urlscan.io logo urlscan.io
SecurityTrails logo

app.protect-us.eset.com Open in urlscan Pro
209.167.231.27  Public Scan

Go To Rescan Add Verdict Report
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Submission: On June 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 6 countries across 30 domains to perform 56 HTTP transactions. The main IP is 209.167.231.27, located in United States and belongs to NETDYNAMICS, US. The main domain is app.protect-us.eset.com.
This is the only time app.protect-us.eset.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 209.167.231.27 7160 (NETDYNAMICS)
1 209.167.231.17 7160 (NETDYNAMICS)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.108.150.111 16625 (AKAMAI-AS)
4 8 143.204.247.47 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 216.58.205.230 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 172.217.22.2 15169 (GOOGLE)
2 46.101.154.21 14061 (DIGITALOC...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 151.101.12.157 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 199.232.53.140 54113 (FASTLY)
2 99.84.94.51 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
4 23.2.218.8 16625 (AKAMAI-AS)
1 34.238.223.59 14618 (AMAZON-AES)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 104.244.42.195 13414 (TWITTER)
1 2 104.244.42.5 13414 (TWITTER)
2 151.101.36.84 54113 (FASTLY)
2 35.186.226.184 15169 (GOOGLE)
1 52.57.44.100 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
56 30
2    209.167.231.27 (United States)

ASN7160 (NETDYNAMICS, US)
PTR: e027.en25.com
app.protect-us.eset.com
1    209.167.231.17 (United States)

ASN7160 (NETDYNAMICS, US)
PTR: e017.en25.com
s2208.t.eloqua.com
1    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    104.108.150.111 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-150-111.deploy.static.akamaitechnologies.com
images.protect-us.eset.com
img.en25.com
8    143.204.247.47 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-247-47.cph50.r.cloudfront.net
cdn1-prodint.esetstatic.com
1    2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    216.58.205.230 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f6.1e100.net
8117415.fls.doubleclick.net
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net
www.googleadservices.com
2    46.101.154.21 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
front.optimonk.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700:20::ac43:4470 (United States)

ASN13335 (CLOUDFLARENET, US)
www.clickcease.com
1    2a02:26f0:10c:39e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2606:4700::6812:fb0 (United States)

ASN13335 (CLOUDFLARENET, US)
s.pinimg.com
2    199.232.53.140 (Manchester, United Kingdom)

ASN54113 (FASTLY, US)
www.redditstatic.com
alb.reddit.com
2    99.84.94.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-94-51.muc50.r.cloudfront.net
sc-static.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
4    23.2.218.8 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-218-8.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
1    34.238.223.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-223-59.compute-1.amazonaws.com
q.quora.com
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
2    151.101.36.84 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
1    52.57.44.100 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-44-100.eu-central-1.compute.amazonaws.com
epsilon.6sense.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
8 cdn1-prodint.esetstatic.com 4 redirects app.protect-us.eset.com
4 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
4 8117415.fls.doubleclick.net 2 redirects www.googletagmanager.com
3 www.google.de app.protect-us.eset.com
3 www.google.com 1 redirects app.protect-us.eset.com
3 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 www.facebook.com
2 tr.snapchat.com www.googletagmanager.com
2 c.6sc.co j.6sc.co
2 ct.pinterest.com s.pinimg.com
2 t.co 1 redirects
2 px.ads.linkedin.com 1 redirects
2 bat.bing.com
2 connect.facebook.net app.protect-us.eset.com
connect.facebook.net
2 sc-static.net www.googletagmanager.com
sc-static.net
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 front.optimonk.com app.protect-us.eset.com
front.optimonk.com
2 fonts.gstatic.com www.googletagmanager.com
2 images.protect-us.eset.com app.protect-us.eset.com
2 app.protect-us.eset.com 1 redirects
1 epsilon.6sense.com j.6sc.co
1 alb.reddit.com
1 b.6sc.co
1 analytics.twitter.com static.ads-twitter.com
1 www.linkedin.com 1 redirects
1 q.quora.com
1 j.6sc.co app.protect-us.eset.com
1 www.redditstatic.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 www.clickcease.com app.protect-us.eset.com
1 www.googletagmanager.com app.protect-us.eset.com
1 img.en25.com app.protect-us.eset.com
1 fonts.googleapis.com app.protect-us.eset.com
1 s2208.t.eloqua.com app.protect-us.eset.com
56 35

This site contains links to these domains. Also see Links.

Domain
www.eset.com
protects.eset.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.en25.com
DigiCert SHA2 Secure Server CA		 2019-06-21 -
2020-08-19		 a year crt.sh
*.esetstatic.com
Thawte RSA CA 2018		 2019-09-05 -
2021-10-04		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-24 -
2020-10-09		 7 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
*.pinimg.com
DigiCert SHA2 High Assurance Server CA		 2020-05-28 -
2021-06-14		 a year crt.sh
www.redditstatic.com
DigiCert SHA2 Secure Server CA		 2020-04-06 -
2020-10-03		 6 months crt.sh
sc-static.net
DigiCert SHA2 Secure Server CA		 2019-03-11 -
2021-03-15		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.quora.com
Let's Encrypt Authority X3		 2020-05-31 -
2020-08-29		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-03-04 -
2020-09-04		 6 months crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-01-02 -
2020-12-28		 a year crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2019-06-05 -
2020-07-22		 a year crt.sh
*.reddit.com
DigiCert SHA2 Secure Server CA		 2020-04-06 -
2020-10-03		 6 months crt.sh
tr.snapchat.com
DigiCert SHA2 Secure Server CA		 2019-02-19 -
2021-02-23		 2 years crt.sh
*.6sense.com
Amazon		 2019-08-16 -
2020-09-16		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Frame ID: 54DCB3E42EE65155D85152B1CC4E5D0B
Requests: 53 HTTP requests in this frame

