secure1.mhelpdesk.com Open in urlscan Pro
52.205.7.138 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure1.mhelpdesk.com/
Effective URL:
https://secure1.mhelpdesk.com/SignIn.aspx
Submission: On January 14 via manual (January 14th 2023, 12:39:12 am UTC) from US — Scanned from DE

Summary HTTP 90 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 54 IPs in 9 countries across 49 domains to perform 90 HTTP transactions. The main IP is 52.205.7.138, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is secure1.mhelpdesk.com. The Cisco Umbrella rank of the primary domain is 373693.
TLS certificate: Issued by Amazon on December 29th 2022. Valid for: a year.

This is the only time secure1.mhelpdesk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.228.94.63 34.228.94.63	14618 (AMAZON-AES) (AMAZON-AES)
1 18	52.205.7.138 52.205.7.138	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	104.73.15.163 104.73.15.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:212... 2600:9000:2127:800:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::622	54113 (FASTLY) (FASTLY)
1	52.84.186.90 52.84.186.90	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206e:5a00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.95.34 65.9.95.34	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	50.18.157.153 50.18.157.153	16509 (AMAZON-02) (AMAZON-02)
1 2	52.58.161.171 52.58.161.171	16509 (AMAZON-02) (AMAZON-02)
1 1	142.251.208.162 142.251.208.162	15169 (GOOGLE) (GOOGLE)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	18.192.136.217 18.192.136.217	16509 (AMAZON-02) (AMAZON-02)
1	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
1	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.193.170.26 18.193.170.26	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.106 185.86.139.106	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	18.156.32.70 18.156.32.70	16509 (AMAZON-02) (AMAZON-02)
1	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.51.133.63 52.51.133.63	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.120.82.27 3.120.82.27	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4264:b002:6706:c84b:49fb	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.194.137.201 54.194.137.201	16509 (AMAZON-02) (AMAZON-02)
3	34.107.204.85 34.107.204.85	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.229.18.25 54.229.18.25	16509 (AMAZON-02) (AMAZON-02)
1	3.16.134.16 3.16.134.16	16509 (AMAZON-02) (AMAZON-02)
90	54

1 34.228.94.63 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-94-63.compute-1.amazonaws.com

secure1.mhelpdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.205.7.138 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-7-138.compute-1.amazonaws.com

secure1.mhelpdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.73.15.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-73-15-163.deploy.static.akamaitechnologies.com

js.appcenter.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:800:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.186.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-186-90.cdg50.r.cloudfront.net

djnf6e5yyirys.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:5a00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-34.prg50.r.cloudfront.net

cdn1.friendbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.18.157.153 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-157-153.us-west-1.compute.amazonaws.com

ws.friendbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.161.171 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-161-171.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.208.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.101 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.136.217 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-136-217.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.170.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-170-26.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.32.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.133.63 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-133-63.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.82.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-82-27.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:b002:6706:c84b:49fb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.137.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-137-201.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.204.85 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.204.107.34.bc.googleusercontent.com

app.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.18.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-18-25.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.16.134.16 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-16-134-16.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	mhelpdesk.com 2 redirects secure1.mhelpdesk.com — Cisco Umbrella Rank: 373693	431 KB
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 385 mug.criteo.com — Cisco Umbrella Rank: 2848 sslwidget.criteo.com — Cisco Umbrella Rank: 1703 widget.us.criteo.com — Cisco Umbrella Rank: 20872 dis.criteo.com — Cisco Umbrella Rank: 703	14 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 216	5 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22	20 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 373 www.linkedin.com — Cisco Umbrella Rank: 592 px4.ads.linkedin.com — Cisco Umbrella Rank: 6336	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5983	872 B
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1019 B
4	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 771 app.pendo.io — Cisco Umbrella Rank: 1662	130 KB
3	friendbuy.com cdn1.friendbuy.com — Cisco Umbrella Rank: 34131 ws.friendbuy.com — Cisco Umbrella Rank: 40690	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 352	12 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 201	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1338	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274	508 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 648	853 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 207	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 276	879 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 153	136 KB
2	gstatic.com fonts.gstatic.com	32 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1760	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 604	339 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1905	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4376	525 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 28310	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2270	183 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 654	582 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1313	882 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2560	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 393	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 745	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1425	162 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 794	55 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 333	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1864	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1248	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 565	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 507	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 306	239 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 712	145 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 543	787 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 820	375 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 637	14 KB
1	cloudfront.net djnf6e5yyirys.cloudfront.net	42 KB
1	wistia.com fast.wistia.com — Cisco Umbrella Rank: 3806	118 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 675	5 KB
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1630
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	87 KB
1	intuit.com js.appcenter.intuit.com — Cisco Umbrella Rank: 183893
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
90	49

	Domain	Requested by
19	secure1.mhelpdesk.com	2 redirects secure1.mhelpdesk.com
5	gum.criteo.com	4 redirects static.criteo.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com secure1.mhelpdesk.com
4	www.google.de	secure1.mhelpdesk.com
4	www.google.com	1 redirects secure1.mhelpdesk.com
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
3	app.pendo.io	cdn.pendo.io
3	bat.bing.com	www.googletagmanager.com bat.bing.com secure1.mhelpdesk.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	ws.friendbuy.com	djnf6e5yyirys.cloudfront.net
2	www.facebook.com	secure1.mhelpdesk.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	secure1.mhelpdesk.com connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	e1.emxdgt.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com	secure1.mhelpdesk.com
1	sslwidget.criteo.com	1 redirects
1	cdn1.friendbuy.com	djnf6e5yyirys.cloudfront.net
1	mug.criteo.com	secure1.mhelpdesk.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	secure1.mhelpdesk.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	static.criteo.net	www.googletagmanager.com
1	djnf6e5yyirys.cloudfront.net	secure1.mhelpdesk.com
1	fast.wistia.com	www.googletagmanager.com
1	cdn.pendo.io	secure1.mhelpdesk.com
1	snap.licdn.com	www.googletagmanager.com
1	script.crazyegg.com	www.googletagmanager.com
1	www.googletagmanager.com	secure1.mhelpdesk.com
1	js.appcenter.intuit.com	secure1.mhelpdesk.com
1	fonts.googleapis.com	secure1.mhelpdesk.com
90	59

This site contains links to these domains. Also see Links.

Domain
mhelpdesk.com
www.mhelpdesk.com
news.mhelpdesk.com
api.homeadvisor.com

Subject Issuer	Validity	Valid
*.mhelpdesk.com Amazon	`2022-12-29` - `2024-01-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.appcenter.intuit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-22` - `2023-04-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-08`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
cdn.pendo.io Amazon	`2022-07-30` - `2023-08-28`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-23` - `2023-01-21`	3 months	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.friendbuy.com Amazon	`2022-03-29` - `2023-04-26`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-01-05` - `2023-04-05`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
itm.ivitrack.com R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
pendo.io GTS CA 1D4	`2022-12-26` - `2023-03-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://secure1.mhelpdesk.com/SignIn.aspx
Frame ID: 219E145C2A8833769F6D759F1B40EFF2
Requests: 59 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=secure1.mhelpdesk.com&origin=onetag
Frame ID: F31301C6815AAC19E5AA6E43F2B8A5D4
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-iQpyO7gWVsJEvf8XP0skylvQuL7kZu2_-d-qGw&expires=30
Frame ID: B9E15A078588F1CA1DF1F28F4F4F52DC
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

mHelpDesk Login

Page URL History Show full URLs

http://secure1.mhelpdesk.com/ HTTP 301
https://secure1.mhelpdesk.com/ HTTP 302
https://secure1.mhelpdesk.com/SignIn.aspx Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

86 %
HTTPS

34 %
IPv6

49
Domains

59
Subdomains

54
IPs

9
Countries

1056 kB
Transfer

3229 kB
Size

56
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://mhelpdesk.com/

Search URL Search Domain Scan URL

URL: https://www.mhelpdesk.com/pricing/
Title: Pricing

Search URL Search Domain Scan URL

URL: https://www.mhelpdesk.com/tour/
Title: Tour

Search URL Search Domain Scan URL

URL: https://www.mhelpdesk.com/mobile-app/
Title: Mobile App

Search URL Search Domain Scan URL

URL: https://www.mhelpdesk.com/customers/
Title: Customers

Search URL Search Domain Scan URL

URL: http://news.mhelpdesk.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.mhelpdesk.com/free-trial/
Title: Free Trial

Search URL Search Domain Scan URL

URL: https://www.mhelpdesk.com/user-agreement/
Title: user terms

Search URL Search Domain Scan URL

URL: https://api.homeadvisor.com/resource/oauth/authorize?client_id=mhelpdesk&response_type=code&redirect_uri=https://secure1.mhelpdesk.com/SignIn.aspx&scope=personal_information
Title: Sign in with HomeAdvisor

Search URL Search Domain Scan URL

URL: http://mhelpdesk.com/free-trial/
Title: Sign Up

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure1.mhelpdesk.com/ HTTP 301
https://secure1.mhelpdesk.com/ HTTP 302
https://secure1.mhelpdesk.com/SignIn.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/969018260/?random=1673656746546&cv=11&fst=1673656746546&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&uaw=0 HTTP 302
https://www.google.com/pagead/1p-user-list/969018260/?random=1673656746546&cv=11&fst=1673654400000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&is_vtc=1&random=3188205522 HTTP 302
https://www.google.de/pagead/1p-user-list/969018260/?random=1673656746546&cv=11&fst=1673654400000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&is_vtc=1&random=3188205522&ipr=y

Request Chain 34

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1289826&time=1673656746611&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1289826%26time%3D1673656746611%26url%3Dhttps%253A%252F%252Fsecure1.mhelpdesk.com%252FSignIn.aspx%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1289826&time=1673656746611&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1289826&time=1673656746611&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&liSync=true&e_ipv6=AQLo-ACvJeqtPgAAAYWtt0Qk-7_VWZjqYJGzArU7EtazVHwigiB3E-dW42jLgJbL34ZZbPMtNHlOsg

