urlscan.io logo urlscan.io
SecurityTrails logo

askleo.com Open in urlscan Pro
18.158.98.109  Public Scan

Go To Rescan Add Verdict Report
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Submission Tags: falconsandbox
Submission: On August 23 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 77 IPs in 10 countries across 73 domains to perform 555 HTTP transactions. The main IP is 18.158.98.109, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is askleo.com.
TLS certificate: Issued by R3 on July 30th 2021. Valid for: 3 months.
This is the only time askleo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
46 18.158.98.109 16509 (AMAZON-02)
25 142.250.185.130 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 13.224.90.44 16509 (AMAZON-02)
50 151.139.128.11 20446 (HIGHWINDS3)
8 3.66.136.156 16509 (AMAZON-02)
1 3 2620:116:800d... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
21 47 142.250.185.226 15169 (GOOGLE)
10 24 2.18.234.21 16625 (AKAMAI-AS)
11 15 37.252.173.62 29990 (ASN-APPNEX)
124 2a00:1450:400... 15169 (GOOGLE)
10 142.250.186.130 15169 (GOOGLE)
3 195.201.152.90 24940 (HETZNER-AS)
5 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
3 52.205.247.225 14618 (AMAZON-AES)
1 34.107.148.139 15169 (GOOGLE)
1 185.64.189.112 62713 (AS-PUBMATIC)
16 52.57.8.242 16509 (AMAZON-02)
1 23.37.38.181 16625 (AKAMAI-AS)
18 69.173.144.143 26667 (RUBICONPR...)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 51.89.9.253 16276 (OVH)
4 4 185.29.132.245 30419 (MEDIAMATH...)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 54.81.207.173 14618 (AMAZON-AES)
1 2 2.18.235.93 16625 (AKAMAI-AS)
1 52.198.4.47 16509 (AMAZON-02)
3 4 3.126.56.137 16509 (AMAZON-02)
1 54.36.109.155 16276 (OVH)
2 23.37.42.132 16625 (AKAMAI-AS)
2 2.18.233.180 16625 (AKAMAI-AS)
1 2 69.173.144.165 26667 (RUBICONPR...)
1 2 185.64.190.78 62713 (AS-PUBMATIC)
1 2 34.254.206.82 16509 (AMAZON-02)
3 4 37.157.6.241 198622 (ADFORM)
2 2 213.155.156.166 1299 (TELIANET ...)
18 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 3 52.30.92.119 16509 (AMAZON-02)
1 162.55.6.212 24940 (HETZNER-AS)
3 3 213.19.147.45 3356 (LEVEL3)
3 4 76.223.111.131 16509 (AMAZON-02)
1 1 87.98.252.5 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 72.251.241.196 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a04:4e42:3::300 54113 (FASTLY)
1 151.101.13.44 54113 (FASTLY)
1 38.91.45.7 398989 (DEEPINTENT)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 2 51.222.80.231 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
1 3 159.253.128.188 36351 (SOFTLAYER)
3 3 18.195.239.175 16509 (AMAZON-02)
2 2 18.197.127.76 16509 (AMAZON-02)
3 4 151.101.14.49 54113 (FASTLY)
1 1 2001:678:cb4:... 56396 (TURN)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 159.65.196.12 14061 (DIGITALOC...)
1 2 66.155.71.150 13768 (COGECO-PEER1)
1 1 34.98.107.212 15169 (GOOGLE)
2 3 185.33.220.241 29990 (ASN-APPNEX)
1 1 52.18.52.16 16509 (AMAZON-02)
1 74.125.206.157 15169 (GOOGLE)
1 52.49.37.161 16509 (AMAZON-02)
2 52.1.49.131 14618 (AMAZON-AES)
1 2 52.46.133.124 16509 (AMAZON-02)
1 1 3.217.109.237 14618 (AMAZON-AES)
1 1 54.73.110.124 16509 (AMAZON-02)
3 4 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
1 2 142.250.181.230 15169 (GOOGLE)
1 1 2620:119:50e1... 14413 (LINKEDIN)
1 1 139.162.84.221 63949 (LINODE-AP...)
1 1 13.224.102.75 16509 (AMAZON-02)
1 1 185.86.139.93 201081 (SMARTADSE...)
2 2 3.125.99.7 16509 (AMAZON-02)
2 2 70.42.32.95 13789 (INTERNAP-...)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 104.111.215.191 16625 (AKAMAI-AS)
1 35.190.0.66 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 172.217.23.98 15169 (GOOGLE)
555 77
46    18.158.98.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
askleo.com
25    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700:3031::6815:496e (United States)