Frame: http://8117415.fls.doubleclick.net/activityi;dc_pre=COnz5LaxieoCFYjiuwgdxZgNCg;src=8117415;type=b2cac0;cat=us_b20;ord=3143247471355;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=undefined;u11=undefined;u25=N%2FA;~oref=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b
Frame ID: FFF1C99539FA9DF64305E4EF0F424CF8
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=bc40ed80-3c6a-46a0-979f-8a6de2c02fa9
Frame ID: 42767365509228E4642B2919A435C64D
Requests: 1 HTTP requests in this frame

Frame: http://8117415.fls.doubleclick.net/activityi;dc_pre=COGHlbmxieoCFZjJuwgd6rcBYw;src=8117415;type=visit0;cat=us_en0;ord=8790956445857;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=US;u11=undefined;u24=;u25=N%2FA;~oref=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b
Frame ID: 662663FFCF20603B70822F9CDEC6C15F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

56
Requests

73 %
HTTPS

45 %
IPv6

30
Domains

35
Subdomains

30
IPs

6
Countries

673 kB
Transfer

1627 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://app.protect-us.eset.com/e/css/singlePageTemplate.css HTTP 302
  • http://s2208.t.eloqua.com/e/css/singlePageTemplate.css
Request Chain 4
  • http://cdn1-prodint.esetstatic.com/us/assets/usweb/js/lib/jquery-1.11.2.min.js HTTP 301
  • https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/lib/jquery-1.11.2.min.js
Request Chain 5
  • http://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_code.js HTTP 301
  • https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_code.js
Request Chain 6
  • http://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_analytics.js HTTP 301
  • https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_analytics.js
Request Chain 7
  • http://cdn1-prodint.esetstatic.com/us/assets/usweb/js/leadsource.js HTTP 301
  • https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/leadsource.js
Request Chain 9
  • http://8117415.fls.doubleclick.net/activityi;src=8117415;type=b2cac0;cat=us_b20;ord=3143247471355;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=undefined;u11=undefined;u25=N%2FA;~oref=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b HTTP 302
  • http://8117415.fls.doubleclick.net/activityi;dc_pre=COnz5LaxieoCFYjiuwgdxZgNCg;src=8117415;type=b2cac0;cat=us_b20;ord=3143247471355;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=undefined;u11=undefined;u25=N%2FA;~oref=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b
Request Chain 27
  • http://bat.bing.com/bat.js HTTP 307
  • https://bat.bing.com/bat.js
Request Chain 30
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=28675&url=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&time=1592415343951 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D28675%26url%3Dhttp%253A%252F%252Fapp.protect-us.eset.com%252Fe%252Fu%253Fs%253D2208%2526elq%253D9104ed675b3540eb8f97ba10aae6cc1b%26time%3D1592415343951%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=28675&url=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&time=1592415343951&liSync=true
Request Chain 33
  • http://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxk0v&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0 HTTP 301
  • https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxk0v&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Request Chain 51
  • http://8117415.fls.doubleclick.net/activityi;src=8117415;type=visit0;cat=us_en0;ord=8790956445857;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=US;u11=undefined;u24=;u25=N%2FA;~oref=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b HTTP 302
  • http://8117415.fls.doubleclick.net/activityi;dc_pre=COGHlbmxieoCFZjJuwgd6rcBYw;src=8117415;type=visit0;cat=us_en0;ord=8790956445857;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=US;u11=undefined;u24=;u25=N%2FA;~oref=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b
Request Chain 54
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960334613/?random=1218227648&cv=9&fst=*&num=1&value=0&label=XVstCJnrzqUBEJWW9skD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&ig=1&frm=0&url=http://app.protect-us.eset.com/e/u%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&tiba=ESET&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=c1TqXrb3O_rI7_UPgZCH0Ao&sscte=1&crd=&gtd=&eitems=ChEI8P6m9wUQo8mWi8Dyn5vQARIdAIkUzH7nfoqOaJcUsGNYtOz0k6E4mM7r_0a0zWU HTTP 302
  • https://www.google.com/pagead/1p-conversion/960334613/?random=1218227648&cv=9&fst=*&num=1&value=0&label=XVstCJnrzqUBEJWW9skD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&ig=1&frm=0&url=http://app.protect-us.eset.com/e/u%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&tiba=ESET&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=c1TqXrb3O_rI7_UPgZCH0Ao&eitems=ChEI8P6m9wUQo8mWi8Dyn5vQARIdAIkUzH6GkMMX2U1p4iI7w-2JSKyl8cukf5VI_6A&random=725083225&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/960334613/?random=1218227648&cv=9&fst=*&num=1&value=0&label=XVstCJnrzqUBEJWW9skD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&ig=1&frm=0&url=http://app.protect-us.eset.com/e/u%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&tiba=ESET&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=c1TqXrb3O_rI7_UPgZCH0Ao&eitems=ChEI8P6m9wUQo8mWi8Dyn5vQARIdAIkUzH6GkMMX2U1p4iI7w-2JSKyl8cukf5VI_6A&random=725083225&resp=GooglemKTybQhCsO&ipr=y

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request u
app.protect-us.eset.com/e/ 		31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
HTTP/1.1
Server
209.167.231.27 , United States, ASN7160 (NETDYNAMICS, US),
Reverse DNS
e027.en25.com
Software
/
Resource Hash
090f7930507d196af6b46f49283fbb3abdf318fb2f38f4a30294911dafee67f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
app.protect-us.eset.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private,no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options
nosniff
Date
Wed, 17 Jun 2020 17:35:41 GMT
Content-Length
8544
singlePageTemplate.css
s2208.t.eloqua.com/e/css/
Redirect Chain
  • http://app.protect-us.eset.com/e/css/singlePageTemplate.css
  • http://s2208.t.eloqua.com/e/css/singlePageTemplate.css
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://s2208.t.eloqua.com/e/css/singlePageTemplate.css
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
HTTP/1.1
Server
209.167.231.17 , United States, ASN7160 (NETDYNAMICS, US),
Reverse DNS
e017.en25.com
Software
/
Resource Hash