Request Chain 51

https://gum.criteo.com/sid/json?origin=onetag&domain=mhelpdesk.com&sn=ChromeSyncframe&so=0&topUrl=secure1.mhelpdesk.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_jWg0XxsVlNIVDd1MWZ5RzZxK2ZqRkY3YmhwTnFRZkM2R21TQzBUd0I3TXh6OVpWWWZZQkd5NklYcFVNaWdTRGI4KzZGZXFvSURGNXZlYTFuSnhFck9iSEhVa2I3aFVwTmJuUGVid1dZNDZMWGRNTGlUUGI0SHUxSDdMUG5BMk5BS08vWGV0cXZ0b3VqeTFEYkJXUVVFZlNMVGtZWUk2VElVckZ6N2dKQjNXVWpZN1dMNzZTT1JTRTM3dGd1YndYRWY1VTRUSEhBMnJaN2gzN2x3dWVVT0xSUmhuV2srQ0pucUs1Qk0xVzVacmdOSlpkU1ppZmIyV0gzMkxtV1ZVTHRSLzg1VGgyd1NYak0zQnhzOUlGazhtL3lJZz09fA&cppv=2

Request Chain 53

https://sslwidget.criteo.com/event?a=48956&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255Bemail%255D&p2=e%3Dvc%26id%3D1673656746736%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=QkOSml8wejVMQW9UWnA3MmlWR1J0NkVRQUFjdUdYbDI2cmFVdVlaZTVFWlduaWduTzBJbUZtdEVIUkRVbXdSTWJqdThYQ2VkRldxTG5SNXhET28zSkglMkZZck1aOFh0aE1EUVIybzh5ekVuVEFjSVp6dmc0VCUyQm5EZW8lMkI1SXFDU3BSTVpDOWhsbWdTcnlMOUJIdndIcTcyVWN4cmclM0QlM0Q&tld=mhelpdesk.com&fu=https%253A%252F%252Fsecure1.mhelpdesk.com%252FSignIn.aspx&dtycbr=2210 HTTP 302
https://widget.us.criteo.com/event?a=48956&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255Bemail%255D&p2=e%3Dvc%26id%3D1673656746736%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=QkOSml8wejVMQW9UWnA3MmlWR1J0NkVRQUFjdUdYbDI2cmFVdVlaZTVFWlduaWduTzBJbUZtdEVIUkRVbXdSTWJqdThYQ2VkRldxTG5SNXhET28zSkglMkZZck1aOFh0aE1EUVIybzh5ekVuVEFjSVp6dmc0VCUyQm5EZW8lMkI1SXFDU3BSTVpDOWhsbWdTcnlMOUJIdndIcTcyVWN4cmclM0QlM0Q&tld=mhelpdesk.com&fu=https%253A%252F%252Fsecure1.mhelpdesk.com%252FSignIn.aspx&dtycbr=2210

Request Chain 57

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-iQpyO7gWVsJEvf8XP0skylvQuL7kZu2_-d-qGw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-iQpyO7gWVsJEvf8XP0skylvQuL7kZu2_-d-qGw&expires=30

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-WS-EM7gWVsJEvf8XP0skylvQuL4tlp1GAJjs2w&google_cm&google_hm=ay1XUy1FTTdnV1ZzSkV2ZjhYUDBza3lsdlF1TDR0bHAxR0FKanMydw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-WS-EM7gWVsJEvf8XP0skylvQuL4tlp1GAJjs2w&google_gid=CAESEMXhFFBTaWbVLMGhesXroA4&google_cver=1&google_ula=913071,0

Request Chain 59

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5699555564924079600

Request Chain 60

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-0W1_obgWVsJEvf8XP0skylvQuL6258wo4ogyug HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0W1_obgWVsJEvf8XP0skylvQuL6258wo4ogyug

Request Chain 69

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JErb_bgWVsJEvf8XP0skylvQuL61KgAr3zFrzw HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JErb_bgWVsJEvf8XP0skylvQuL61KgAr3zFrzw&verify=true

Request Chain 73

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-CB3Z9rgWVsJEvf8XP0skylvQuL4hDVZANWDjhg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-CB3Z9rgWVsJEvf8XP0skylvQuL4hDVZANWDjhg&C=1

Request Chain 74

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Tw3SbQsWnDNUuM7KJ2Pbbr90iVOcIlgw HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Tw3SbQsWnDNUuM7KJ2Pbbr90iVOcIlgw

Request Chain 86

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=tNhDK4ukomgKm7hja4Ym2mmFB5XUgBM3

Request Chain 87

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=54v1L6kFwoOCYQKdNO8XS3f76bFrfMK0

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request SignIn.aspx Show response
secure1.mhelpdesk.com/
Redirect Chain

http://secure1.mhelpdesk.com/
https://secure1.mhelpdesk.com/
https://secure1.mhelpdesk.com/SignIn.aspx

21 KB
8 KB

108ms
108ms

Document
text/html

52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: ff343a83cfeed583ba4363d726808fd403b7ebfef9a36be23e54419332fc118b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 7486
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 00:39:05 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private
content-length: 935
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 00:39:05 GMT
location: https://secure1.mhelpdesk.com/SignIn.aspx
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319

GET
H2 200 WebResource.axd
secure1.mhelpdesk.com/ 1 KB
1 KB 103ms
102ms Stylesheet
text/css 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure1.mhelpdesk.com/WebResource.axd?d=E-A6ScWagod7BwqK7EmMNZ-HFA17ISnwbyWcNbxTkW7kvAtYfg6MGW7vMY5uozCw7P2GM-CtNUoP0SLlVsEKN6ZzgcGOgQGQvIwL83_5byCS9KXsg2XYZOSJJEx5XKh9sdr00w2&t=638058373880000000
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: e04277cf6e1b95128d9352758661fe9b77a4a5482622d4fc1ccf211b2cfd95f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:05 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:43:08 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: text/css
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
cache-control: public
content-length: 786
expires: Sat, 13 Jan 2024 05:33:51 GMT

GET
H2 200 jquery Show response
secure1.mhelpdesk.com/bundles/js/ 98 KB
44 KB 221ms
219ms Script
application/x-javascript 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure1.mhelpdesk.com/bundles/js/jquery?v=N_Oqp0K3kwtQ5ioKe4PYp1wlnmuqXyrBhls2aQ_lXQk1
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: bf849a3999662673e0b9b84106c48afeab467e37b1c060bab50d52f815fad8d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:05 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 00:38:01 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: User-Agent,Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
cache-control: public
content-length: 44523
expires: Sun, 14 Jan 2024 00:38:01 GMT

GET
H2 200 jquery-migrate Show response
secure1.mhelpdesk.com/bundles/js/ 0
553 B 121ms
119ms Script
text/plain 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure1.mhelpdesk.com/bundles/js/jquery-migrate?v=
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:05 GMT
last-modified: Sat, 14 Jan 2023 00:38:01 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: User-Agent
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
cache-control: public
content-length: 0
expires: Sun, 14 Jan 2024 00:38:01 GMT

GET
H2 200 mhd-custom.19702120.css
secure1.mhelpdesk.com/Content/mhd-custom/dist/ 82 KB
22 KB 218ms
217ms Stylesheet
text/css 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure1.mhelpdesk.com/Content/mhd-custom/dist/mhd-custom.19702120.css
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: f96e267bfa2be56e37ed84644c6004a3bf526a99d00a122b27486d5337836802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:05 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:42:30 GMT
server: Microsoft-IIS/10.0
etag: "05fcd90c88d91:0"
vary: Accept-Encoding
content-type: text/css
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
accept-ranges: bytes
content-length: 21651

GET
H2 200 clip-one
secure1.mhelpdesk.com/bundles/css/ 460 KB
106 KB 320ms
319ms Stylesheet
text/css 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure1.mhelpdesk.com/bundles/css/clip-one?v=B1c3wLsUXw9o0wX1A4_17XIF0hGVSAZX3lfvMkx91xc1
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: f88ac59dcf55e568017468f3b8736ea12675948f04d5cf3cbda96b3501635db3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:05 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 00:38:01 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
cache-control: public
expires: Sun, 14 Jan 2024 00:38:01 GMT

GET
H2 200 Default.mhelpdesk.20131006.css
secure1.mhelpdesk.com/Style/Default/ 3 KB
2 KB 119ms
118ms Stylesheet
text/css 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure1.mhelpdesk.com/Style/Default/Default.mhelpdesk.20131006.css
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 879370cd54f5a6e15bc75e83d7b67b81dc41b367ecfa584cc5b037a0c74e4842

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:05 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:30:32 GMT
server: Microsoft-IIS/10.0
etag: "044d7e4c68d91:0"
vary: Accept-Encoding
content-type: text/css
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
accept-ranges: bytes
content-length: 1185

GET
H2 200 mhd--signin-logo.png
secure1.mhelpdesk.com/images/ 2 KB
2 KB 104ms
103ms Image
image/png 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure1.mhelpdesk.com/images/mhd--signin-logo.png
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 3655ae79f11e8dd845b4f149101333f8458d1bb9f2e6e9b532ea214f359897c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
last-modified: Mon, 05 Dec 2022 16:30:40 GMT
server: Microsoft-IIS/10.0
etag: "0f89be9c68d91:0"
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-type: image/png
accept-ranges: bytes
content-length: 1541

GET
H2 200 WebResource.axd Show response
secure1.mhelpdesk.com/ 23 KB
6 KB 103ms
102ms Script
application/x-javascript 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure1.mhelpdesk.com/WebResource.axd?d=pynGkmcFUV3lzWYsVz1Jl4B-sLnV7fZUfMTiCnwE_lKVT0Bc0PzFuVFHE981&t=637729440413207958
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 23:40:41 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
cache-control: public
content-length: 6007
expires: Sat, 13 Jan 2024 05:33:51 GMT