ASN13335 (CLOUDFLARENET, US)
go.ezodn.com
4    13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net
c.amazon-adsystem.com
50    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
askleo.askleomedia.com
img.askleomedia.com
8    3.66.136.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
g.ezoic.net
3    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
5    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.be
34    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
6    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
1    2600:9000:2190:f200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
9    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
19    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
12    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
9    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.be
47    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
24    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
15    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
124    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
3    195.201.152.90 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.90.152.201.195.clients.your-server.de
opt.objectiveportal.com
5    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    52.205.247.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-247-225.compute-1.amazonaws.com
pb-server.ezoic.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
16    52.57.8.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
18    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
4    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    54.81.207.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-207-173.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
cs.media.net
contextual.media.net
1    52.198.4.47 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-4-47.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    54.36.109.155 (France)

ASN16276 (OVH, FR)
PTR: p05.id5-sync.com
id5-sync.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    34.254.206.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-206-82.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
4    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.166 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
18    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    85.114.159.118 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    52.30.92.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-92-119.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    87.98.252.5 (France)

ASN16276 (OVH, FR)
PTR: ip5.ip-87-98-252.eu
green.erne.co
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
match.taboola.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
3    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
3    18.195.239.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-239-175.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    18.197.127.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-127-76.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
4    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
3    185.33.220.241 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    52.18.52.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    74.125.206.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f157.1e100.net
bid.g.doubleclick.net
1    52.49.37.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
2    52.1.49.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-49-131.compute-1.amazonaws.com
dt.adsafeprotected.com
2    52.46.133.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    3.217.109.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-109-237.compute-1.amazonaws.com
nep.advangelists.com
1    54.73.110.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-110-124.eu-west-1.compute.amazonaws.com
d.adroll.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
2    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
1    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    139.162.84.221 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1564-221.members.linode.com
a.c.appier.net
1    13.224.102.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-75.zrh50.r.cloudfront.net
s.ad.smaato.net
1    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    3.125.99.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-99-7.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:62::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r1---sn-4g5e6nsk.c.2mdn.net
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
126 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r1---sn-4g5e6nsk.c.2mdn.net
4 MB
97 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
bid.g.doubleclick.net
ad.doubleclick.net
360 KB
74 googlesyndication.com
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
388 KB
50 askleomedia.com
askleo.askleomedia.com
img.askleomedia.com
284 KB
46 askleo.com
askleo.com
100 KB
24 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
32 KB
23 casalemedia.com
dsum-sec.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
25 KB
22 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
39 KB
18 adnxs.com
ib.adnxs.com
secure.adnxs.com
16 KB
16 sharethrough.com
btlr.sharethrough.com
2 KB
15 google.com
adservice.google.com
www.google.com
2 KB
9 google.be
adservice.google.be
1 KB
8 ezoic.net
g.ezoic.net
852 B
6 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
5 KB
6 cloudflare.com
cdnjs.cloudflare.com
117 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
38 KB
5 adsafeprotected.com
fw.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
103 KB
5 ampproject.org
cdn.ampproject.org
102 KB
5 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
5 googletagservices.com
www.googletagservices.com
188 KB
4 openx.net
us-u.openx.net
977 B
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 adform.net
c1.adform.net
2 KB
4 mathtag.com
sync.mathtag.com
3 KB
4 gstatic.com
fonts.gstatic.com
60 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 simpli.fi
um.simpli.fi
1 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 googleapis.com
fonts.googleapis.com
2 KB
3 media.net
prebid.media.net
cs.media.net
contextual.media.net
10 KB
3 ezoic.com
pb-server.ezoic.com
2 KB
3 objectiveportal.com
opt.objectiveportal.com
2 KB
3 quantserve.com
secure.quantserve.com
pixel.quantserve.com
10 KB
2 zemanta.com
b1sync.zemanta.com
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 teads.tv
sync.teads.tv
344 B
2 sitescout.com
pixel-sync.sitescout.com