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 17 Jun 2020 17:35:41 GMT
X-Content-Type-Options
nosniff
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location
http://s2208.t.eloqua.com/e/css/singlePageTemplate.css
Cache-Control
private,no-cache, no-store
Content-Type
text/html; charset=utf-8
Content-Length
171
Expires
-1
css
fonts.googleapis.com/ 		5 KB
777 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6bc92b096fa224014e1caa871ae4e6d6c7bcc9a5c5459b893e6bb052b3cb257c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 16:20:28 GMT
server
ESF
date
Wed, 17 Jun 2020 17:35:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jun 2020 17:35:42 GMT
%7B43ade68e-7417-48f1-81b1-f81d0d4ec985%7D_ESET-logo-White-600x90.png
images.protect-us.eset.com/EloquaImages/clients/ESETLLC/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.protect-us.eset.com/EloquaImages/clients/ESETLLC/%7B43ade68e-7417-48f1-81b1-f81d0d4ec985%7D_ESET-logo-White-600x90.png
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
HTTP/1.1
Server
104.108.150.111 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-150-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bfadecce2ccdd4b3d5967de7612680ec91bdf9751de5c92faab8e6c149f4e591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Mar 2017 20:39:32 GMT
ETag
"482def1539dd21:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Wed, 17 Jun 2020 17:35:42 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
11162
Expires
Wed, 17 Jun 2020 17:35:42 GMT
livevalidation_standalone.compressed.js
img.en25.com/i/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.en25.com/i/livevalidation_standalone.compressed.js
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.150.111 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-150-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 13 Apr 2020 16:32:53 GMT
ETag
"c76422eb111d61:0"
Vary
Accept-Encoding
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Wed, 17 Jun 2020 17:35:43 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
3638
Expires
Wed, 17 Jun 2020 17:35:43 GMT
jquery-1.11.2.min.js
cdn1-prodint.esetstatic.com/us/assets/usweb/js/lib/
Redirect Chain
  • http://cdn1-prodint.esetstatic.com/us/assets/usweb/js/lib/jquery-1.11.2.min.js
  • https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/lib/jquery-1.11.2.min.js
94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/lib/jquery-1.11.2.min.js
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.247.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-47.cph50.r.cloudfront.net
Software
Apache /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 21:38:37 GMT
via
1.1 437f7ee4dc994b22e33d571f5f90f36b.cloudfront.net (CloudFront)
server
Apache
age
1195025
status
200
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2628000, public
x-amz-cf-pop
CPH50-C1
x-amz-cf-id
VFFd6OMigE9WEsEH9FdTYZ8df59sDOPJTqGW30c_SXVEG_EPGwvPNw==

Redirect headers

Date
Wed, 17 Jun 2020 17:35:42 GMT
Via
1.1 6cbce7f027770aab1fdecc1818c43a0b.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
CPH50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/lib/jquery-1.11.2.min.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
a1i6sUg-ebQ26qIHKe_S4WFQdCrgijVmhYKRUS-2Z_AwVordNA0Kkw==
s_code.js
cdn1-prodint.esetstatic.com/us/assets/usweb/js/
Redirect Chain
  • http://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_code.js
  • https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_code.js
90 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_code.js
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.247.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-47.cph50.r.cloudfront.net
Software
Apache /
Resource Hash
767048ccfc724ba6aedcb3e20d1d1f16baba4cee5c7c957fb7f4504b290bd6ef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 May 2020 21:49:14 GMT
via
1.1 437f7ee4dc994b22e33d571f5f90f36b.cloudfront.net (CloudFront)
server
Apache
age
2403988
status
200
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2628000, public
x-amz-cf-pop
CPH50-C1
x-amz-cf-id
3h_8Rx5Mr6EdxUHuqnUiBQxXlJfg17Y7yggMoBQwRLHBAK9dJCLVZg==

Redirect headers

Date
Wed, 17 Jun 2020 17:35:42 GMT
Via
1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
CPH50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_code.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
xz42ub1jLPJ08x8py_PvmVZ6acRi1UaHDlFf_jxZxPvwIRAKYN5loQ==
s_analytics.js
cdn1-prodint.esetstatic.com/us/assets/usweb/js/
Redirect Chain
  • http://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_analytics.js
  • https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_analytics.js
61 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_analytics.js
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.247.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-47.cph50.r.cloudfront.net
Software
Apache /
Resource Hash
282d548122e3d98360f8b9bb61fc7f37ce004c933cae913c24db00b3a09aec39
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jun 2020 17:35:43 GMT
via
1.1 437f7ee4dc994b22e33d571f5f90f36b.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
CPH50-C1
status
200
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-amz-cf-id
8kfjtieayLOhuNtEBIRXGc6hif2IzKeQ2y6-TTVJAKOsdHjx29vzzQ==
expires
Sat, 26 Jun 1994 04:00:00 GMT

Redirect headers

Date
Wed, 17 Jun 2020 17:35:42 GMT
Via
1.1 0562d7d213bde9a129ec458c631f9cef.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
CPH50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_analytics.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
Qh5bvyLt6WWcg_wjmRt8rTjc6yfhbwUB7VepgRC76bHO_VIywp2syA==
leadsource.js
cdn1-prodint.esetstatic.com/us/assets/usweb/js/
Redirect Chain
  • http://cdn1-prodint.esetstatic.com/us/assets/usweb/js/leadsource.js
  • https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/leadsource.js
12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/leadsource.js
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.247.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-47.cph50.r.cloudfront.net
Software
Apache /
Resource Hash
a31b5a40f8fe97ca19bc865977b07f48901e5e095cbf838804a2ab0476c2d378
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Jun 2020 21:08:17 GMT
via
1.1 437f7ee4dc994b22e33d571f5f90f36b.cloudfront.net (CloudFront)
server
Apache
age
246446
status
200
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2628000, public
x-amz-cf-pop
CPH50-C1
x-amz-cf-id
SahpvEG-EJ6Q1b6b-BCZiQIK16_iwxw9S4lNknLcOrFgkwN2rMmLAg==