GET
H2 200 Telerik.Web.UI.WebResource.axd Show response
secure1.mhelpdesk.com/ 244 KB
60 KB 122ms
121ms Script
application/x-javascript 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure1.mhelpdesk.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen%3a14a9c2eb-bf69-4b0e-9aa0-eb85640f0e43%3aea597d4b%3ab25378d2%3bTelerik.Web.UI%2c+Version%3d2021.3.1111.45%2c+Culture%3dneutral%2c+PublicKeyToken%3d121fae78165ba3d4%3aen%3ab406acc5-0028-4c73-8915-a9da355d848a%3a16e4e7cd%3aed16cbdc
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 597f6ee18003c2fddfb8feeb8fde04adfeaf1e9bb2996d54f797c35b3a92bf39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: User-Agent
content-type: application/x-javascript
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
cache-control: public, max-age=31536000
content-length: 61260
expires: Sun, 14 Jan 2024 00:38:01 GMT

GET
H2 200 home-advisor-logo.png
secure1.mhelpdesk.com/images/ 524 B
1 KB 108ms
107ms Image
image/png 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure1.mhelpdesk.com/images/home-advisor-logo.png
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: a44592aa0910dcad7a2c47d52137dd60540b1207d9335bebc1b04545c13fdcf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
last-modified: Mon, 05 Dec 2022 16:30:40 GMT
server: Microsoft-IIS/10.0
etag: "0f89be9c68d91:0"
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-type: image/png
accept-ranges: bytes
content-length: 524

GET
H2 200 intuit-logo.png
secure1.mhelpdesk.com/images/ 895 B
1 KB 109ms
109ms Image
image/png 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure1.mhelpdesk.com/images/intuit-logo.png
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 3cef063dc8f1ad1f3c43fbb484c52ae6197cfd8cabb1ea0a9d6093db9276d5f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
last-modified: Mon, 05 Dec 2022 16:30:40 GMT
server: Microsoft-IIS/10.0
etag: "0f89be9c68d91:0"
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-type: image/png
accept-ranges: bytes
content-length: 895

GET
H2 200 WebResource.axd Show response
secure1.mhelpdesk.com/ 4 KB
3 KB 103ms
102ms Script
application/x-javascript 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure1.mhelpdesk.com/WebResource.axd?d=d4rmeww8WNdIKPn8dcvTVYD__j0NZwljzzcOOXC7UDj64eSh9HQ6rk1V5RRvbP99AmI1rM-3I5-FxxBoTT82Ub7aUk0OXPoWKXQCx4OS9bfe9CYcVhuoJ6lgDGnPa9WTqN3GvQ2&t=638058373880000000
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 2ec76a5cb8250a1612a4e3e5165f1f35f3a196ff281cdad40ba3ea460ce9af6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:43:08 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
cache-control: public
content-length: 2448
expires: Sat, 13 Jan 2024 05:33:51 GMT

GET
H2 200 jquery.validate.min.js Show response
secure1.mhelpdesk.com/libs/clip-one-theme/plugins/jquery-validation/dist/ 21 KB
8 KB 105ms
104ms Script
application/javascript 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure1.mhelpdesk.com/libs/clip-one-theme/plugins/jquery-validation/dist/jquery.validate.min.js
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: b2b6d597b63af5c67ae52bbfc53148bc78343e05c72c3da15966f6640876a59a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:30:44 GMT
server: Microsoft-IIS/10.0
etag: "052feebc68d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
accept-ranges: bytes
content-length: 7950

GET
H2 200 login.js Show response
secure1.mhelpdesk.com/libs/clip-one-theme/js/ 6 KB
2 KB 104ms
104ms Script
application/javascript 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure1.mhelpdesk.com/libs/clip-one-theme/js/login.js
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 80bc49e4e5afb996f21f7c83b1498a2d811f61eaefd5189150b3a3161c09a176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/SignIn.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:30:42 GMT
server: Microsoft-IIS/10.0
etag: "025cdeac68d91:0"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
accept-ranges: bytes
content-length: 1436

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 63ms
24ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:200,300,400,600,700

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/bundles/css/clip-one?v=B1c3wLsUXw9o0wX1A4_17XIF0hGVSAZX3lfvMkx91xc1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 00:39:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Jan 2023 00:39:06 GMT

GET
H2 200 mhd--signin-image.svg
secure1.mhelpdesk.com/images/ 159 KB
160 KB 104ms
103ms Image
image/svg+xml 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure1.mhelpdesk.com/images/mhd--signin-image.svg
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/Content/mhd-custom/dist/mhd-custom.19702120.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 0dc8b8c21c453aa7aa7a8b71ee2d41f840e9e87d5efd873a79e450c2251246b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/Content/mhd-custom/dist/mhd-custom.19702120.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
last-modified: Mon, 05 Dec 2022 16:30:40 GMT
server: Microsoft-IIS/10.0
etag: "0f89be9c68d91:0"
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 162750

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 51ms
14ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure1.mhelpdesk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 13:14:53 GMT
x-content-type-options: nosniff
age: 41053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 13:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 56ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure1.mhelpdesk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 05:09:29 GMT
x-content-type-options: nosniff
age: 70177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 05:09:29 GMT

GET
H/1.1 502
Bad Gateway intuit.ipp.anywhere.js
js.appcenter.intuit.com/Content/IA/ 0
0 1089ms
982ms Script
text/plain 104.73.15.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.appcenter.intuit.com/Content/IA/intuit.ipp.anywhere.js

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.73.15.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-73-15-163.deploy.static.akamaitechnologies.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
strict-transport-security: max-age=31536000
Date: Sat, 14 Jan 2023 00:39:07 GMT
Server: envoy
Access-Control-Allow-Methods: *
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 0
Expires: Sat, 14 Jan 2023 00:39:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
87 KB 73ms
32ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M9VGGQ

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de932f4eefc67df2981d6a9886eb0fdf6712749563d3085ce3959e3da4e8d0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88328
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 00:39:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 110ms
29ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9VGGQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 00:21:53 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1033
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 14 Jan 2023 02:21:53 GMT

GET
H2 410 7942.js
script.crazyegg.com/pages/scripts/0064/ 0
0 280ms
222ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0064/7942.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9VGGQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 14 Jan 2023 00:39:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 7892500a3a0c9196-FRA
content-length: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 80ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9VGGQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 14 Jan 2023 00:39:06 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2E62487998CF4D7A969611D26C133743 Ref B: FRA31EDGE0519 Ref C: 2023-01-14T00:39:06Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/969018260/ 2 KB
1 KB 65ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/969018260/?random=1673656746540&cv=11&fst=1673656746540&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9VGGQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

031a98526761b9474d818ddb0eb2ce680d4c11c3e61ce5381fc08c078507fc15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 866
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963329724/ 2 KB
1 KB 66ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963329724/?random=1673656746544&cv=11&fst=1673656746544&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=All%20Site%20Visits%20-%20Remarket&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9VGGQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8f934ca0716bfc2089c947a69adcf4a9bccce7efe3e25b0da4cf062e5c7dfd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 932
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1067882105/ 2 KB
1 KB 64ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067882105/?random=1673656746546&cv=11&fst=1673656746546&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9VGGQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0805bdf4b59fdb2454dd8186abd1704d6ed7cfed3b26d6ad7dcca97b4832e593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 866
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 59ms
8ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9VGGQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=34439
accept-ranges: bytes
content-length: 4777

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/73fc5830-b8e5-49ef-4c93-89a1262d835e/ 391 KB
130 KB 163ms
66ms Script
application/javascript 2600:9000:2127:800:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/73fc5830-b8e5-49ef-4c93-89a1262d835e/pendo.js
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:800:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 033fe7b11c50913444a81ea31497c2e35929db0391c4a474dc98a3e7a1d7f009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:38:35 GMT
content-encoding: gzip
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 31
x-guploader-uploadid: ADPycduU7HxgiN3PXAjwzBNpfNMRW5Me3KHLyVWAO_-LG5L5ydPTm5L_TOV6aADDwx3yfuC7yPKqqTNGq_BwhfwLmfU6kw
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 132581
last-modified: Thu, 12 Jan 2023 20:28:30 GMT
server: UploadServer
etag: "97b531e74fb00600ebc6fbb46e8255fb"
vary: Accept-Encoding
x-goog-generation: 1673555310090672
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=9ulqWw==, md5=l7Ux50+wBgDrxvu0boJV+w==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 132581
accept-ranges: bytes
x-amz-cf-id: 3vw8kLJ-SOWj9Y3h8njrYTCEemwdltqCcv46Fouulb3A5kY8GHxCGQ==
expires: Sat, 14 Jan 2023 00:46:05 GMT

GET
H2 200 embed_shepherd-v1.js Show response
fast.wistia.com/static/ 648 KB
118 KB 73ms
7ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/static/embed_shepherd-v1.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9VGGQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3798f4d44626f72a549aaffd09e671b2d949ccb811cba6d11ccad28a362f0e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2124
x-cache: HIT, HIT
content-length: 120244
x-served-by: cache-iad-kjyo7100179-IAD, cache-hhn-etou8220050-HHN
x-browser-version: 109
last-modified: Thu, 12 Jan 2023 14:12:53 GMT
x-timer: S1673656747.615461,VS0,VE0
etag: "63c01565-1d5b4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19, 2

GET
H/1.1 200
OK friendbuy.min.js Show response
djnf6e5yyirys.cloudfront.net/js/ 121 KB
42 KB 71ms
19ms Script
application/javascript 52.84.186.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djnf6e5yyirys.cloudfront.net/js/friendbuy.min.js
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.186.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-186-90.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e26bddfe28fe2e8e28c5b25968decb689ebac4300ee117b4c5c472a0600cd343

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: eATjcjBrymkaCY25fDl0wDYs2YHXtSAL
Content-Encoding: gzip
Via: 1.1 51076e0d05d56160dd8ee5148f1f74d8.cloudfront.net (CloudFront)
Date: Sat, 14 Jan 2023 00:14:12 GMT
X-Amz-Cf-Pop: CDG50-P1
Age: 1495
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 20 Oct 2021 20:51:22 GMT
Server: AmazonS3
ETag: W/"6d60ce692f3c7b9f4a8baad4b84d05a7"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=180
X-Amz-Cf-Id: mKSjmlR6xSz2AysquxTpGAoFXg_QPRUS-EL5iS_KgjXcyDA-1tF1aA==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 72ms
31ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9VGGQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
server: nginx
etag: W/"636a704a-a8d9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Jan 2023 00:39:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 63ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Jan 2023 00:39:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oEDcK3qokO6ItYiRVw5jAIhjGPLWlmsOvji5W/zJk8k2KRv6Pr9gOB6fNQ7G5HDmL9ypLUxlKRUtE17hBYfTGA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/969018260/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/969018260/?random=1673656746546&cv=11&fst=1673656746546&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&hn=www.googlead...
https://www.google.com/pagead/1p-user-list/969018260/?random=1673656746546&cv=11&fst=1673654400000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure1.mhelp...
https://www.google.de/pagead/1p-user-list/969018260/?random=1673656746546&cv=11&fst=1673654400000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure1.mhelpd...

