/pixel/QRURHZ3E6VADRI6NZBURHN/U2KLE2FA3RE33CODUGG6WS/KCA2NWDTV5B3DFX7DBF3XG.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: U2KLE2FA3RE33CODUGG6WS
x-segment-name: *
x-advertisable-eid: QRURHZ3E6VADRI6NZBURHN
x-conversion-currency

GET
H2 200 alfie.f51946af45e0b561c60f768335c9eb79.js Show response
c.disquscdn.com/next/embed/ 19 KB
7 KB 35ms
33ms Script
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js

Requested by

Host: https-www-askbis-com.disqus.com
URL: https://https-www-askbis-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7753505
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 6605
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Wed, 15 Jan 2020 01:04:45 GMT
server: cloudflare
etag: "5e1e652d-19cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05ef89012500003233b5980000000001
accept-ranges: bytes
cf-ray: 5e5f777b6c223233-FRA
expires: Thu, 14 Jan 2021 09:43:16 GMT

GET
H/1.1 200
OK / Show response
www.askbis.com/lucky-charm-keeps-hackers/ 17 B
289 B 152ms
147ms Script
text/html 54.72.3.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.askbis.com/lucky-charm-keeps-hackers/?cf_action=sync_comments&post_id=7615
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/wp-content/plugins/disqus-comment-system/media/js/disqus.js?ver=5.4.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.72.3.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-3-103.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4534997b249e629ce477624b7616511c9d2cea2f5562dcbf230ea091a0a4135f

Request headers

Referer: https://www.askbis.com/lucky-charm-keeps-hackers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 01:32:49 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Cache-Varnish: MISS West
Accept-Ranges: bytes
Content-Length: 37

GET
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 304 B
926 B 136ms
59ms XHR
text/javascript 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&subId=5267482&v=1&jsonp=vglnk_jsonp_16033303698820
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 65995ba04938b53c8a6709df54a72820dedf0961d4b48ac3ac06e5ea998f517c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 01:32:50 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.askbis.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 304
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
3 KB 25ms
22ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/QRURHZ3E6VADRI6NZBURHN/U2KLE2FA3RE33CODUGG6WS?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&pv=1150978399.611158&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NM.EHVfGEDu2TYFqb1osrv1zRII373EC
Content-Encoding: gzip
ETag: "15441b08d0c4f93b1dd5f533cd361cd8"
x-amz-request-id: 75B93B99450D9821
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2039
x-amz-id-2: LLXPK6WOd/JkL78v3IWpxVYE6WLY0eyso2S9SGWA5fuDVP/IFReKscAk0ef5FiAsTnpUaCbbaQA=
Last-Modified: Mon, 03 Feb 2020 20:32:06 GMT
Server: AmazonS3
Date: Thu, 22 Oct 2020 01:32:49 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 544491869215201 Show response
connect.facebook.net/signals/config/ 234 KB
69 KB 75ms
70ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/544491869215201?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b61a505cf5fbfaa3bb608e925db1969ed32a158761054e579c2d08bfae09498

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: O/F2RnBVu9xbYaGwJ+MhU5G8+4u0U3nhPvrfL5MJSj4tGdTZN+E1l1VxGV6rz8MJdkucp62DijHw5clJ7wYWng==
x-fb-trip-id: 664085054
date: Thu, 22 Oct 2020 01:32:49 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZB...
https://pixel.advertising.com/ups/55980/sync?uid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
125 B

94ms
23ms

Image
text/plain

3.124.119.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.119.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-119-192.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 22 Oct 2020 01:32:50 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:49 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://pixel.advertising.com/ups/55980/sync?uid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
cache-control: no-store, no-cache, must-revalidate
content-length: 167

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6N...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&expiration=1634866369
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&expiration=1634866369&C=1

43 B
1003 B

35ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&expiration=1634866369&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 01:32:50 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 22 Oct 2020 01:32:50 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 01:32:50 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&expiration=1634866369&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Thu, 22 Oct 2020 01:32:50 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&expires=365

0
239 B

98ms
25ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:49 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&expires=365
cache-control: no-store, no-cache, must-revalidate
content-length: 124

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADR...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&rdrctExp=true

0
477 B

89ms
88ms

Image
text/plain

70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&rdrctExp=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 01:32:50 GMT
Cache-Control: no-cache
X-TraceId: 7052735a228dbaae51f4fa41b5fc8cd9
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&rdrctExp=true
Date: Thu, 22 Oct 2020 01:32:50 GMT
X-TraceId: dca4d168638d7f6c901b4bf4ccf77632
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADR...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
1010 B