Redirect headers

Date
Wed, 17 Jun 2020 17:35:42 GMT
Via
1.1 9185d752d6f0456185fc3ff8fe29c34b.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
CPH50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/leadsource.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
zdj2-GXuX0n5rkMXSiV3vciEv5JCwwCTliZY_guTiOzkfLJCdI5VXA==
gtm.js
www.googletagmanager.com/ 		292 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06c1490b7d909d7ba0c2ea1e683f145398f27b8992c70fe00466910874dea0ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:42 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71282
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 17:00:38 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Jun 2020 17:35:42 GMT
activityi;dc_pre=COnz5LaxieoCFYjiuwgdxZgNCg;src=8117415;type=b2cac0;cat=us_b20;ord=3143247471355;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=undefined;u11=undefin...
8117415.fls.doubleclick.net/ Frame FFF1
Redirect Chain
  • http://8117415.fls.doubleclick.net/activityi;src=8117415;type=b2cac0;cat=us_b20;ord=3143247471355;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=undefined;u11=undefi...
  • http://8117415.fls.doubleclick.net/activityi;dc_pre=COnz5LaxieoCFYjiuwgdxZgNCg;src=8117415;type=b2cac0;cat=us_b20;ord=3143247471355;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.co...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://8117415.fls.doubleclick.net/activityi;dc_pre=COnz5LaxieoCFYjiuwgdxZgNCg;src=8117415;type=b2cac0;cat=us_b20;ord=3143247471355;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=undefined;u11=undefined;u25=N%2FA;~oref=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Protocol
HTTP/1.1
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s24-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Host
8117415.fls.doubleclick.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin
*
Date
Wed, 17 Jun 2020 17:35:42 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control
no-cache, must-revalidate
Strict-Transport-Security
max-age=21600
Content-Type
text/html; charset=UTF-8
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
cafe
Content-Length
457
X-XSS-Protection
0

Redirect headers

P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin
*
Date
Wed, 17 Jun 2020 17:35:42 GMT
Pragma
no-cache
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control
no-cache, must-revalidate
Follow-Only-When-Prerender-Shown
1
Strict-Transport-Security
max-age=21600
Location
http://8117415.fls.doubleclick.net/activityi;dc_pre=COnz5LaxieoCFYjiuwgdxZgNCg;src=8117415;type=b2cac0;cat=us_b20;ord=3143247471355;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=undefined;u11=undefined;u25=N%2FA;~oref=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b?
Content-Type
text/html; charset=UTF-8
X-Content-Type-Options
nosniff
Server
cafe
Content-Length
0
X-XSS-Protection
0
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin
http://app.protect-us.eset.com

Response headers

date
Thu, 11 Jun 2020 13:03:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
534738
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Fri, 11 Jun 2021 13:03:24 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin
http://app.protect-us.eset.com

Response headers

date
Fri, 12 Jun 2020 16:53:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
434559
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sat, 12 Jun 2021 16:53:03 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Protocol
HTTP/1.1
Server
172.217.22.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 17 Jun 2020 17:35:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
13497728949557021888
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
11020
X-XSS-Protection
0
Expires
Wed, 17 Jun 2020 17:35:42 GMT
preload.js
front.optimonk.com/public/65096/js/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://front.optimonk.com/public/65096/js/preload.js
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
HTTP/1.1
Server
46.101.154.21 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
8706429b46106cd25fafb28ad1a779716c0daf625d87825e6f29f9ba5a90ae26
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Jun 2020 17:35:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-DNS-Prefetch-Control
off
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"9540-qsyBRgnJako1zZ4VhxXqiA89J80"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1350
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/835304237/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/835304237/?random=1592415342924&cv=9&fst=1592415342924&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&tiba=ESET&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7df6ed26dc4be5a067c746a44b2c81b9fed29573b81875cbf095d5a20ca6cdec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jun 2020 17:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1028
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
load
front.optimonk.com/public/65096/js/ 		0
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://front.optimonk.com/public/65096/js/load
Requested by
Host: front.optimonk.com
URL: http://front.optimonk.com/public/65096/js/preload.js
Protocol
HTTP/1.1
Server
46.101.154.21 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 17 Jun 2020 17:35:42 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-DNS-Prefetch-Control
off
X-XSS-Protection
1; mode=block
/
www.google.com/pagead/1p-user-list/835304237/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/835304237/?random=1592415342924&cv=9&fst=1592413200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&frm=0&url=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&tiba=ESET&async=1&fmt=3&is_vtc=1&random=1157556738&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jun 2020 17:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/835304237/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/835304237/?random=1592415342924&cv=9&fst=1592413200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&frm=0&url=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&tiba=ESET&async=1&fmt=3&is_vtc=1&random=1157556738&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jun 2020 17:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
%7B43ade68e-7417-48f1-81b1-f81d0d4ec985%7D_ESET-logo-White-600x90.png
images.protect-us.eset.com/EloquaImages/clients/ESETLLC/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.protect-us.eset.com/EloquaImages/clients/ESETLLC/%7B43ade68e-7417-48f1-81b1-f81d0d4ec985%7D_ESET-logo-White-600x90.png
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
HTTP/1.1
Server
104.108.150.111 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-150-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bfadecce2ccdd4b3d5967de7612680ec91bdf9751de5c92faab8e6c149f4e591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Mar 2017 20:39:32 GMT
ETag
"482def1539dd21:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Wed, 17 Jun 2020 17:35:43 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
11162
Expires
Wed, 17 Jun 2020 17:35:43 GMT
stat.js
www.clickcease.com/monitor/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickcease.com/monitor/stat.js
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c74ace399f4721e003c4aa618f821fe3c8ef2b50c00da01d4e0a57b4fe39dd75