42 B
108 B

28ms
28ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/969018260/?random=1673656746546&cv=11&fst=1673654400000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&is_vtc=1&random=3188205522&ipr=y

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/969018260/?random=1673656746546&cv=11&fst=1673654400000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&is_vtc=1&random=3188205522&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1289826/domain/secure1.mhelpdesk.com/ 36 B
375 B 118ms
38ms XHR
application/json 2600:9000:206e:5a00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1289826/domain/secure1.mhelpdesk.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://secure1.mhelpdesk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 23:55:45 GMT
content-encoding: gzip
via: 1.1 19e8b9893b6330d5d62599a448aea7da.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 2601
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 23IE-ITlTiiK5imm5snu5cxzgT8eXheW3oUkmA_4ozi_yFSmCQkaBw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1289826&time=1673656746611&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1289826%26time%3D1673656746611%26url%3Dhttps%253A%252F%252Fsecure1.mhelpdesk.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1289826&time=1673656746611&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1289826&time=1673656746611&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&liSync=true&e_ipv6=AQLo-ACvJeqtPgAAAYWtt0Qk-7_VWZjqYJGzArU7EtazV...

0
268 B

207ms
158ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1289826&time=1673656746611&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&liSync=true&e_ipv6=AQLo-ACvJeqtPgAAAYWtt0Qk-7_VWZjqYJGzArU7EtazVHwigiB3E-dW42jLgJbL34ZZbPMtNHlOsg
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F64F7FE5945C4CFCA1CE0B14150DE877 Ref B: DUS30EDGE0306 Ref C: 2023-01-14T00:39:07Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXyLpPlKqVnkksZI+EypA==

Redirect headers

date: Sat, 14 Jan 2023 00:39:06 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: C8109D6D4CEB4170905ABE9E33FB1CF0 Ref B: FRAEDGE1814 Ref C: 2023-01-14T00:39:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1289826&time=1673656746611&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&liSync=true&e_ipv6=AQLo-ACvJeqtPgAAAYWtt0Qk-7_VWZjqYJGzArU7EtazVHwigiB3E-dW42jLgJbL34ZZbPMtNHlOsg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXyLpPiCzizVucCZVY0Fw==

GET
H2 200 /
www.google.com/pagead/1p-user-list/969018260/ 42 B
108 B 91ms
31ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/969018260/?random=1673656746540&cv=11&fst=1673654400000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&fmt=3&is_vtc=1&random=2121289211&rmt_tld=0&ipr=y

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/969018260/ 42 B
548 B 103ms
27ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/969018260/?random=1673656746540&cv=11&fst=1673654400000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&fmt=3&is_vtc=1&random=2121289211&rmt_tld=1&ipr=y

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1067882105/ 42 B
548 B 49ms
26ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1067882105/?random=1673656746546&cv=11&fst=1673654400000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&fmt=3&is_vtc=1&random=312484363&rmt_tld=0&ipr=y

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1067882105/ 42 B
108 B 59ms
28ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1067882105/?random=1673656746546&cv=11&fst=1673654400000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&fmt=3&is_vtc=1&random=312484363&rmt_tld=1&ipr=y

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/963329724/ 42 B
108 B 27ms
27ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963329724/?random=1673656746544&cv=11&fst=1673654400000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=All%20Site%20Visits%20-%20Remarket&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&fmt=3&is_vtc=1&random=323033467&rmt_tld=0&ipr=y

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/963329724/ 42 B
108 B 57ms
27ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963329724/?random=1673656746544&cv=11&fst=1673654400000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=All%20Site%20Visits%20-%20Remarket&frm=0&url=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&tiba=mHelpDesk%20Login&fmt=3&is_vtc=1&random=323033467&rmt_tld=1&ipr=y

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4007119.js Show response
bat.bing.com/p/action/ 0
120 B 102ms
102ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4007119.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 14 Jan 2023 00:39:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D1272CB8A40046DE8AEEA6BA756B496F Ref B: FRA31EDGE0519 Ref C: 2023-01-14T00:39:06Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
177 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4007119&tm=gtm002&Ver=2&mid=5f8a9397-a4be-49c0-827c-13f38084d7a9&sid=da1719a093a311ed92f011ef78c3500d&vid=da17177093a311ed8e907d0ad8774eaf&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=mHelpDesk%20Login&p=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&r=&lt=1721&evt=pageLoad&sv=1&rn=991368

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 14 Jan 2023 00:39:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0E734F3FAD464BFB8E67E41A0D2DAD54 Ref B: FRA31EDGE0519 Ref C: 2023-01-14T00:39:06Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
149 B 51ms
50ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2139591474&t=pageview&_s=1&dl=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&ul=en-us&de=UTF-8&dt=mHelpDesk%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1106459309&gjid=1656564409&cid=183594478.1673656747&tid=UA-88662464-1&_gid=1826247580.1673656747&_r=1&gtm=2wg1a1M9VGGQ&z=2126228412

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure1.mhelpdesk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure1.mhelpdesk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 29ms
29ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2139591474&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&ul=en-us&de=UTF-8&dt=mHelpDesk%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Custom%20Dimension&ea=CD1%3A%200&el=0&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=183594478.1673656747&tid=UA-88662464-1&_gid=1826247580.1673656747&gtm=2wg1a1M9VGGQ&cd1=0&z=596241549

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 18:07:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23496
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 30ms
29ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2139591474&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&ul=en-us&de=UTF-8&dt=mHelpDesk%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Custom%20Dimension&ea=CD2%3A%200&el=0&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=183594478.1673656747&tid=UA-88662464-1&_gid=1826247580.1673656747&gtm=2wg1a1M9VGGQ&cd2=0&z=1091649623

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 18:07:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23496
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 30ms
30ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2139591474&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&ul=en-us&de=UTF-8&dt=mHelpDesk%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Custom%20Dimension&ea=CD3%3An%2Fa&el=n%2Fa&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=183594478.1673656747&tid=UA-88662464-1&_gid=1826247580.1673656747&gtm=2wg1a1M9VGGQ&cd3=n%2Fa&z=2096774443

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 18:07:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23496
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 650293308781389 Show response
connect.facebook.net/signals/config/ 376 KB
108 KB 75ms
74ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/650293308781389?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

533a930626d1c6ff159140ba04eb092e3a4c93f2abf6f734fad9d807748b1846

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Jan 2023 00:39:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: KMDiqvMMkRYxhGm/X2++1/JytMDTx9jOhyGZF5TFMri5ujLrg0jR38uLWpOMY6zBP1fiugTpMZeD5/zEWq6dFQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F313 15 KB
6 KB 220ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=secure1.mhelpdesk.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://secure1.mhelpdesk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 00:39:05 GMT
server: Kestrel
server-processing-duration-in-ticks: 773838
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
443 B 50ms
18ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-88662464-1&cid=183594478.1673656747&jid=1106459309&gjid=1656564409&_gid=1826247580.1673656747&_u=YEBAAAAAAAAAAC~&z=952908343

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure1.mhelpdesk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 14 Jan 2023 00:39:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure1.mhelpdesk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 68ms
17ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=650293308781389&ev=PageView&dl=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&rl=&if=false&ts=1673656746890&sw=1600&sh=1200&v=2.9.92&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1673656746890.125694636&it=1673656746748&coo=false&rqm=GET

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Jan 2023 00:39:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame F313
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=mhelpdesk.com&sn=ChromeSyncframe&so=0&topUrl=secure1.mhelpdesk.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=_jWg0XxsVlNIVDd1MWZ5RzZxK2ZqRkY3YmhwTnFRZkM2R21TQzBUd0I3TXh6OVpWWWZZQkd5NklYcFVNaWdTRGI4KzZGZXFvSURGNXZlYTFuSnhFck9iSEhVa2I3aFVwTmJuUGVid1dZNDZMWGRNTGlUUGI0SHUxSDdMUG...