97ms
22ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 22 Oct 2020 01:32:50 GMT
X-lat: Pug23009:0:287
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:49 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
cache-control: no-store, no-cache, must-revalidate
content-length: 220

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA

0
217 B

54ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
tbl-x-upstream: 10.41.24.10:10213
date: Thu, 22 Oct 2020 01:32:50 GMT
server: nginx
x-fastly-to-nlb-rtt: 1995

Redirect headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:49 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA
cache-control: no-store, no-cache, must-revalidate
content-length: 111

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VA...
https://eb2.3lift.com/xuid?mid=4714&xuid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

25ms
24ms

Image
image/gif

52.58.138.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-138-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 22 Oct 2020 01:32:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

status: 302
date: Thu, 22 Oct 2020 01:32:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4714&xuid=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
499 B

36ms
35ms

Image
image/gif

54.72.203.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.203.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-203-20.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:50 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

Redirect headers

date: Thu, 22 Oct 2020 01:32:50 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN
https://x.bidswitch.net/sync?dsp_id=44&user_id=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA

43 B
410 B

24ms
24ms

Image
image/gif

54.93.211.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.211.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-211-166.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 22 Oct 2020 01:32:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Thu, 22 Oct 2020 01:32:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN
https://ib.adnxs.com/setuid?entity=172&code=YTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA

43 B
1 KB

23ms
22ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 01:32:50 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.70:80
AN-X-Request-Uuid: 47bedd58-ef68-4fb0-944d-42ddfaaf2bbc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 01:32:50 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.244:80
AN-X-Request-Uuid: 022f4da2-5b7a-4330-b758-f666f2064167
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTBlYWZmMTI2Yzc0ODczYTMwOWU5MTE5NGQxYTI1ZjA
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 36ms
34ms Image
image/gif 54.72.203.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.203.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-203-20.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 22 Oct 2020 01:32:50 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.18.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBURHN
https://us-u.openx.net/w/1.0/sd?id=537103138&val=a0eaff126c74873a309e91194d1a25f0
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a0eaff126c74873a309e91194d1a25f0

43 B
180 B

31ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a0eaff126c74873a309e91194d1a25f0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.195.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:50 GMT
via: 1.1 google
server: OXGW/16.195.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 22 Oct 2020 01:32:50 GMT
via: 1.1 google
server: OXGW/16.195.1
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a0eaff126c74873a309e91194d1a25f0
alt-svc: clear
content-length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=c3ef21377211ef31ee073266fef8f26b-1603330369768&arrfrr=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&xid_ch=f&advertisable=QRURHZ3E6VADRI6NZBUR...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=oOr_Emx0hzownpEZTRol8A
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=oOr_Emx0hzownpEZTRol8A&google_tc=
https://d.adroll.com/cm/g/in

42 B
536 B

35ms
34ms

Image
image/gif

54.72.203.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.203.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-203-20.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:50 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:50 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
os368.infusionsoft.app/slices/
Redirect Chain

https://os368.infusionsoft.app/app/webTracking/contact/1603330368590?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=www.askbis.com&location=https://www.askbis.com/lucky-ch...
https://os368.infusionsoft.app/slices/spacer.gif

43 B
573 B

17ms
17ms

Image
image/gif

2606:4700::6813:9856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os368.infusionsoft.app/slices/spacer.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9856 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 65427
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 17 Oct 2020 17:44:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"43-1602956664000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: image/gif;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31488573
cf-request-id: 05ef890213000005bfbf07b000000001
cf-ray: 5e5f777ce8cc05bf-FRA
expires: Thu, 21 Oct 2021 12:22:23 GMT

Redirect headers

date: Thu, 22 Oct 2020 01:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 302
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
pragma: no-cache, no-cache
server: cloudflare
location: /slices/spacer.gif
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
via: 1.1 google
cache-control: no-cache, no-store, no-cache, no-store
cf-request-id: 05ef89016c000005bfd9223000000001
cf-ray: 5e5f777beebe05bf-FRA
expires: Thu, 22 Oct 2020 01:32:49 GMT, -1