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:43 GMT
content-encoding
br
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
357328
status
200
cf-request-id
0364f2ed5400001f41b73cf200000001
last-modified
Thu, 14 May 2020 14:59:31 GMT
server
cloudflare
etag
W/"f5af-5a59cf1a852bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
5a4e875bbc291f41-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires
Sat, 13 Jun 2020 14:59:43 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Protocol
HTTP/1.1
Server
172.217.22.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 17 Jun 2020 17:35:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
13497728949557021888
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
11020
X-XSS-Protection
0
Expires
Wed, 17 Jun 2020 17:35:43 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Jun 2020 17:35:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=18777
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:43 GMT
content-encoding
gzip
age
63138
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-fra19147-FRA
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1592415344.957524,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
core.js
s.pinimg.com/ct/ 		1 KB
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32d928fe86bb780707559a6beb00ad73d591e69bf2dce01f7f237376a47f1356

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:43 GMT
content-encoding
br
x-cdn
cloudflare
status
200
etag
W/"1c69f43d8748b3f3861936315f8ab53b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-cdn
cache-control
max-age=7200
cf-ray
5a4e875bcf762fa5-FRA
cf-request-id
0364f2ed5a00002fa50227f200000001
server
cloudflare
pixel.js
www.redditstatic.com/ads/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
27fa4ea9b81a686f7e7156100846ac1013826f7f60563a36eb0e356d9879f900

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:44 GMT
content-encoding
gzip
age
35
x-cache
HIT, HIT
status
200
content-length
5813
x-served-by
cache-dca17754-DCA, cache-man4151-MAN
last-modified
Wed, 27 May 2020 23:20:15 GMT
server
snooserv
x-timer
S1592415344.017374,VS0,VE0
etag
"bf63e198bdb8b31bbbcdb1850a06a333"
vary
Accept-Encoding,Origin
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
2, 57
scevent.min.js
sc-static.net/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.84.94.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-94-51.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:44 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
MUC50-C1
status
200
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
5415
via
1.1 24615eefe0727e5d65935ccaddca2f79.cloudfront.net (CloudFront)
x-amz-cf-id
YKAxcSxqHNGMms_q6-Nubx16j9ri9H8A7HEOWt6UrGib_vF2q-56lA==
fbevents.js
connect.facebook.net/en_US/ 		131 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
7QiaK0IC2FdMqwzp+kQxC+x7aa1okTPGUa2FRBu/uzbxFG4ChRxyStdIJCxg1nxmqL8yEAbB9JQKinOa9gTBHA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 17 Jun 2020 17:35:43 GMT, Wed, 17 Jun 2020 17:35:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/
Redirect Chain
  • http://bat.bing.com/bat.js
  • https://bat.bing.com/bat.js
25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:43 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 19:59:59 GMT
x-msedge-ref
Ref A: 2666783A9C0F4B89B8F10E0B77C70C88 Ref B: FRAEDGE1409 Ref C: 2020-06-17T17:35:43Z
status
200
etag
"804946b8613fd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7791

Redirect headers

Location
https://bat.bing.com/bat.js
Non-Authoritative-Reason
HSTS
6si.min.js
j.6sc.co/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://j.6sc.co/6si.min.js
Requested by
Host: app.protect-us.eset.com
URL: http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Protocol
HTTP/1.1
Server
23.2.218.8 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-218-8.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5535d2c567dac9fb9a8eb888a5415164e87c4aa6f08f70a6cc6ab1c0cd3bac12

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Jun 2020 17:35:43 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Apr 2020 02:02:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e9276ac-3997"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
6031
pixel
q.quora.com/_/ad/0ae7195f329a4c5ba5fc6e201a749a51/ 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/0ae7195f329a4c5ba5fc6e201a749a51/pixel?tag=ViewContent&i=gtm&u=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.223.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-223-59.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Jun 2020 17:35:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Q-Stat
,8a257e1c40e6155e8721d35fd4c59499,10.0.0.200,2246,82.102.18.114,,17360087608,1,1592415344.300,0.001,,.,0,0,0.000,0.000,-,0,0,197,158,79,10,26847,,,,,,-,
Content-Type
image/gif
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=28675&url=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&time=1592415343951
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D28675%26url%3Dhttp%253A%252F%252Fapp.protect-us.eset.com%252Fe%252Fu%253Fs%253D22...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=28675&url=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&time=1592415343951&liSync=true
0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=28675&url=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&time=1592415343951&liSync=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:44 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
EZvUjFFlGRawVPSDGCsAAA==

Redirect headers

strict-transport-security
max-age=2592000
x-content-type-options
nosniff
linkedin-action
1
status
302
content-length
0
x-li-uuid
8SnmiFFlGRawVWmynisAAA==
pragma
no-cache
x-li-pop
afd-prod-edc2
x-msedge-ref
Ref A: 6240BFE220CF4927A8E278FB487AF735 Ref B: FRAEDGE0819 Ref C: 2020-06-17T17:35:44Z
date
Wed, 17 Jun 2020 17:35:43 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=28675&url=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&time=1592415343951&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
1479728268971145
connect.facebook.net/signals/config/ 		517 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1479728268971145?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec1b772e296875a7c051b6c319592cb17179c67be4adc63308a96b1d74247ff5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
QwhwlBokre9nhv87XXJy4ZSimvRzEknvVM67hHqmiYcTH0/EuggZn5XaP7Aan+Tk8ouX2lgIAXmWiu/prVCi4Q==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 17 Jun 2020 17:35:44 GMT, Wed, 17 Jun 2020 17:35:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxk0v&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
114
pragma
no-cache
last-modified
Wed, 17 Jun 2020 17:35:44 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
91f59fc626120341df6c587c069e33fc
x-transaction
00172d9f00148f58
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/
Redirect Chain
  • http://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxk0v&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
  • https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxk0v&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxk0v&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
125
pragma
no-cache
last-modified
Wed, 17 Jun 2020 17:35:44 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
f861675c9b4911d31e2c058b76bb7543
x-transaction
001958d700b14fe7
expires
Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