528 B
2 bidtheatre.com
match.adsby.bidtheatre.com
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 exelator.com
loada.exelator.com
3 KB
2 onaudience.com
pixel.onaudience.com
736 B
2 taboola.com
trc.taboola.com
match.taboola.com
652 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 adition.com
dsp.adfarm1.adition.com
1 KB
2 de17a.com
d5p.de17a.com
631 B
2 indexww.com
js-sec.indexww.com
2 KB
2 onetag-sys.com
onetag-sys.com
2 KB
1 travelaudience.com
ads.travelaudience.com
546 B
1 bluekai.com
tags.bluekai.com
1 KB
1 rfihub.com
a.rfihub.com
1 KB
1 smartadserver.com
ssbsync.smartadserver.com
448 B
1 smaato.net
s.ad.smaato.net
430 B
1 appier.net
a.c.appier.net
556 B
1 linkedin.com
px.ads.linkedin.com
652 B
1 adroll.com
d.adroll.com
112 B
1 advangelists.com
nep.advangelists.com
232 B
1 gumgum.com
rtb.gumgum.com
336 B
1 playground.xyz
ads.playground.xyz
486 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 deepintent.com
match.deepintent.com
44 B
1 adgrx.com
cm.adgrx.com
408 B
1 ad4m.at
ad4m.at
974 B
1 erne.co
green.erne.co
327 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 loopme.me
csync.loopme.me
152 B
1 id5-sync.com
id5-sync.com
528 B
1 adingo.jp
cc.adingo.jp
44 B
1 stackadapt.com
sync.srv.stackadapt.com
727 B
1 quantcount.com
rules.quantcount.com
429 B
1 ezodn.com
go.ezodn.com
87 KB
555 73
Domain Requested by
124 s0.2mdn.net askleo.com
s0.2mdn.net
cdn.ampproject.org
49 askleo.askleomedia.com askleo.com
askleo.askleomedia.com
47 cm.g.doubleclick.net 21 redirects googleads.g.doubleclick.net
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
46 askleo.com askleo.com
askleo.askleomedia.com
38 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
s0.2mdn.net
fw.adsafeprotected.com
28 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
askleo.com
cdn.ampproject.org
googleads.g.doubleclick.net
s0.2mdn.net
25 securepubads.g.doubleclick.net askleo.com
securepubads.g.doubleclick.net
19 dsum-sec.casalemedia.com 9 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
18 fastlane.rubiconproject.com go.ezodn.com
16 btlr.sharethrough.com go.ezodn.com
15 ib.adnxs.com 11 redirects googleads.g.doubleclick.net
12 googleads.g.doubleclick.net 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
askleo.com
11 simage2.pubmatic.com ads.pubmatic.com
10 googleads4.g.doubleclick.net askleo.com
9 adservice.google.com securepubads.g.doubleclick.net
9 adservice.google.be securepubads.g.doubleclick.net
8 g.ezoic.net askleo.com
7 image2.pubmatic.com ads.pubmatic.com
6 cdnjs.cloudflare.com s0.2mdn.net
askleo.com
6 www.google.com 1 redirects tpc.googlesyndication.com
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
askleo.com
6 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.googletagservices.com 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
4 us-u.openx.net 3 redirects googleads.g.doubleclick.net
4 sync-tm.everesttech.net 3 redirects ssum-sec.casalemedia.com
4 match.adsrvr.org 3 redirects ssum-sec.casalemedia.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 ups.analytics.yahoo.com 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 fonts.gstatic.com fonts.googleapis.com
4 c.amazon-adsystem.com askleo.com
c.amazon-adsystem.com
3 secure.adnxs.com 2 redirects ssum-sec.casalemedia.com
3 x.bidswitch.net 3 redirects
3 um.simpli.fi 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 fonts.googleapis.com securepubads.g.doubleclick.net
s0.2mdn.net
3 pb-server.ezoic.com go.ezodn.com
onetag-sys.com
3 opt.objectiveportal.com 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
2 ade.googlesyndication.com
2 b1sync.zemanta.com 2 redirects
2 pm.w55c.net 2 redirects
2 ad.doubleclick.net 1 redirects 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
2 sync.teads.tv googleads.g.doubleclick.net
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 dt.adsafeprotected.com 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
2 pixel-sync.sitescout.com 1 redirects 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
2 match.adsby.bidtheatre.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 d5p.de17a.com 2 redirects
2 fw.adsafeprotected.com 1 redirects 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 js-sec.indexww.com go.ezodn.com
ssum-sec.casalemedia.com
2 ads.pubmatic.com go.ezodn.com
ads.pubmatic.com
2 eus.rubiconproject.com go.ezodn.com
eus.rubiconproject.com
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 onetag-sys.com go.ezodn.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 pixel.quantserve.com 1 redirects askleo.com
1 ads.travelaudience.com
1 tags.bluekai.com 1 redirects
1 r1---sn-4g5e6nsk.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 a.rfihub.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 a.c.appier.net 1 redirects
1 px.ads.linkedin.com 1 redirects
1 d.adroll.com 1 redirects
1 nep.advangelists.com 1 redirects
1 static.adsafeprotected.com 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
1 bid.g.doubleclick.net 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 csync.loopme.me ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 token.rubiconproject.com eus.rubiconproject.com
1 contextual.media.net go.ezodn.com
1 id5-sync.com go.ezodn.com
1 cc.adingo.jp 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 htlb.casalemedia.com go.ezodn.com
1 hbopenbid.pubmatic.com go.ezodn.com
1 prebid.media.net go.ezodn.com
1 img.askleomedia.com askleo.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com askleo.com
1 go.ezodn.com askleo.com
555 107
Subject Issuer Validity Valid
askleo.com
R3		 2021-07-30 -
2021-10-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
askleo.askleomedia.com
R3		 2021-07-12 -
2021-10-10		 3 months crt.sh
ezoic.net
R3		 2021-07-22 -
2021-10-20		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.google.be
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
img.askleomedia.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
my.objectiveplatform.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-23 -
2022-08-23		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.ezoic.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-19 -
2022-05-20		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-26 -
2022-04-14		 a year crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
loopme.me
R3		 2021-07-11 -
2021-10-09		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.onaudience.com
Certyfikat SSL		 2021-05-28 -
2022-05-28		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-08-10 -
2021-10-19		 2 months crt.sh
ads.travelaudience.com
R3		 2021-08-13 -
2021-11-11		 3 months crt.sh