GET
H/1.1 200
OK 45 Show response
api-cdn.purechat.com/api/visitorwidget/widget/1481085d-c937-4b15-b105-f9c8fbc4bf81/ 8 KB
3 KB 83ms
24ms XHR
application/json 52.85.32.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-cdn.purechat.com/api/visitorwidget/widget/1481085d-c937-4b15-b105-f9c8fbc4bf81/45
Requested by: Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.32.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-13.ham50.r.cloudfront.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 9ac54bdba1f7c91eddab2b8bf7d75d52539c7049bc2d1b7e65100ea7cee9aa00

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 16:37:43 GMT
Content-Encoding: gzip
Age: 1932906
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: https://www.askbis.com
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding,Origin
Content-Type: application/json; charset=utf-8
Via: 1.1 6c314f9bc806736c483494e492792b33.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: X-Requires-Auth
Cache-Control: public, max-age=31536000
Access-Control-Allow-Credentials: true
X-Amz-Cf-Pop: HAM50-C1
X-Amz-Cf-Id: _QSH5XZMvcZTFm0ci2mriPyeK9hCfOd82HGQ4rG8dYi9NOIihBfGTA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.askbis.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49640
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 11:45:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=544491869215201&ev=PageView&dl=https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F&rl=&if=false&ts=1603330370016&cd[segment_eid]=KCA2NWDTV5B3DFX7DBF3XG&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=29&fbp=fb.1.1603330368733.823717427&it=1603330368498&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Oct 2020 01:32:50 GMT

GET
H/1.1 200
OK version Show response
app.purechat.com/ 1 KB
1 KB 24ms
24ms Script
application/javascript 99.86.2.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.purechat.com/version?_=_&callback=_WidgetJPCB_Version
Requested by: Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.78 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-78.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25baa1d9380509c27cf920f8d8f4ba7d84230886bec54ed8481c301398d2ca22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
ETag: "de88b90e2c619b4ba1d9478ac3d84fdf"
Age: 162
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 20 Oct 2020 16:28:09 GMT
Server: AmazonS3
Date: Thu, 22 Oct 2020 01:30:09 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
Cache-Control: public,max-age=900
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: NGdnIOOH6W37CT9Qo-xpJIwSr8qfPBISOtK-JVgIvEUixHLos796xQ==

GET
H2 200 legacy.1318.js Show response
prod.purechatcdn.com/assets/ 997 KB
205 KB 66ms
41ms Script
application/javascript 2606:4700:3036::6818:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.purechatcdn.com/assets/legacy.1318.js
Requested by: Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76c540398d8add2efc80c646cb0a155c17652425e14fe4ee06e107c2dcb01485

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:50 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 119067
x-cache: Hit from cloudfront
status: 200
content-encoding: br
content-type: application/javascript; charset=utf-8
cf-request-id: 05ef890234000096bcac1d4000000001
last-modified: Tue, 20 Oct 2020 16:27:05 GMT
server: cloudflare
etag: W/"05cefc76fceaceb58e11ac6a9f3a5e20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330370"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
cf-ray: 5e5f777d1a1a96bc-FRA
x-amz-cf-id: -MUQWaSVJBVe2B_c-Vkrg1fwPeKh3ScQOVhLWi1aLuYD1Z_D7NG1-w==

GET
H2 200 / Show response
widgetapi.purechat.com/api/VisitorWidget/ChatAvailable/277587/1481085d-c937-4b15-b105-f9c8fbc4bf81/ 13 B
258 B 340ms
119ms XHR
application/json 3.13.26.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetapi.purechat.com/api/VisitorWidget/ChatAvailable/277587/1481085d-c937-4b15-b105-f9c8fbc4bf81/?externalRequest=false&t=1603330370255
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.26.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-26-122.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d7450ec03c0b60d25bbf75478f20764499dac4f7c671ec12edf3a3677384f101

Request headers

Accept: */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 01:32:50 GMT
server: Microsoft-IIS/10.0
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.askbis.com
access-control-expose-headers: X-Requires-Auth
cache-control: no-cache
access-control-allow-credentials: true
content-length: 13
expires: -1