425 B
653 B

80ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_jWg0XxsVlNIVDd1MWZ5RzZxK2ZqRkY3YmhwTnFRZkM2R21TQzBUd0I3TXh6OVpWWWZZQkd5NklYcFVNaWdTRGI4KzZGZXFvSURGNXZlYTFuSnhFck9iSEhVa2I3aFVwTmJuUGVid1dZNDZMWGRNTGlUUGI0SHUxSDdMUG5BMk5BS08vWGV0cXZ0b3VqeTFEYkJXUVVFZlNMVGtZWUk2VElVckZ6N2dKQjNXVWpZN1dMNzZTT1JTRTM3dGd1YndYRWY1VTRUSEhBMnJaN2gzN2x3dWVVT0xSUmhuV2srQ0pucUs1Qk0xVzVacmdOSlpkU1ppZmIyV0gzMkxtV1ZVTHRSLzg1VGgyd1NYak0zQnhzOUlGazhtL3lJZz09fA&cppv=2

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f30ffcf9fbbefe0d2f8a7932ee7a78bd4e0261317918995a5eb490fb6042aab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1420668
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=_jWg0XxsVlNIVDd1MWZ5RzZxK2ZqRkY3YmhwTnFRZkM2R21TQzBUd0I3TXh6OVpWWWZZQkd5NklYcFVNaWdTRGI4KzZGZXFvSURGNXZlYTFuSnhFck9iSEhVa2I3aFVwTmJuUGVid1dZNDZMWGRNTGlUUGI0SHUxSDdMUG5BMk5BS08vWGV0cXZ0b3VqeTFEYkJXUVVFZlNMVGtZWUk2VElVckZ6N2dKQjNXVWpZN1dMNzZTT1JTRTM3dGd1YndYRWY1VTRUSEhBMnJaN2gzN2x3dWVVT0xSUmhuV2srQ0pucUs1Qk0xVzVacmdOSlpkU1ppZmIyV0gzMkxtV1ZVTHRSLzg1VGgyd1NYak0zQnhzOUlGazhtL3lJZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 781504
content-length: 0
expires: 0

GET
H/1.1 200
OK site-0d102169-mhelpdesk.com.json Show response
cdn1.friendbuy.com/widgets/configs/ 6 KB
2 KB 127ms
46ms XHR
application/json 65.9.95.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.friendbuy.com/widgets/configs/site-0d102169-mhelpdesk.com.json
Requested by: Host: djnf6e5yyirys.cloudfront.net
URL: https://djnf6e5yyirys.cloudfront.net/js/friendbuy.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-34.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71cf72c8c45a1b42db2150a5b44e5b024d28938e4ba5bcf8af432248f2e4dde7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: J.mfInL2zTL6SnN4zg1fEJvsF_N07.hm
Content-Encoding: gzip
Via: 1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
Date: Sat, 14 Jan 2023 00:39:02 GMT
X-Amz-Cf-Pop: PRG50-C1
Age: 6
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
Last-Modified: Thu, 25 Apr 2019 23:02:11 GMT
Server: AmazonS3
ETag: W/"78c9fbc114f04c7d2c32999c3baee05c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=180
Vary: Accept-Encoding
X-Amz-Cf-Id: SuZQYBNE4XQrMgaSxNSAee0pP6L-cJfZTRS3AgSDwe3TeApzxs0KeA==
Expires: Sun, 22 Apr 2029 23:02:10 UTC

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=48956&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255Bemail%255D&p2=e%3Dvc%26id%3D1673656746736%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%2...
https://widget.us.criteo.com/event?a=48956&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255Bemail%255D&p2=e%3Dvc%26id%3D1673656746736%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%2...

8 KB
4 KB

296ms
106ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=48956&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255Bemail%255D&p2=e%3Dvc%26id%3D1673656746736%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=QkOSml8wejVMQW9UWnA3MmlWR1J0NkVRQUFjdUdYbDI2cmFVdVlaZTVFWlduaWduTzBJbUZtdEVIUkRVbXdSTWJqdThYQ2VkRldxTG5SNXhET28zSkglMkZZck1aOFh0aE1EUVIybzh5ekVuVEFjSVp6dmc0VCUyQm5EZW8lMkI1SXFDU3BSTVpDOWhsbWdTcnlMOUJIdndIcTcyVWN4cmclM0QlM0Q&tld=mhelpdesk.com&fu=https%253A%252F%252Fsecure1.mhelpdesk.com%252FSignIn.aspx&dtycbr=2210

Requested by

Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/SignIn.aspx

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c574aeba83a4d06cd93f776e34f4a92781c13ee18def75649a60438274ac2b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 14197963
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=48956&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255Bemail%255D&p2=e%3Dvc%26id%3D1673656746736%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&adce=1&bundle=QkOSml8wejVMQW9UWnA3MmlWR1J0NkVRQUFjdUdYbDI2cmFVdVlaZTVFWlduaWduTzBJbUZtdEVIUkRVbXdSTWJqdThYQ2VkRldxTG5SNXhET28zSkglMkZZck1aOFh0aE1EUVIybzh5ekVuVEFjSVp6dmc0VCUyQm5EZW8lMkI1SXFDU3BSTVpDOWhsbWdTcnlMOUJIdndIcTcyVWN4cmclM0QlM0Q&tld=mhelpdesk.com&fu=https%253A%252F%252Fsecure1.mhelpdesk.com%252FSignIn.aspx&dtycbr=2210
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 7458232
timing-allow-origin: *
content-length: 0
expires: 0

POST
H2 202 track Show response
ws.friendbuy.com/site-0d102169-mhelpdesk.com/ 67 B
583 B 479ms
163ms XHR
application/json 50.18.157.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-0d102169-mhelpdesk.com/track
Requested by: Host: djnf6e5yyirys.cloudfront.net
URL: https://djnf6e5yyirys.cloudfront.net/js/friendbuy.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.18.157.153 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-18-157-153.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b40291ffe4e9d9bb2e10835df039258c7d2c8e55c8a9987371e667f5c18a0352

Request headers

Referer: https://secure1.mhelpdesk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Jan 2023 00:39:08 GMT
server: nginx
access-control-max-age: 21600
access-control-allow-methods: OPTIONS, POST
content-type: application/json
access-control-allow-origin: https://secure1.mhelpdesk.com
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"
access-control-allow-credentials: true
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
content-length: 67

OPTIONS
H2 200 track
ws.friendbuy.com/site-0d102169-mhelpdesk.com/ Frame 0
0 510ms
159ms Preflight
text/html 50.18.157.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-0d102169-mhelpdesk.com/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.18.157.153 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-18-157-153.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure1.mhelpdesk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://secure1.mhelpdesk.com
access-control-max-age: 21600
allow: POST, OPTIONS
content-encoding: gzip
content-length: 20
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 00:39:07 GMT
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"
server: nginx
vary: Accept-Encoding

GET
H2 200 grey.png
secure1.mhelpdesk.com/libs/clip-one-theme/plugins/iCheck/skins/flat/ 2 KB
2 KB 103ms
103ms Image
image/png 52.205.7.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure1.mhelpdesk.com/libs/clip-one-theme/plugins/iCheck/skins/flat/grey.png
Requested by: Host: secure1.mhelpdesk.com
URL: https://secure1.mhelpdesk.com/bundles/css/clip-one?v=B1c3wLsUXw9o0wX1A4_17XIF0hGVSAZX3lfvMkx91xc1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-138.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 7a19a53b943669bfed3f2c1135d96295a269c25f0a79396023260065e799d524

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/bundles/css/clip-one?v=B1c3wLsUXw9o0wX1A4_17XIF0hGVSAZX3lfvMkx91xc1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:07 GMT
last-modified: Mon, 05 Dec 2022 16:30:44 GMT
server: Microsoft-IIS/10.0
etag: "052feebc68d91:0"
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-type: image/png
accept-ranges: bytes
content-length: 1760

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame B9E1
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-iQpyO7gWVsJEvf8XP0skylvQuL7kZu2_-d-qGw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-iQpyO7gWVsJEvf8XP0skylvQuL7kZu2_-d-qGw&expires=30

43 B
345 B

9ms
9ms

Image
image/gif

52.58.161.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-iQpyO7gWVsJEvf8XP0skylvQuL7kZu2_-d-qGw&expires=30
Protocol: H2
Server: 52.58.161.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-161-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-iQpyO7gWVsJEvf8XP0skylvQuL7kZu2_-d-qGw&expires=30
date: Sat, 14 Jan 2023 00:39:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B9E1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-WS-EM7gWVsJEvf8XP0skylvQuL4tlp1GAJjs2w&google_cm&google_hm=ay1XUy1FTTdnV1ZzSkV2ZjhYUDBza3lsdlF1TDR0bHAxR...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-WS-EM7gWVsJEvf8XP0skylvQuL4tlp1GAJjs2w&google_gid=CAESEMXhFFBTaWbVLMGhesXroA4&google_cver=1&google_ula=913071,0

43 B
369 B

17ms
17ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-WS-EM7gWVsJEvf8XP0skylvQuL4tlp1GAJjs2w&google_gid=CAESEMXhFFBTaWbVLMGhesXroA4&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 748822
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-WS-EM7gWVsJEvf8XP0skylvQuL4tlp1GAJjs2w&google_gid=CAESEMXhFFBTaWbVLMGhesXroA4&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B9E1
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5699555564924079600

43 B
371 B

58ms
18ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5699555564924079600

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1804053
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 00:39:07 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c5b908d2-e876-4ff0-ae07-fd3576e94e37
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5699555564924079600
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame B9E1
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-0W1_obgWVsJEvf8XP0skylvQuL6258wo4ogyug
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0W1_obgWVsJEvf8XP0skylvQuL6258wo4ogyug

43 B
447 B

11ms
11ms

Image
image/gif

18.192.136.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0W1_obgWVsJEvf8XP0skylvQuL6258wo4ogyug
Protocol: H2
Server: 18.192.136.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-136-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 14 Jan 2023 00:39:07 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0W1_obgWVsJEvf8XP0skylvQuL6258wo4ogyug
date: Sat, 14 Jan 2023 00:39:07 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame B9E1 45 B
787 B 116ms
44ms Image
image/gif 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-pT0ZubgWVsJEvf8XP0skylvQuL6ye15IhByOEg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 14 Jan 2023 00:39:07 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Sat, 14 Jan 2023 00:39:07 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame B9E1 0
145 B 347ms
85ms Image
text/plain 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-tb9o37gWVsJEvf8XP0skylvQuL7DO9oUJvE5rw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 00:39:07 GMT
Cache-Control: no-cache
X-TraceId: 36958041fb86ea43d485055bb979bd89
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame B9E1 0
239 B 68ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-bhwhorgWVsJEvf8XP0skylvQuL5ykbqcovnlww&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame B9E1 0
35 B 86ms
8ms Image
text/plain 18.193.170.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-_zO5qrgWVsJEvf8XP0skylvQuL5DQz94gLw_iw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.170.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-170-26.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:07 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame B9E1 43 B
163 B 62ms
17ms Image
image/gif 185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-Fdl9BrgWVsJEvf8XP0skylvQuL6meCAuD3uZIg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:06 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B9E1 0
99 B 61ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-FGmWUbgWVsJEvf8XP0skylvQuL5fa66rSFyH_g
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13378