This page contains 51 frames:

Primary Page: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Frame ID: 36E60683B0B10FCF814C407FF40BE8B5
Requests: 206 HTTP requests in this frame

Frame: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 42E55D2B401880F7639272C472A16F6D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 89CC0E4DFD19871A364E7E5CD2E36181
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C791EB95D79065088F7DD5E86DECB1F
Requests: 1 HTTP requests in this frame

Frame: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E9CFB6EAD89BA0843380EAA36832687B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNW4dXbxMvcTBI8fZXBe4LcaDEkDFS6dWUIOzlhaEjLkomZr8C8MJnK2I8mqbD4gB8OAShncWhBg7x-BpjNzDututoueADdCj1nXwEiAIKtKSDA3HyWyvYsPc5Alvah-Eh0_v_b17QtwGlqZBSNlTAA38tLbE2sxS0mYcEBVAaWqUoiWWI33KPBYG5361LjWH_99gCntCYwsEIiFTBVqKCLg9d40BA
Frame ID: 127C407F5C5B95DF9F272475FC204950
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3A61E64E4E97CE1D469A0231782E7C67
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
Frame ID: 4B882407F4F963345BF71EF3DB67B901
Requests: 33 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Frame ID: 307129CC207A0D41C7257C5EC8BC437B
Requests: 21 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUSER_TOKEN%7D
Frame ID: 2B57E5C232783B9F1DE213C5ECD43199
Requests: 2 HTTP requests in this frame

Frame: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4982A65E04C9AAEF56C140F5DD5BF154
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNUO2CQvmdbbsN2VksF8nN6HHcbyQ3ArnsOJTPc0cIDNQVjxC8nUR7-WddgsrsWQ0nx7UHQbiri-0TbPr7iSG6k9V6XRo34SbARXUfjLvbStVRD2dzP3xWexahjWXy1b6rGU6yUSqa6A9HZeTdWCU-kLiMDMdBhNuy7y68NPb2xUal9j0BYsmpoY_A3IcYxm_k1a-kWqT7DXKd--snq6tAh1M9YzWg
Frame ID: 87D673E71F86356507C9ECD8C59D5937
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 452749862CB7616885E42E84E3DFFA39
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 82025A446B018E787451F5CB1F37334C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
Frame ID: 4B6FB5D98C12E9292B05C0D8E63E9EEB
Requests: 36 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 64D6B3C7AD99203140FCA58DF9A7CAE0
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1629735719164
Frame ID: E6E0E70A71FC7F9A0C921B50237B6191
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2030%2C251%2C175%2C132%2C233%2C178%2C2028%2C157%2C3017%2C2027%2C236%2C214%2C159%2C2025%2C238%2C97%2C99%2C55%2C77%2C56%2C3010%2C182%2C262%2C141%2C222%2C3007%2C223%2C201%2C4%2C203%2C148%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 0924F3F112A96A04958AA5ADFAAA273F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Frame ID: 05B27B2574980D9781CF1C713D21A3EC
Requests: 23 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A97018036D94DEA9578F6F9A0AB131C7
Requests: 1 HTTP requests in this frame