location
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxk0v&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
x-response-time
107
date
Wed, 17 Jun 2020 17:35:44 GMT
server
tsa_f
x-connection-hash
967d6a67d55542c818a9ac307464a2a2
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/999986833/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999986833/?random=1592415343976&cv=9&fst=1592415343976&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&tiba=ESET&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d9002171ea6ba084ef6b13092051f23f20ef44378eea22f8f24788a26a354de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jun 2020 17:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1030
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4064931&Ver=2&mid=211f74f6-8d44-ff2c-f980-b97efe006840&sid=e7290758-89b3-0908-5b1a-e6674c957283&vid=ec166666-598f-85ed-3f25-65dad3c8886e-1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=ESET&kw=contact%20eset&p=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&r=&lt=1907&evt=pageLoad&msclkid=N&sv=1&rn=768139
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Wed, 17 Jun 2020 17:35:43 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 89331F69B66549A3B90CF6838E3A9014 Ref B: FRAEDGE1409 Ref C: 2020-06-17T17:35:43Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.b3497531.js
s.pinimg.com/ct/lib/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.b3497531.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b50d67587d58ae31fe01e9c29a1b1fd30052dc9ff23bb9d6338d4d5ef37e4b8a

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:44 GMT
content-encoding
br
x-cdn
cloudflare
status
200
etag
W/"f2e6a8ceb9ccfc354fc7be76e8a17f07"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-cdn
cache-control
max-age=1209600
cf-ray
5a4e875bffca2fa5-FRA
cf-request-id
0364f2ed7800002fa502281200000001
server
cloudflare
/
ct.pinterest.com/user/ 		38 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2612745082135&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1592415344017
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b3497531.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5f070f5020df45edd9222fa43d3ec4c982aaa0dab04eb2660f0783af02c6807d

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pin-unauth
dWlkPVlqZzBORGd3T1RBdFkyUXpNeTAwT1RobUxUazNNVGd0WXpObU1EbGxNRFpsTmpNeA
date
Wed, 17 Jun 2020 17:35:44 GMT
content-encoding
gzip
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-cdn
fastly
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
http://app.protect-us.eset.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-pinterest-rid
0814349486394976
x-envoy-upstream-service-time
0
content-length
64
pragma
no-cache
/
ct.pinterest.com/v3/ 		35 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2612745082135&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b3497531%22%7D&cb=1592415344019
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jun 2020 17:35:44 GMT
x-cdn
fastly
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
4
x-pinterest-rid
3706965189867531
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
c.6sc.co/ 		7 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://c.6sc.co/
Requested by
Host: j.6sc.co
URL: http://j.6sc.co/6si.min.js
Protocol
HTTP/1.1
Server
23.2.218.8 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-218-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Jun 2020 17:35:44 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
text/html
Access-Control-Allow-Origin
http://app.protect-us.eset.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
7
img.gif
b.6sc.co/v1/beacon/ 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://b.6sc.co/v1/beacon/img.gif?token=c78518760c985e107dca21850cee4915&svisitor=&visitor=724f0844-7463-464e-8d87-83a551beec12&session=345f4578-6b79-4c0f-89e0-03ec2502586d&event=a_pageload&q=%7B%7D&isIframe=false&m=%7B%22description%22%3A%22Best%20IT%20security%20solutions%20for%20your%20home%20and%20business%20devices.%20Try%20ESET%20antivirus%20and%20internet%20security%20solutions%20for%20Windows%2C%20Android%2C%20Mac%20or%20Linux%20OS.%22%2C%22keywords%22%3A%22contact%20eset%22%2C%22title%22%3A%22ESET%22%7D&cb=15344025&r=&thirdParty=%7B%7D
Protocol
HTTP/1.1
Server
23.2.218.8 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-218-8.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Jun 2020 17:35:44 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 19:02:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502962-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
/
c.6sc.co/ 		7 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://c.6sc.co/
Requested by
Host: j.6sc.co
URL: http://j.6sc.co/6si.min.js
Protocol
HTTP/1.1
Server
23.2.218.8 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-218-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Jun 2020 17:35:44 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
text/html
Access-Control-Allow-Origin
http://app.protect-us.eset.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
7
rp.gif
alb.reddit.com/ 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1592415344037&id=t2_fo0gs&event=PageVisit&uuid=9953f538-ce7a-45b7-9add-2f1a35bdd178&s=hGkE%2BG4h6oN53TWQorfTLj5DwCVXj%2Frt%2Fs%2F9lANC5nM%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:44 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-man4144-MAN
x-cache
HIT
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
retry-after
0
x-cache-hits
0
/
www.google.com/pagead/1p-user-list/999986833/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/999986833/?random=1592415343976&cv=9&fst=1592413200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&frm=0&url=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&tiba=ESET&async=1&fmt=3&is_vtc=1&random=979728898&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jun 2020 17:35:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/999986833/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/999986833/?random=1592415343976&cv=9&fst=1592413200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&frm=0&url=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&tiba=ESET&async=1&fmt=3&is_vtc=1&random=979728898&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jun 2020 17:35:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
tr.snapchat.com/cm/ Frame 4276 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=bc40ed80-3c6a-46a0-979f-8a6de2c02fa9
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=bc40ed80-3c6a-46a0-979f-8a6de2c02fa9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b

Response headers

status
200
server
nginx/1.17.3
date
Wed, 17 Jun 2020 17:35:44 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js-sha256-v1.min.js
sc-static.net/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/js-sha256-v1.min.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.84.94.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-94-51.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Origin
http://app.protect-us.eset.com