GET
H2 200 email.webp
prod.purechatcdn.com/content/images/stockwidgetimages/clipart/ 12 KB
13 KB 16ms
15ms Image
binary/octet-stream 2606:4700:3036::6818:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.purechatcdn.com/content/images/stockwidgetimages/clipart/email.webp
Requested by: Host: www.askbis.com
URL: https://www.askbis.com/lucky-charm-keeps-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fc47658d0e665bdea6fcd18b703cd16c2614b3d05ad88287569a41356e4acc2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 01:32:50 GMT
via: 1.1 059f7b4f5f4c20725a3c55323fefb585.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1398802
x-cache: Hit from cloudfront
status: 200
content-type: binary/octet-stream
content-length: 12432
cf-request-id: 05ef890468000096bc81875000000001
last-modified: Mon, 28 Sep 2020 20:36:37 GMT
server: cloudflare
etag: "535c33a79855d27ca9e668c217d23eea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603330371"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: MUC51-C1
accept-ranges: bytes
cf-ray: 5e5f7780aab196bc-FRA
x-amz-cf-id: Q8d9QMVRtsRsigxHqjmnPCEezDkOL9EVitp5Ep97KFWK2hBuJqN9kQ==

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.askbis.com/	1970-01-19 13:22:10	Name: _hjIncludedInPageviewSample Value: 1
.askbis.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
www.askbis.com/	1970-01-19 22:00:34	Name: pc_r Value:
.askbis.com/	1970-01-19 17:44:58	Name: __utmz Value: 194298429.1603330369.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
www.askbis.com/	1970-01-19 22:00:34	Name: pc_lp Value: https%3A%2F%2Fwww.askbis.com%2Flucky-charm-keeps-hackers%2F
www.askbis.com/	1969-12-31 23:59:59	Name: pc_sr Value:
.askbis.com/	1970-01-19 13:22:12	Name: __utmb Value: 194298429.1.10.1603330369
.askbis.com/	1970-01-19 15:31:46	Name: _fbp Value: fb.1.1603330368733.823717427
.askbis.com/	1970-01-19 13:22:10	Name: __utmt Value: 1
.askbis.com/	1970-01-19 13:22:12	Name: _hjAbsoluteSessionInProgress Value: 0
.askbis.com/	1969-12-31 23:59:59	Name: __utmc Value: 194298429
.askbis.com/	1970-01-19 22:07:46	Name: _pin_unauth Value: dWlkPVl6SXhOVGhtWVRrdFltWmlNaTAwWTJOaUxXSmpaVGt0WXpKaFkyVTROVE0xWTJSaA
.askbis.com/	1970-01-20 06:53:22	Name: __utma Value: 194298429.575520704.1603330369.1603330369.1603330369.1
www.askbis.com/	1970-01-23 04:58:10	Name: mtsnb_lastvisit_posts Value: %5B7615%5D
.askbis.com/	1970-01-19 22:07:46	Name: _hjid Value: db7923ad-cc13-435d-a3df-0bf5299f7073
.www.askbis.com/	1970-01-23 04:58:10	Name: mtsnb_lastvisited Value: 1603254179

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://pronto-core-cdn.prontomarketing.com/2/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://pronto-core-cdn.prontomarketing.com/2/wp-content/plugins/pronto-sidebar-navigation/js/jquery.flexnav.js?ver=4.0(Line 4) Message: 1600