Frame: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9916608F6A2FE82E033E74BF05C255AD
Requests: 17 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 26EB01D308D53EA25EB116CFC50C0746
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQxbjnARjmscGjATAB&v=APEucNV-Aq-d82poHZe6ndlrOwf4iop8vFYT44HIXhjH4kkm5ITuR37v_j_IBKnX2fk2XEhiNSFrDRt478s1U5TI7wKTCNeUt9CJwM7-COI0GOADrPaWb_pMKKm2OxgP4M3C6wefTcsbsqSqYcFic4LHtejCOB92YQQGer_DmNUK11cWtKqC8AcxpI2KCkMwdF36AlLOPb1T6qCftVtsA-hPLc-T0w7F0A
Frame ID: DE8BB746779B47EE281CEA8E383B8A18
Requests: 5 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61
Frame ID: 384FA873BB3FA31714D28B2390392624
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=70520607689726777
Frame ID: 20AE170F711DA744696FBA9A35F160E1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8A4CCD7BE41C9D895D8FCFCB950F2D3E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6999661627142699150
Frame ID: 1398BB82101C0894F6B348E95906B9E7
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 3BC2CAE49B60BCDFBC731EFAD94DF8A3
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Frame ID: 517160DBB4A1BF51EB80AEE682CD4430
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-eca51a94-bb51-45b4-8601-0f89066720b4-003
Frame ID: 11CAD3E269C34409BC801E20571B6E99
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=maZd4vDLp0sSIhS0jJpEXXFW
Frame ID: 74CEEAD9130A4ABD7BBAE61016222E27
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 5EE41A5BF4B1D998291CDD8807CEECBD
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 7F2622A7287478C00D417723BFEA25FF
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: CE47EF97F7CF39F512A1B063FB65AE2E
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a1cf4c46-b564-47b4-a1b6-e19c48538723-tuct81d50aa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 64EA6C21035AD6295C759553105775E4
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: DFCF5E09E0C05FE5432CD54A8607E14B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2EDA2F4ECD5448AAC51B9A21DAC561FB
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 5395A260386D176227C377841B8D832A
Requests: 1 HTTP requests in this frame

Frame: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 66B090A3528A54E577F4F387A0DC9427
Requests: 15 HTTP requests in this frame

Frame: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 20BB34D99BC1F3C403265AE7674A9CB1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoYl4O8sQEwAQ&v=APEucNXGGUk_777IztCfaJ3hdjVDVValmoBbt4Uk8iyfHcKJ0JWRmex-MOsyNROJHQjMWji9eoDMcCfnnDpH_jUSZ6hzEJpfSwytTxMO_E7KSoYSUfG34Ics5iKJJRWYvEqMv46yv4kd05YwMtjQx5LEH5v-_3NYPcv8SGrhOc-ckC0r2lVVxYEgyMTU7mBowYZ0iKbmOlyUn15B51xreJXoncfnJUapRA
Frame ID: 57437C4DDA5EA574B9164CC7427C9711
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSAfhC3w8UCGMXH_qkBMAE&v=APEucNWIUC3m6iQXZL_g-t7K5rxbXv36oZBYST2jWZG_FTb45G7w2mEyDR5KSTvHoBRtFAE7cDDbCuuiH5pEe3fDnH7HE1fH3xbPBMcWqgulsXZzVWTPympoaxZ5GcTKivLftd8CV8l29MKgv6cdKWYQGpfz7-QeMHolbxUMy4V6YUh59_WbtHvSo-EbxgZbTgKmXUsH61CNmLs3PX0vbvAqdxEq6xt9hw
Frame ID: B380BAA7F690833F617C5C409C66C86B
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Frame ID: 7CAB762B87DB8CA9378F85FFC0EF77A6
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A051F5E3AAB241D35587826E49F9A3EE
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
Frame ID: 685AA6FC5DC2181B61CD99480278DB79
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7C2BE4C1457F47B19E28BDF937D5F126
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3E2714220411B0CB2476BD948D99C66C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0055257426AF19A7A7562B8D42701E49
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Frame ID: 88E4BBBCCE1787C81DFAC15E3E00D25A
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Frame ID: 168117938E543D96BE4FC14B519C327C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Frame ID: 08169B5F0AEE4CECB26E7BF92CB94D42
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Will Using an On-Screen Keyboard Stop Keyloggers? - Ask Leo!