Response headers

date
Wed, 17 Jun 2020 17:02:17 GMT
content-encoding
gzip
age
2008
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 05 Apr 2019 00:32:08 GMT
server
AmazonS3
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e96f95ae91ddaf74bf5c3845501fcac8.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Type
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
egi0n0T0Z8MYnrNlBV6e5Im6q_HSnsrIEbL8HENE5SxM0_b-5nI33w==
details
epsilon.6sense.com/v1/company/ 		648 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v1/company/details
Requested by
Host: j.6sc.co
URL: http://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.44.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-44-100.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
6f9462baf1b0770218f763ea46f403b5d72bf7cf25c81d491380576edd92fc38

Request headers

Authorization
Token 2170edbaed09d7f0b159b3619b63c73b4ed93ec0
Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
EpsilonCookie
null

Response headers

date
Wed, 17 Jun 2020 17:35:44 GMT
content-encoding
gzip
server
nginx/1.16.0
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://app.protect-us.eset.com
access-control-allow-credentials
true
content-length
400
p
tr.snapchat.com/ 		68 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=bc40ed80-3c6a-46a0-979f-8a6de2c02fa9&ev=PAGE_VIEW&pl=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&ts=1592415344224&rf=&v=1.5&if=false&bt=__LIVE__&intg=gtm&u_c1=7c271235-82c4-483b-b4f6-821af1c5ba74&m_sl=2058&m_rd=2197&m_pi=1880&m_pl=1907&m_ic=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:44 GMT
via
1.1 google
server
nginx/1.17.3
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
/
www.facebook.com/tr/ 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1479728268971145&ev=PageView&dl=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&rl=&if=false&ts=1592415344325&sw=1600&sh=1200&v=2.9.18&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1592415344324.1493411230&it=1592415343968&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:44 GMT, Wed, 17 Jun 2020 17:35:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Wed, 17 Jun 2020 17:35:44 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1479728268971145&ev=Microdata&dl=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&rl=&if=false&ts=1592415344828&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ESET%22%2C%22meta%3Adescription%22%3A%22Contact%20ESET%20to%20get%20pricing%2C%20request%20a%20demo%20or%20learn%20more%20about%20our%20IT%20security%20solutions%20for%20business.%22%2C%22meta%3Akeywords%22%3A%22contact%20eset%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Best%20IT%20security%20solutions%20for%20your%20home%20and%20business%20devices.%20Try%20ESET%20antivirus%20and%20internet%20security%20solutions%20for%20Windows%2C%20Android%2C%20Mac%20or%20Linux%20OS.%22%2C%22og%3Atitle%22%3A%22US%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.eset.com%2Fus%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1592415344827.939000&it=1592415343968&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 17:35:44 GMT, Wed, 17 Jun 2020 17:35:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Wed, 17 Jun 2020 17:35:44 GMT
activityi;dc_pre=COGHlbmxieoCFZjJuwgd6rcBYw;src=8117415;type=visit0;cat=us_en0;ord=8790956445857;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=US;u11=undefined;u24=...
8117415.fls.doubleclick.net/ Frame 6626
Redirect Chain
  • http://8117415.fls.doubleclick.net/activityi;src=8117415;type=visit0;cat=us_en0;ord=8790956445857;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=US;u11=undefined;u24...
  • http://8117415.fls.doubleclick.net/activityi;dc_pre=COGHlbmxieoCFZjJuwgd6rcBYw;src=8117415;type=visit0;cat=us_en0;ord=8790956445857;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.co...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://8117415.fls.doubleclick.net/activityi;dc_pre=COGHlbmxieoCFZjJuwgd6rcBYw;src=8117415;type=visit0;cat=us_en0;ord=8790956445857;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=US;u11=undefined;u24=;u25=N%2FA;~oref=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Protocol
HTTP/1.1
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s24-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Host
8117415.fls.doubleclick.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin
*
Date
Wed, 17 Jun 2020 17:35:47 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control
no-cache, must-revalidate
Strict-Transport-Security
max-age=21600
Content-Type
text/html; charset=UTF-8
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
cafe
Content-Length
462
X-XSS-Protection
0