GET
H2 200 um
criteo-sync.teads.tv/ Frame B9E1 23 B
172 B 80ms
33ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-m5y2CbgWVsJEvf8XP0skylvQuL7H-Fxfq6665g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Sat, 14 Jan 2023 00:39:07 GMT
pragma: no-cache
date: Sat, 14 Jan 2023 00:39:07 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame B9E1 37 B
140 B 34ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-H1Ko6rgWVsJEvf8XP0skylvQuL4kfIcm8tnngA&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame B9E1
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JErb_bgWVsJEvf8XP0skylvQuL61KgAr3zFrzw
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JErb_bgWVsJEvf8XP0skylvQuL61KgAr3zFrzw&verify=true

0
121 B

13ms
12ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JErb_bgWVsJEvf8XP0skylvQuL61KgAr3zFrzw&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JErb_bgWVsJEvf8XP0skylvQuL61KgAr3zFrzw&verify=true
date: Sat, 14 Jan 2023 00:39:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 put
e1.emxdgt.com/ Frame B9E1 0
55 B 66ms
7ms Image
text/html 18.156.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-E3OwKLgWVsJEvf8XP0skylvQuL4dsveGj_0y1Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.32.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:07 GMT
content-length: 0
content-type: text/html

GET
H2 200 pixel
cm.adform.net/ Frame B9E1 43 B
162 B 90ms
22ms Image
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-MCJneLgWVsJEvf8XP0skylvQuL4wLOXYmaTqwg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:07 GMT
last-modified: Wed, 10 Apr 2019 10:06:26 GMT
server: nginx
accept-ranges: bytes
etag: "5cadc022-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame B9E1 49 B
235 B 55ms
16ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-6c4bzbgWVsJEvf8XP0skylvQuL5wFJ7LQC5zbQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:07 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame B9E1
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-CB3Z9rgWVsJEvf8XP0skylvQuL4hDVZANWDjhg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-CB3Z9rgWVsJEvf8XP0skylvQuL4hDVZANWDjhg&C=1

43 B
329 B

25ms
25ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-CB3Z9rgWVsJEvf8XP0skylvQuL4hDVZANWDjhg&C=1
Protocol: H2
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RQv0POqWpCcZsxf%2BKUFunvFHlDcpjlHv6YmG7x97N%2F%2BXFK76a2mSyJsFAs1yoLY2H9T9q%2BkzO91FSEgHSmBsEYXsoN%2Fc%2Btpy1u44Is4Nd4%2B5PFfGS2mIgdheQx2vLsAUnay"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 78925010fde6924f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dp%2FA2iapD5hAKqc17dKT2wXaFTcKeutbNg2qeKG3ib3NyVT56cjJvH8yOcUWe6Dzg3BLdLPWczbfXFCVH%2BuXZ%2BDgBuQow2PguXDCBp7HVL3hxCudZ44iXvo6vnyxlqpW0EAm"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-CB3Z9rgWVsJEvf8XP0skylvQuL4hDVZANWDjhg&C=1
cache-control: no-cache
cf-ray: 78925010ddd4924f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame B9E1
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Tw3SbQsWnDNUuM7KJ2Pbbr90iVOcIlgw
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Tw3SbQsWnDNUuM7KJ2Pbbr90iVOcIlgw

42 B
942 B

32ms
32ms

Image
image/gif

52.51.133.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Tw3SbQsWnDNUuM7KJ2Pbbr90iVOcIlgw

Protocol

HTTP/1.1

Server

52.51.133.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-133-63.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0fb9f79b9.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: PPUYHsh3RQk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-00fcfd78a.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: sOOGx+7ISek=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Tw3SbQsWnDNUuM7KJ2Pbbr90iVOcIlgw
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame B9E1 43 B
1 KB 64ms
16ms Image
image/gif 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-w90gO7gWVsJEvf8XP0skylvQuL7Nx3o57bQxhg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 14 Jan 2023 00:39:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame B9E1 42 B
274 B 71ms
24ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-ZaIhvrgWVsJEvf8XP0skylvQuL5negD4erFPtg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:07 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame B9E1 0
882 B 47ms
10ms Image
text/html 3.120.82.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-huaCJrgWVsJEvf8XP0skylvQuL7S3izNkkhmfw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.82.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-82-27.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:39:07 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame B9E1 42 B
582 B 72ms
20ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Wjc6XbgWVsJEvf8XP0skylvQuL64lBCdrMf3LQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 14 Jan 2023 00:39:07 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame B9E1 43 B
183 B 344ms
103ms Image
image/gif 2600:1f18:612b:4264:b002:6706:c84b:49fb
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-WZQY6rgWVsJEvf8XP0skylvQuL5fKCQ6_Z4oaQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:b002:6706:c84b:49fb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 14 Jan 2023 00:39:07 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame B9E1 43 B
153 B 77ms
27ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k--SOGOLgWVsJEvf8XP0skylvQuL5oA5aKPQsNnw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 14 Jan 2023 00:39:07 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame B9E1 0
525 B 51ms
16ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-LvF5a7gWVsJEvf8XP0skylvQuL7ZdgRONGOrkw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 00:39:07 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Fri, 13 Jan 2023 00:39:07 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame B9E1 43 B
220 B 124ms
31ms Image
image/gif 54.194.137.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-gCowtLgWVsJEvf8XP0skylvQuL5YuuuK7T5cvA&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.137.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-137-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 14 Jan 2023 00:39:07 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 401 73fc5830-b8e5-49ef-4c93-89a1262d835e
app.pendo.io/data/ptm.gif/ 0
0 155ms
115ms Image
text/plain 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.pendo.io/data/ptm.gif/73fc5830-b8e5-49ef-4c93-89a1262d835e?v=2.167.0_prod&ct=1673656747529&jzb=eJy1VE1T2zAQ_S8-Zxx_B7hBAgwMAUrMcOh0PMJaOxpkyZXkgIfhv7OqaZooob2UnJz3dvetnnb1_dUzfQvekccoCMOq3ht5j0o-a1CFYQ0yYTaJszSbJJM0ikfeimlmpCoYxaQAo0lZyk6YP0CnOH4tjWn10XisoewUhH6zBN5S0E9-KZvxgtXiQvhEty-Y0SrZau_o1ZOcFlsCxe3p9eymyAtydlk3133-8Gwwwcbt6P6rszcUIgpPmZPHC4REx_nIM8MfjzbV_Qlb0SxYZrOTqsb8SpEGfpFBfPPAuzSfmmQZC8asSb0B7DkOo7fR2sQGDPmrgckXG_hR3H6uy0FDmC3YCQoVE0ARU5LbfjchVL2DCpQCTN9iKKxYacOtupEtQpyIuiO1BUEU9wtr7sc5trQFOuhUazH3ClbgtmTxWzUIbeKlAmKYFDNidkp1qlwSDXsoJminjerdYkSUwPfEfzSfD_e4yZxqvEZMQH-38AuxktitC09RVjagTn92rG1w2hz-Uj7mOBaux1dA6JwItHRPzrzjOLQvd3u6GOTOpGpcZk7ac5C5IuUTE7VDnktZc5gSvuhF6XDfTmbDPYefEdEOcSM4frsJaBEeRqr-ky7Qi6lEe3eIxXzhIHd2CxRGYo570mOtcRtyOcUI1LvH1duKWC_-8XpCEaLDEITJOAjHURDF9gkBpXHUEI58XFs_KHCzNgr8z5cjDLLDjaeDS2LP8vnTkX7x02Eb-C07CVM_PMTfwUGapofBwZc4ECXJ24937MslnQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 85.204.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 401 73fc5830-b8e5-49ef-4c93-89a1262d835e
app.pendo.io/data/guide.js/ 0
0 193ms
152ms Script
text/plain 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.pendo.io/data/guide.js/73fc5830-b8e5-49ef-4c93-89a1262d835e?id=4&jzb=eJx1U9Fu2zAM_Bc_D3acDSuQty7tigwNtsXuc8HJrCNUEjVKMhoM_fdSyBYsivsm3_HuKFr8U0066Ei8GapVtag-VKAUJRdP34mNnPYx-rBqmoAqMba13aPxA4bnWpFtOj26jash-BdRWIwwQIRqdXLPR_3PES3o7JncgE_a4SAYk8ECkuAdPiEzivyMGXDSKpfnBiJ5gQy4McGYQXSPD131errJWbYDW-Z40d7jhGVLGf_Bx6D_ccUIUZO7gXhhlVjtIeAMpd2QQuRDaQZOoZmp_9t8f_AlcxuitiIIBb5xE0m3JbyWWLLIt7-T9hbzPM74b_Sr18IX8D3CsAUnI53RbJOJPbzsZro4xn0ltiWzBX-H1DOoZ-3GgrwjGg2uwXQHpwru55eb439u3yOWF8R3Z-RcCmREchniwztdyCzWJOO9ILptVyC7vAgslaIpb3odgixET2upkLyHUExX3qaHzFyfXqhAsjL5V7efmkXbLBfLj-I0IQd5agIv6_bzVb149Exi8PoG5-pCag&v=2.167.0_prod&ct=1673656747530
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/73fc5830-b8e5-49ef-4c93-89a1262d835e/pendo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 85.204.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 401 73fc5830-b8e5-49ef-4c93-89a1262d835e
app.pendo.io/data/guide.gif/ 0
0 172ms
133ms Image
text/plain 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.pendo.io/data/guide.gif/73fc5830-b8e5-49ef-4c93-89a1262d835e?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1673656747531&v=2.167.0_prod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 85.204.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame B9E1
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=tNhDK4ukomgKm7hja4Ym2mmFB5XUgBM3