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

555
Requests

100 %
HTTPS

29 %
IPv6

73
Domains

107
Subdomains

77
IPs

10
Countries

6338 kB
Transfer

12455 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0qYRNknL2UQmrMjeZtnz4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0qYRNknL2UQmrMjeZtnz4&google_cver=1&C=1
Request Chain 113
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSPLJQfmemqNqkH1mKvivAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC9QXzG5UK3Bv3hYNIeH0qk&google_cver=1
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIMe4Nz8fB5NRBkTgjH_srg&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIMe4Nz8fB5NRBkTgjH_srg%26google_cver%3D1
Request Chain 115
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1MDAzNDc2NzI1MTQ0MDQ3Mw%3D%3D
Request Chain 175
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Faskleo.com%2F&domain=askleo.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=qCK_rnxadmJGdC9lc2U2UlRUZGFtYnE2UDZSaUxkRUVXVmphY3dpYmNiWHRDS20rZUtvaGlIYVhOWDcxMFNiTXQ0UHdxNERIdC91NlF4M3dKem1VbG9xaXNBcDhhSXRKL1B4QTAzQmNVVlNGSkJkekhVK25nZUw5ckF2ZGRuT0F1czZCdnRqbGFzaUpLZ3B0bytzbTV5WGNPcXlPclFPVFFKV1VCZ0JEWFk1ekcvQ1N5MUw1M1ZBMHBpOWJmUHdaMzVINmJWUVdKd3hwUDllaWF4a0FWWldwdG4zb1dtVldvTVRjSHNESFg3d21ORUxBPXw&cppv=2
Request Chain 241
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 261
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKaDdT8dkJ1I_Lk9l7xBMzc&google_cver=1
Request Chain 262
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSPLJzj1UnwtokG42wHQjQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKaDdT8dkJ1I_Lk9l7xBMzc&google_cver=1
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOUno-r1X040W6QLrC90Umw&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOUno-r1X040W6QLrC90Umw%26google_cver%3D1
Request Chain 264
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM5ODI1MjQ1Njk4MzkzOTAwMQ%3D%3D
Request Chain 272
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEItbEdPdBztkR01gzLAAuhg&google_cver=1&google_push=AYg5qPL0P0W2ddp9wKRgtCd9wChgJR61SqrDA72fkNsp48IsDEc1PETL0SKlXn2td6oypj0kSTIhPuZFMEPoC56Uih57dSmrJOk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL0P0W2ddp9wKRgtCd9wChgJR61SqrDA72fkNsp48IsDEc1PETL0SKlXn2td6oypj0kSTIhPuZFMEPoC56Uih57dSmrJOk
Request Chain 273
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE7OenRKj-_tP1Grb47sIpE&google_cver=1&google_push=AYg5qPK-KvbEQfOmq6_PqjqOszwDZq_kQwew8rSaPSQVdKDiSV34F5j8q1I90e-syebfy3EJryNkzXoz6H4OQbtd6OIozUMIRxY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK-KvbEQfOmq6_PqjqOszwDZq_kQwew8rSaPSQVdKDiSV34F5j8q1I90e-syebfy3EJryNkzXoz6H4OQbtd6OIozUMIRxY&google_hm=OTE5MDU2Mzc4MDgxOTgyMDQ3OA%3D%3D
Request Chain 274
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEB-rpovGb2FIY0ZjexqW-4I&google_cver=1&google_push=AYg5qPJu5iS-bSx0Iz8IYrXjqTyKqREkgvQxOo_6FNyq9L1mC9I38w4Xr_bBuUXa1_n2lcaJoBblhm6uDGIi4k9zfSoeGJ-NKo0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=CwQaXudlRwZqBwLSCg993lJmE4g&google_push=AYg5qPJu5iS-bSx0Iz8IYrXjqTyKqREkgvQxOo_6FNyq9L1mC9I38w4Xr_bBuUXa1_n2lcaJoBblhm6uDGIi4k9zfSoeGJ-NKo0
Request Chain 275
  • https://cs.media.net/cksync?type=g&google_gid=CAESEIL1a4xFv5CJlKurzwGodY0&google_cver=1&google_push=AYg5qPJVsmoQKMQvpTZP1stAIg8D3-9QmN5oVDiPGDDvZtCZHHepM5G5Msu3hvuIeLViq_VXdKBtP6egLtFsakGtZgidojRvN98 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjcyNzM3MzE5MjEzODQwNTAwMFYxMA%3d%3d&mn_hm=MjcyNzM3MzE5MjEzODQwNTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJVsmoQKMQvpTZP1stAIg8D3-9QmN5oVDiPGDDvZtCZHHepM5G5Msu3hvuIeLViq_VXdKBtP6egLtFsakGtZgidojRvN98&gdpr=&gdpr_consent=