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
ajax.googleapis.com
api-cdn.purechat.com
api.simplesat.io
app.purechat.com
bypronto.com
c.disquscdn.com
cdn.simplesat.io
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
d.adroll.com
d.adroll.mgr.consensu.org
disqus.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
frontend.id-visitors.com
https-www-askbis-com.disqus.com
ib.adnxs.com
in.hotjar.com
links.services.disqus.com
os368.infusionsoft.app
os368.infusionsoft.com
pixel.advertising.com
pixel.rubiconproject.com
prod.purechatcdn.com
pronto-core-cdn.prontomarketing.com
px.ads.linkedin.com
r20.rs6.net
s.adroll.com
s.pinimg.com
script.hotjar.com
secure.care5alea.com
simage2.pubmatic.com
snap.licdn.com
ssl.google-analytics.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
us-u.openx.net
vars.hotjar.com
widgetapi.purechat.com
www.askbis.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.linkedin.com
x.bidswitch.net
104.75.88.209
141.226.228.48
151.101.112.64
151.101.12.134
151.101.128.134
172.217.23.130
185.64.190.80
2.18.233.40
2.18.234.21
208.75.122.11
2606:4700:20::ac43:46bf
2606:4700:3031::681f:4e71
2606:4700:3036::6818:7c49
2606:4700::6812:a913
2606:4700::6812:f74
2606:4700::6813:9856
2620:1ec:21::14
2a00:1288:f03d:1fa::4000
2a00:1450:4001:801::200a
2a00:1450:4001:803::2004
2a00:1450:4001:803::2008
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:814::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:824::2002
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9b
2a00:1450:400c:c0a::9b
2a02:26f0:6c00:296::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:9::84
2a05:d018:71c:cc00:be9b:52e7:b021:e50
2a05:f500:11:101::b93f:9005
3.124.119.192
3.13.26.122
34.246.206.139
35.244.159.8
37.252.172.38
51.140.39.77
52.58.138.20
52.85.32.13
52.85.32.53
54.72.203.20
54.72.3.103
54.93.211.166
63.34.113.57
69.167.130.47
69.173.144.138
70.42.32.191
99.86.2.113
99.86.2.24
99.86.2.78
06dcbc7ddd5bed2b7ff90a7499473cc7be36f95fb1a9e0c07338f2e77f45b96f
0791d9c576f8db58aa141f7309d93dcbd79c9a6177f0723b9ab3cb1afe9ff230
0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1603064e2edd4b76a3a5a0e970b1b756000cfe0937c320cb6f223a08b43df0b2
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa
1f188c3017f993444dc8c267139cd5dd9466e29b181ace0f310933aa9c704851
25baa1d9380509c27cf920f8d8f4ba7d84230886bec54ed8481c301398d2ca22
26f7559b1bfb4342ec375109a36cdcd6b002c336ad3b3932c75d5823868ff4f6
2dc22200f64ece18c1413668318154e28f312752a9fcf9d989b8bfccf95632d0
2e1ced1bd0736a56a0c44fd7b3bf8134850398ecddd52a0f5e6e437c5d527999
2e84eb055418b1d5b659bbc2e6022fe0ae37548287e6717e80cc13a2251e5abf
2efd4118b4b96383fec6d38dbac289c0652473bbbae72d509bf4deb435dab036
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3e5bef4f0f8c183a256b795570d9309e2560e5bd26b70a6aa791f10759db5374
42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b
43bf8d45a7da34ca190b04e688ec3e387ad06f8ee13326d5dc12aa854a76880e
4534997b249e629ce477624b7616511c9d2cea2f5562dcbf230ea091a0a4135f
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6d5ac4c77a0cd4dcae820b87afd1ee0b18a72bf0dd8f7de168fd307ac47041
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7
5aa090666860bfb6aea6fd75dc1fad91145ed250dd67d1df5c38359458a6691e
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
6284a869888d1c4e20cdb3aafe8e7c84021b78f47e690166194e6d9bdc7341fe
636018f811bfbce8cab219d03ac80cfa82ef88786f61c66057c4288923a8957f
65995ba04938b53c8a6709df54a72820dedf0961d4b48ac3ac06e5ea998f517c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be3d1ab735bc8adc6d3c0688a8f57ebec85887a53488adb13bbb366faa60da7
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
75d671180eeb634e7a923ec4a930f33e48c9d586e5861f7f12a7175971264d7a
76c540398d8add2efc80c646cb0a155c17652425e14fe4ee06e107c2dcb01485
77a9de343eb778a99a51928390593cd92cf9bd277e216be6da96556881fe715a
784a99d40268afc0eab1bd5c2cd3f4c46e80748dd5d511b5fb53c1abf027eb24
78b7e339a157dcfd478816c0b11e30b622716c383308390e49b9882c011881ab
794c145112c0c3c4ec6b1ff968c5842b1ad2686746e0f781df82aaca3ae8722f
7a5417e5f6ca399b82350e9af08a68bf070facbad05754a61728b5eef22bb513