0
339 B

127ms
31ms

Image
text/plain

54.229.18.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=tNhDK4ukomgKm7hja4Ym2mmFB5XUgBM3
Protocol: H2
Server: 54.229.18.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-18-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: beacon-n018-dub-prod.krxd.net
date: Sat, 14 Jan 2023 00:39:07 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1673656747
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=tNhDK4ukomgKm7hja4Ym2mmFB5XUgBM3
date: Sat, 14 Jan 2023 00:39:07 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1431365
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame B9E1
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=54v1L6kFwoOCYQKdNO8XS3f76bFrfMK0

35 B
268 B

412ms
112ms

Image
image/gif

3.16.134.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=54v1L6kFwoOCYQKdNO8XS3f76bFrfMK0
Protocol: H2
Server: 3.16.134.16 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-134-16.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 00:39:08 GMT
x-bt-requestid: db0edc90-93a3-11ed-ad4c-0000ac170312
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=54v1L6kFwoOCYQKdNO8XS3f76bFrfMK0
date: Sat, 14 Jan 2023 00:39:07 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1246423
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 15ms
14ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=650293308781389&ev=Microdata&dl=https%3A%2F%2Fsecure1.mhelpdesk.com%2FSignIn.aspx&rl=&if=false&ts=1673656748394&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtmHelpDesk%20Login%5Cn%22%2C%22meta%3Adescription%22%3A%22mHelpDesk%20Secure%20Login.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.92&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1673656746890.125694636&it=1673656746748&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure1.mhelpdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Jan 2023 00:39:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mhelpdesk.com/	1970-01-20 10:34:16	Name: .ASPXANONYMOUS Value: LL_Xr3_jBWOCuwVe2VkqO8M2gv2tML2uSMxN59ZRMcs8N46ea8sHYndg-F0J_U2oPhrX57o-_o7_88ho8J96urZSlZRktymw2goHQ4ChJkGXBBhW0
secure1.mhelpdesk.com/	1969-12-31 23:59:59	Name: x-secure1-ssid Value: vg1g1ffqrqidyjlxhu0x01sg
.bing.com/	1970-01-20 18:15:52	Name: MUID Value: 01F23173A43469E32F2923EAA5BF681F
.mhelpdesk.com/	1970-01-20 08:55:43	Name: _uetsid Value: da1719a093a311ed92f011ef78c3500d
.mhelpdesk.com/	1970-01-20 18:15:52	Name: _uetvid Value: da17177093a311ed8e907d0ad8774eaf
.doubleclick.net/	1970-01-20 18:15:52	Name: IDE Value: AHWqTUlIn7ydjrcvA8aXgm4uDOA6i3uLq2MtmyvBnGvTI5dHRCrS9aqbt98uwvZZ
.secure1.mhelpdesk.com/	1970-01-20 18:30:16	Name: _ga Value: GA1.3.183594478.1673656747
.secure1.mhelpdesk.com/	1970-01-20 08:55:43	Name: _gid Value: GA1.3.1826247580.1673656747
.secure1.mhelpdesk.com/	1970-01-20 08:54:16	Name: _gat_UA-88662464-1 Value: 1
secure1.mhelpdesk.com/	1970-01-20 08:55:43	Name: ln_or Value: eyIxMjg5ODI2IjoiZCJ9
.linkedin.com/	1970-01-20 09:37:28	Name: UserMatchHistory Value: AQKGOZtJfdWebwAAAYWtt0LuD9P3O-0b-6xUFJc8w7p8k4wcW4p-zTZz0F2DX6mY6jkTFB298Tnslw
.linkedin.com/	1970-01-20 09:37:28	Name: AnalyticsSyncHistory Value: AQIGsf-bD1KM2gAAAYWtt0LuGehHIpI9265_dgJJZArCcCEMnvfcvWKfRR8EyrE0bXHqJo4wFuxoPXJNJUdKRg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:39:52	Name: bcookie Value: "v=2&9237bd00-b5c0-43c2-8199-e4165357b22c"
.linkedin.com/	1970-01-20 08:55:43	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2935:u=1:x=1:i=1673656746:t=1673743146:v=2:sig=AQEz9kAa3SrRC19Ty-xkRn--x3-oa_Wo"
.mhelpdesk.com/	1970-01-20 11:03:52	Name: _fbp Value: fb.1.1673656746890.125694636
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:39:52	Name: bscookie Value: "v=1&202301140039069a566e45-6589-49b4-8673-d932f96fca41AQEtt_R6ipU7mBMxc-UaOPF7RPrRamet"
.linkedin.com/	1970-01-20 13:13:28	Name: li_gc Value: MTswOzE2NzM2NTY3NDY7MjswMjEcwmNhUthABvPIzRfgHjoG32GI0IWELtyOM0L6g13tgg==
.criteo.com/	1970-01-20 18:15:52	Name: uid Value: c15e88b9-f5b1-4e1d-a6b6-5538cc259443
.mhelpdesk.com/	1970-01-20 18:23:40	Name: cto_bundle Value: QkOSml8wejVMQW9UWnA3MmlWR1J0NkVRQUFjdUdYbDI2cmFVdVlaZTVFWlduaWduTzBJbUZtdEVIUkRVbXdSTWJqdThYQ2VkRldxTG5SNXhET28zSkglMkZZck1aOFh0aE1EUVIybzh5ekVuVEFjSVp6dmc0VCUyQm5EZW8lMkI1SXFDU3BSTVpDOWhsbWdTcnlMOUJIdndIcTcyVWN4cmclM0QlM0Q
.adnxs.com/	1970-01-20 11:03:52	Name: uuid2 Value: 5699555564924079600
.bidswitch.net/	1970-01-20 17:39:52	Name: tuuid Value: 59d5189c-82b9-441f-9c6f-130de5af9f2f
.bidswitch.net/	1970-01-20 17:39:52	Name: c Value: 1673656747
.bidswitch.net/	1970-01-20 17:39:52	Name: tuuid_lu Value: 1673656747
secure1.mhelpdesk.com/	1970-01-20 09:04:21	Name: AWSALB Value: iVg0n/tQe23J0CyNz1c3/2Lrtn8DiWFHKKX5qwHbOaatYijVcVONHRho5TLTAEL7TdTKJvkMxCFpViwHEACDEEe6Sq9i7TZp8H0Ei+MBsoqZ3H8rHQcFrWUHfh56
secure1.mhelpdesk.com/	1970-01-20 09:04:21	Name: AWSALBCORS Value: iVg0n/tQe23J0CyNz1c3/2Lrtn8DiWFHKKX5qwHbOaatYijVcVONHRho5TLTAEL7TdTKJvkMxCFpViwHEACDEEe6Sq9i7TZp8H0Ei+MBsoqZ3H8rHQcFrWUHfh56
.360yield.com/	1970-01-20 11:03:52	Name: tuuid Value: e1dd49e6-9674-438b-919e-fde41391510a
.360yield.com/	1970-01-20 11:03:52	Name: tuuid_lu Value: 1673656747
.media.net/	1970-01-20 17:39:52	Name: visitor-id Value: 3166583477317498000V10
.media.net/	1970-01-20 09:37:28	Name: data-c-ts Value: 1673656747
.media.net/	1970-01-20 09:37:28	Name: data-c Value: k-pT0ZubgWVsJEvf8XP0skylvQuL6ye15IhByOEg~~3
.360yield.com/	1970-01-20 11:03:52	Name: um Value: !38,MhB9IanaEi63xDYTsRlO9TV6buj7rQMVh3Zz0rChgO-0GdmPR6tib0mGXkM.zB-Yu3terY6C,1681432747
.360yield.com/	1970-01-20 11:03:52	Name: umeh Value: !38,0,1735864747,-1
.yahoo.com/	1970-01-20 17:40:14	Name: A3 Value: d=AQABBKv5wWMCEI1i5VlglgHrMCJOl9-aToQFEgEBAQFLw2PLYwAAAAAA_eMAAA&S=AQAAAokk3DfKEmLdqMKdZh06XJY
.analytics.yahoo.com/	1970-01-20 17:39:52	Name: IDSYNC Value: 18zh~29eo
.casalemedia.com/	1970-01-20 17:39:52	Name: CMID Value: Y8H5qx5GentyixI1QHqxlgAA
.casalemedia.com/	1970-01-20 11:03:52	Name: CMPS Value: 1149
.casalemedia.com/	1970-01-20 11:03:52	Name: CMPRO Value: 1149
.demdex.net/	1970-01-20 13:13:28	Name: demdex Value: 08754953784644913731475296296071563120
exchange.mediavine.com/	1970-01-20 09:14:26	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22dab9b7b0-93a3-11ed-b5cd-69046e26ba2c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 09:14:26	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22dab9b7b0-93a3-11ed-b5cd-69046e26ba2c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 09:14:26	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22dab9b7b0-93a3-11ed-b5cd-69046e26ba2c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 09:14:26	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22dab9b7b0-93a3-11ed-b5cd-69046e26ba2c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 09:14:26	Name: criteo Value: %7B%22id%22%3A%22k-huaCJrgWVsJEvf8XP0skylvQuL7S3izNkkhmfw%22%2C%22version%22%3A%22criteo%22%7D
.id5-sync.com/	1970-01-20 08:54:17	Name: cf Value:
.id5-sync.com/	1970-01-20 08:54:17	Name: cip Value:
.id5-sync.com/	1970-01-20 08:54:17	Name: cnac Value:
.id5-sync.com/	1970-01-20 08:54:17	Name: car Value:
.id5-sync.com/	1970-01-20 08:54:17	Name: gdpr Value:
.id5-sync.com/	1970-01-20 08:54:17	Name: callback Value:
.pubmatic.com/	1970-01-20 09:37:28	Name: KRTBCOOKIE_97 Value: 3385-uid:k-Wjc6XbgWVsJEvf8XP0skylvQuL64lBCdrMf3LQ&KRTB&23144-uid:k-Wjc6XbgWVsJEvf8XP0skylvQuL64lBCdrMf3LQ&KRTB&23286-uid:k-Wjc6XbgWVsJEvf8XP0skylvQuL64lBCdrMf3LQ&KRTB&23287-uid:k-Wjc6XbgWVsJEvf8XP0skylvQuL64lBCdrMf3LQ
.pubmatic.com/	1970-01-20 09:37:28	Name: PugT Value: 1673656747
.dpm.demdex.net/	1970-01-20 13:13:28	Name: dpm Value: 08754953784644913731475296296071563120
.krxd.net/	1970-01-20 13:13:28	Name: _kuid_ Value: PUTLHZtk
.friendbuy.com/	1970-01-20 17:39:52	Name: current_shopper Value: "mZRO5Dd3tCIfdBNc+CNoEM+yVQU=?current_shopper_code=VjVlNzdlYzVjLWJlOWEtNGI2Mi04NjA2LWZkNjZkYTMxNjFiMwpwMAou"