Redirect headers

P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin
*
Date
Wed, 17 Jun 2020 17:35:47 GMT
Pragma
no-cache
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control
no-cache, must-revalidate
Follow-Only-When-Prerender-Shown
1
Strict-Transport-Security
max-age=21600
Location
http://8117415.fls.doubleclick.net/activityi;dc_pre=COGHlbmxieoCFZjJuwgd6rcBYw;src=8117415;type=visit0;cat=us_en0;ord=8790956445857;gtm=2wg6a0;auiddc=1471799254.1592415343;u8=app.protect-us.eset.com%2Fe%2Fu;u10=US;u11=undefined;u24=;u25=N%2FA;~oref=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b?
Content-Type
text/html; charset=UTF-8
X-Content-Type-Options
nosniff
Server
cafe
Content-Length
0
X-XSS-Protection
0
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK
Protocol
HTTP/1.1
Server
172.217.22.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 17 Jun 2020 17:35:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
13497728949557021888
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
11020
X-XSS-Protection
0
Expires
Wed, 17 Jun 2020 17:35:47 GMT
/
www.googleadservices.com/pagead/conversion/960334613/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/960334613/?random=1592415347908&cv=9&fst=1592415347908&num=1&value=0&label=XVstCJnrzqUBEJWW9skD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fapp.protect-us.eset.com%2Fe%2Fu%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&tiba=ESET&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
1085f677d60318279250aead600af7009b8c526e91a153c1448f45e2ba494860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jun 2020 17:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1195
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/960334613/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960334613/?random=1218227648&cv=9&fst=*&num=1&value=0&label=XVstCJnrzqUBEJWW9skD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
  • https://www.google.com/pagead/1p-conversion/960334613/?random=1218227648&cv=9&fst=*&num=1&value=0&label=XVstCJnrzqUBEJWW9skD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd...
  • https://www.google.de/pagead/1p-conversion/960334613/?random=1218227648&cv=9&fst=*&num=1&value=0&label=XVstCJnrzqUBEJWW9skD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=...
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/960334613/?random=1218227648&cv=9&fst=*&num=1&value=0&label=XVstCJnrzqUBEJWW9skD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&ig=1&frm=0&url=http://app.protect-us.eset.com/e/u%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&tiba=ESET&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=c1TqXrb3O_rI7_UPgZCH0Ao&eitems=ChEI8P6m9wUQo8mWi8Dyn5vQARIdAIkUzH6GkMMX2U1p4iI7w-2JSKyl8cukf5VI_6A&random=725083225&resp=GooglemKTybQhCsO&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://app.protect-us.eset.com/e/u?s=2208&elq=9104ed675b3540eb8f97ba10aae6cc1b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jun 2020 17:35:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jun 2020 17:35:48 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/960334613/?random=1218227648&cv=9&fst=*&num=1&value=0&label=XVstCJnrzqUBEJWW9skD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6a0&sendb=1&ig=1&frm=0&url=http://app.protect-us.eset.com/e/u%3Fs%3D2208%26elq%3D9104ed675b3540eb8f97ba10aae6cc1b&tiba=ESET&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=c1TqXrb3O_rI7_UPgZCH0Ao&eitems=ChEI8P6m9wUQo8mWi8Dyn5vQARIdAIkUzH6GkMMX2U1p4iI7w-2JSKyl8cukf5VI_6A&random=725083225&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager function| postscribe object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| OptiMonkRegistry object| OptiMonk function| ns function| LiveValidation function| LiveValidationForm object| Validate object| dom0 object| field0 object| dom1 object| field1 object| dom2 object| field2 function| handleFormSubmit function| resetSubmitButton function| addChangeHandler string| form object| nodes undefined| node undefined| selectedValue undefined| j number| len string| defaultHiddenFieldNameValue function| getQueryStringParamValue function| setCampaign function| $ function| jQuery string| scode_host object| scode_domains string| s_account object| s boolean| isiOS function| s_doPlugins function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Integrate function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in number| s_objectID number| s_giq object| ESETTrack object| ESETUtil object| CryptoJS object| ESETAnalytics object| ESETLeadSource function| eventInit boolean| csat1000 function| getParameterByName string| cjeventid object| now number| time number| expTime function| readCookie object| script string| target object| elem string| _linkedin_data_partner_id string| qp function| twq function| pintrk function| rdt function| snaptr function| fbq function| _fbq object| uetq object| _6si function| lintrk boolean| _already_called_lintrk object| twttr function| UET object| regeneratorRuntime object| ccConsole boolean| ccinstalled function| _onCCResponse boolean| _storagePopulated object| true object| scpixel

1 Cookies

Domain/Path Name / Value
.eset.com/ Name: _gcl_au
Value: 1.1.1471799254.1592415343

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8117415.fls.doubleclick.net
alb.reddit.com
analytics.twitter.com
app.protect-us.eset.com
b.6sc.co
bat.bing.com
c.6sc.co
cdn1-prodint.esetstatic.com
connect.facebook.net
ct.pinterest.com
epsilon.6sense.com
fonts.googleapis.com
fonts.gstatic.com
front.optimonk.com
googleads.g.doubleclick.net
images.protect-us.eset.com
img.en25.com
j.6sc.co
px.ads.linkedin.com
q.quora.com
s.pinimg.com
s2208.t.eloqua.com
sc-static.net
snap.licdn.com
static.ads-twitter.com
t.co
tr.snapchat.com
www.clickcease.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
104.108.150.111
104.244.42.195
104.244.42.5
143.204.247.47
151.101.12.157
151.101.36.84
172.217.22.2
199.232.53.140
209.167.231.17
209.167.231.27
216.58.205.230
23.2.218.8
2606:4700:20::ac43:4470
2606:4700::6812:fb0
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:814::200a
2a00:1450:4001:819::2003
2a00:1450:4001:825::2008
2a02:26f0:10c:39e::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
34.238.223.59
35.186.226.184
46.101.154.21
52.57.44.100
99.84.94.51
06c1490b7d909d7ba0c2ea1e683f145398f27b8992c70fe00466910874dea0ec
090f7930507d196af6b46f49283fbb3abdf318fb2f38f4a30294911dafee67f6
1085f677d60318279250aead600af7009b8c526e91a153c1448f45e2ba494860
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
27fa4ea9b81a686f7e7156100846ac1013826f7f60563a36eb0e356d9879f900
282d548122e3d98360f8b9bb61fc7f37ce004c933cae913c24db00b3a09aec39
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
32d928fe86bb780707559a6beb00ad73d591e69bf2dce01f7f237376a47f1356
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5535d2c567dac9fb9a8eb888a5415164e87c4aa6f08f70a6cc6ab1c0cd3bac12
5f070f5020df45edd9222fa43d3ec4c982aaa0dab04eb2660f0783af02c6807d
6bc92b096fa224014e1caa871ae4e6d6c7bcc9a5c5459b893e6bb052b3cb257c
6d9002171ea6ba084ef6b13092051f23f20ef44378eea22f8f24788a26a354de
6f9462baf1b0770218f763ea46f403b5d72bf7cf25c81d491380576edd92fc38
767048ccfc724ba6aedcb3e20d1d1f16baba4cee5c7c957fb7f4504b290bd6ef
7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6
7df6ed26dc4be5a067c746a44b2c81b9fed29573b81875cbf095d5a20ca6cdec
8706429b46106cd25fafb28ad1a779716c0daf625d87825e6f29f9ba5a90ae26
a31b5a40f8fe97ca19bc865977b07f48901e5e095cbf838804a2ab0476c2d378
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b50d67587d58ae31fe01e9c29a1b1fd30052dc9ff23bb9d6338d4d5ef37e4b8a
b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bfadecce2ccdd4b3d5967de7612680ec91bdf9751de5c92faab8e6c149f4e591
c74ace399f4721e003c4aa618f821fe3c8ef2b50c00da01d4e0a57b4fe39dd75
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec1b772e296875a7c051b6c319592cb17179c67be4adc63308a96b1d74247ff5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a