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8511276a27014cf836b9ebaecd1e2ac49619482c9bcc3d0a080b56e64133348a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87ba34a2dac0d833ec28f5da1f52fa5a2b8279152500e1b825e241e4a64ea488
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b61a505cf5fbfaa3bb608e925db1969ed32a158761054e579c2d08bfae09498
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8fb2b86b706833eebc48de3549e2767386ae5e343703700e39ba77e6017e88f4
8fc47658d0e665bdea6fcd18b703cd16c2614b3d05ad88287569a41356e4acc2
9253337ca1e61322a2786816f554274187178115ce3394297e60d70a2f867c04
94b293e2c7affa223f0e3a5cfd950030c8aacee84bc93ec5f0d35c7f4e91381b
96b7353cfc0c512962840bc951b0e1009d3419defac1a37a7b1149e8ea3d43cc
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9a6146dcfe5d7f577947b6f0387575a43a2c67481632c5b802d77db6ffd3cb2d
9aa55aee1e205086f685818309bfcefa026630bb4ea9777a45116a12b436ee9c
9ac54bdba1f7c91eddab2b8bf7d75d52539c7049bc2d1b7e65100ea7cee9aa00
9eb70b9cc07531fe496c6727a15a0ddcc4de52301fbbf2b66b68740d1acc33ba
a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7
a1d4ffc045f6cc85a7db84a3236d2f59135a948c25b59979a8b70ace807e58a9
a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a70ce8cefa650350be5eb488c602720510fd33c8431527e64f5ae739f4e3ff99
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a9c6940fb184bc792720d866a133e7f5480e07b89410980e49637fcb59e842
b25a64e44873ac61b4c46b4843e7b416ee6fe5e40938a6c57dffb21bbd8d412a
b2724c5c9101f3ff26dae3f9dbcdd60b4ceb05a96c42b4c2e1f44d41646655a2
b33180eee81e03f8c96e6bfe64a91067a030cc0b6f1e8793a32fe1ab9a1279b4
b36c610adf667f8f1f228e6d2390947a81257cdae72b98c1c07cbe50f9ff06d3
b4123676544cd9f03a923e7298752be83cae12883800f63d7175810a095382f8
b54e94d980151a120eb0d3c161b0af28e988d8c2b257d52e9958c6157a631e6b
b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c248f8404721d961fff789b4916e8b2f3ac975ffde32bb370374814712055d59
c30b8caaa5fa069c6e3816db70bc6d1ae1268dd8bf026ebf6664f7c90263b43c
c9b302155b6a82a3f166cf2e7f045a04d4fec13444ce93186fcbc72917a6e0cc
cdc21e1d1c0a67812e193214ac25750e86d3e7d203ceece71cad72c0be2ca40c
cdeba95e6623f07099d64df2712b9bd43b1eede609b8cf2b176bc8f6f57e3bf9
cf55d8c64aeef2fb227d4e87f5c6002a91fee7af979faee566e69a770def4c07
d08070ff450c80954e1d0bc971067231408a61d00798ca33954676d2743fe863
d37a83019080b86870604a11a0944a010e4b1009c6fa8221f5a7e2355924548c
d3bd10d1522533f272c8ddd12f61e3e4f3892df9efb2c744fddb3aacdcec6abf
d52c8770eb0e1b2064d688c90dfa490a697319e441ebf8b9fe4ddceded719e28
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d7450ec03c0b60d25bbf75478f20764499dac4f7c671ec12edf3a3677384f101
da3b53cad6493e4bc3ebc4119f4ac0aaa836719a62badf32047a78efb5a794b0
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6234342d3f35a585bfd5bac126d884cb9c2ce1241558a9bf306e2e3845ef22c
eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25
edb66434567b603679a9fd45786ff3b3b2bf3903d0da2e1c5af626688540bcc4
eebb0081c749d5d90982cbc3878eec483f3487f269bbbd451f3b2c590e82fcba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f1539a9c19502014dbabd45ec0ea2f7bebe48a38d37e735b1c73439d4a1b7010
f33be04da7410f4806ffbbc2852736e9a94d644dac4a3522353dbb6531fe5b35
f49cf987c70df95fda53db7399991e76854f8c5364a61d1b4532073ac60390da
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6a1b5f700bc92dd2be0a45fcd1b0afda68ee2d0645420d24bc32e162ffb1f5a
f7b3dc94297cd47d4b2195477eff1acd681aa73851590061b58b32fc05a4a007
f938d6c19b2fb82401ee3f8db84153160822663b423d82ae9fd680c92a02cb02
fabf9cf808bf1fa32ca4daec3122436ad1a587d0bb4c3a7c670f4cfb78b5721b
ffa77dd7afcfeb6eb4458ff34abb51110edac673765b306f56a67f109b564611
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

www.askbis.com Open in urlscan Pro 54.72.3.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

135 Requests

100 %HTTPS

46 %IPv6

39 Domains

52 Subdomains

48 IPs

7 Countries

1863 kBTransfer

4927 kBSize

16 Cookies

9 Outgoing links

Page URL History

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.askbis.com Open in urlscan Pro
54.72.3.103 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

100 %
HTTPS

46 %
IPv6

39
Domains

52
Subdomains

48
IPs

7
Countries

1863 kB
Transfer

4927 kB
Size

16
Cookies

135 HTTP transactions
3 data transactions