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0064/7942.js Message: Failed to load resource: the server responded with a status of 410 ()
network	error	URL: https://js.appcenter.intuit.com/Content/IA/intuit.ipp.anywhere.js Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network	error	URL: https://app.pendo.io/data/ptm.gif/73fc5830-b8e5-49ef-4c93-89a1262d835e?v=2.167.0_prod&ct=1673656747529&jzb=eJy1VE1T2zAQ_S8-Zxx_B7hBAgwMAUrMcOh0PMJaOxpkyZXkgIfhv7OqaZooob2UnJz3dvetnnb1_dUzfQvekccoCMOq3ht5j0o-a1CFYQ0yYTaJszSbJJM0ikfeimlmpCoYxaQAo0lZyk6YP0CnOH4tjWn10XisoewUhH6zBN5S0E9-KZvxgtXiQvhEty-Y0SrZau_o1ZOcFlsCxe3p9eymyAtydlk3133-8Gwwwcbt6P6rszcUIgpPmZPHC4REx_nIM8MfjzbV_Qlb0SxYZrOTqsb8SpEGfpFBfPPAuzSfmmQZC8asSb0B7DkOo7fR2sQGDPmrgckXG_hR3H6uy0FDmC3YCQoVE0ARU5LbfjchVL2DCpQCTN9iKKxYacOtupEtQpyIuiO1BUEU9wtr7sc5trQFOuhUazH3ClbgtmTxWzUIbeKlAmKYFDNidkp1qlwSDXsoJminjerdYkSUwPfEfzSfD_e4yZxqvEZMQH-38AuxktitC09RVjagTn92rG1w2hz-Uj7mOBaux1dA6JwItHRPzrzjOLQvd3u6GOTOpGpcZk7ac5C5IuUTE7VDnktZc5gSvuhF6XDfTmbDPYefEdEOcSM4frsJaBEeRqr-ky7Qi6lEe3eIxXzhIHd2CxRGYo570mOtcRtyOcUI1LvH1duKWC_-8XpCEaLDEITJOAjHURDF9gkBpXHUEI58XFs_KHCzNgr8z5cjDLLDjaeDS2LP8vnTkX7x02Eb-C07CVM_PMTfwUGapofBwZc4ECXJ24937MslnQ Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://app.pendo.io/data/guide.gif/73fc5830-b8e5-49ef-4c93-89a1262d835e?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1673656747531&v=2.167.0_prod Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://app.pendo.io/data/guide.js/73fc5830-b8e5-49ef-4c93-89a1262d835e?id=4&jzb=eJx1U9Fu2zAM_Bc_D3acDSuQty7tigwNtsXuc8HJrCNUEjVKMhoM_fdSyBYsivsm3_HuKFr8U0066Ei8GapVtag-VKAUJRdP34mNnPYx-rBqmoAqMba13aPxA4bnWpFtOj26jash-BdRWIwwQIRqdXLPR_3PES3o7JncgE_a4SAYk8ECkuAdPiEzivyMGXDSKpfnBiJ5gQy4McGYQXSPD131errJWbYDW-Z40d7jhGVLGf_Bx6D_ccUIUZO7gXhhlVjtIeAMpd2QQuRDaQZOoZmp_9t8f_AlcxuitiIIBb5xE0m3JbyWWLLIt7-T9hbzPM74b_Sr18IX8D3CsAUnI53RbJOJPbzsZro4xn0ltiWzBX-H1DOoZ-3GgrwjGg2uwXQHpwru55eb439u3yOWF8R3Z-RcCmREchniwztdyCzWJOO9ILptVyC7vAgslaIpb3odgixET2upkLyHUExX3qaHzFyfXqhAsjL5V7efmkXbLBfLj-I0IQd5agIv6_bzVb149Exi8PoG5-pCag&v=2.167.0_prod&ct=1673656747530 Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
app.pendo.io
bat.bing.com
beacon.krxd.net
cdn.linkedin.oribi.io
cdn.pendo.io
cdn1.friendbuy.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
djnf6e5yyirys.cloudfront.net
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
js.appcenter.intuit.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.thebrighttag.com
script.crazyegg.com
secure1.mhelpdesk.com
simage2.pubmatic.com
snap.licdn.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
ws.friendbuy.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
104.111.217.42
104.18.33.19
104.73.15.163
13.107.42.14
141.226.228.48
142.251.208.162
162.19.138.117
178.250.0.163
178.250.2.146
178.250.2.151
18.156.0.31
18.156.32.70
18.192.136.217
18.193.170.26
185.255.84.152
185.64.190.80
185.86.139.106
185.89.210.101
2600:1f18:612b:4264:b002:6706:c84b:49fb
2600:9000:206e:5a00:2:53b2:240:93a1
2600:9000:2127:800:1f:aa31:7740:93a1
2606:4700::6813:9408
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:806::2008
2a00:1450:4001:812::2003
2a00:1450:4001:828::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400d:806::200e
2a00:1450:4025:401::9c
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::622
3.120.82.27
3.16.134.16
34.107.204.85
34.117.157.22
34.228.94.63
37.157.4.28
50.18.157.153
52.205.7.138
52.51.133.63
52.58.161.171
52.84.186.90
54.194.137.201
54.229.18.25
65.9.95.34
69.173.144.138
70.42.32.95
74.119.119.150
76.223.111.18
85.215.5.31
92.123.38.97
96.16.132.239
031a98526761b9474d818ddb0eb2ce680d4c11c3e61ce5381fc08c078507fc15
033fe7b11c50913444a81ea31497c2e35929db0391c4a474dc98a3e7a1d7f009
0805bdf4b59fdb2454dd8186abd1704d6ed7cfed3b26d6ad7dcca97b4832e593
0dc8b8c21c453aa7aa7a8b71ee2d41f840e9e87d5efd873a79e450c2251246b9
2ec76a5cb8250a1612a4e3e5165f1f35f3a196ff281cdad40ba3ea460ce9af6e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3655ae79f11e8dd845b4f149101333f8458d1bb9f2e6e9b532ea214f359897c3
3798f4d44626f72a549aaffd09e671b2d949ccb811cba6d11ccad28a362f0e0a
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
3cef063dc8f1ad1f3c43fbb484c52ae6197cfd8cabb1ea0a9d6093db9276d5f8
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
533a930626d1c6ff159140ba04eb092e3a4c93f2abf6f734fad9d807748b1846
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
597f6ee18003c2fddfb8feeb8fde04adfeaf1e9bb2996d54f797c35b3a92bf39
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71cf72c8c45a1b42db2150a5b44e5b024d28938e4ba5bcf8af432248f2e4dde7
7a19a53b943669bfed3f2c1135d96295a269c25f0a79396023260065e799d524
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
80bc49e4e5afb996f21f7c83b1498a2d811f61eaefd5189150b3a3161c09a176
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
879370cd54f5a6e15bc75e83d7b67b81dc41b367ecfa584cc5b037a0c74e4842
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a44592aa0910dcad7a2c47d52137dd60540b1207d9335bebc1b04545c13fdcf3
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b6d597b63af5c67ae52bbfc53148bc78343e05c72c3da15966f6640876a59a
b40291ffe4e9d9bb2e10835df039258c7d2c8e55c8a9987371e667f5c18a0352
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf849a3999662673e0b9b84106c48afeab467e37b1c060bab50d52f815fad8d3
c574aeba83a4d06cd93f776e34f4a92781c13ee18def75649a60438274ac2b54
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561
d8f934ca0716bfc2089c947a69adcf4a9bccce7efe3e25b0da4cf062e5c7dfd5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de932f4eefc67df2981d6a9886eb0fdf6712749563d3085ce3959e3da4e8d0c8
e04277cf6e1b95128d9352758661fe9b77a4a5482622d4fc1ccf211b2cfd95f2
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e26bddfe28fe2e8e28c5b25968decb689ebac4300ee117b4c5c472a0600cd343
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f30ffcf9fbbefe0d2f8a7932ee7a78bd4e0261317918995a5eb490fb6042aab1
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f88ac59dcf55e568017468f3b8736ea12675948f04d5cf3cbda96b3501635db3
f96e267bfa2be56e37ed84644c6004a3bf526a99d00a122b27486d5337836802
ff343a83cfeed583ba4363d726808fd403b7ebfef9a36be23e54419332fc118b

secure1.mhelpdesk.com Open in urlscan Pro 52.205.7.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

86 %HTTPS

34 %IPv6

49 Domains

59 Subdomains

54 IPs

9 Countries

1056 kBTransfer

3229 kBSize

56 Cookies

10 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure1.mhelpdesk.com Open in urlscan Pro
52.205.7.138 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

86 %
HTTPS

34 %
IPv6

49
Domains

59
Subdomains

54
IPs

9
Countries

1056 kB
Transfer

3229 kB
Size

56
Cookies

90 HTTP transactions
0 data transactions