Request Chain 276
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEGzvqMTiUc7H4msKMliJzaU&google_cver=1&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM&google_tc=
Request Chain 278
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGzlpwHNxsAB4vVotDttBCk&google_cver=1&google_push=AYg5qPIkdt27Gdo9SxunCOStS9iN4iGlOw1VtxQk9IEoSHDV48Mm_u3AjkeZfT4IanXLq9M3YbvpNdjMtn0g_wO1v9cF1ANAsOXt HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGzlpwHNxsAB4vVotDttBCk&google_cver=1&google_push=AYg5qPIkdt27Gdo9SxunCOStS9iN4iGlOw1VtxQk9IEoSHDV48Mm_u3AjkeZfT4IanXLq9M3YbvpNdjMtn0g_wO1v9cF1ANAsOXt&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yQ1BXOFg1RTJ1RkRyNXNZYzlidlBnVHhzMVVfTlR5WH5B&google_push=AYg5qPIkdt27Gdo9SxunCOStS9iN4iGlOw1VtxQk9IEoSHDV48Mm_u3AjkeZfT4IanXLq9M3YbvpNdjMtn0g_wO1v9cF1ANAsOXt
Request Chain 354
  • https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 362
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61
Request Chain 363
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=70520607689726777
Request Chain 365
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6999661627142699150
Request Chain 366
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZXBrN0NSNVlBQUJ3RzJIdnBYdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 368
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2595441748 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0101956b-f6a7-40ac-bb70-3dcdc9b2d605 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-eca51a94-bb51-45b4-8601-0f89066720b4-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-eca51a94-bb51-45b4-8601-0f89066720b4-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-eca51a94-bb51-45b4-8601-0f89066720b4-003
Request Chain 369
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=maZd4vDLp0sSIhS0jJpEXXFW
Request Chain 372
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 373
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a1cf4c46-b564-47b4-a1b6-e19c48538723-tuct81d50aa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=suFbauJySwOT88z1Wtc6YQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 376
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6d256123-cb2a-4b00-83c7-b3f406e81358
Request Chain 377
  • https://pixel.onaudience.com/?partner=214&mapped=B2E15B6A-E272-4B03-93F3-CCF55AD73A61 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=492c03657dcafb1c10556f9d0adc53f5
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjJFMTVCNkEtRTI3Mi00QjAzLTkzRjMtQ0NGNTVBRDczQTYx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 379
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWxnoPC54AitRT1Xe9952E&google_cver=1
Request Chain 381
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1746367930742412619
Request Chain 382
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:76ea6123-cb2a-4800-a6cf-9334228b653a&gdpr=0&gdpr_consent=
Request Chain 383
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0101956b-f6a7-40ac-bb70-3dcdc9b2d605
Request Chain 384
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2999335290144883454&gdpr=0&gdpr_consent=
Request Chain 385
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61&redir=true&gdpr=0&gdpr_consent=&verify=true
Request Chain 387
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Xk16ywseeplFGXiZXEVlmw1FKp1FGHnOWB4PJZCc
Request Chain 388
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=673d857a-805c-4f9c-971e-7db56a45334c HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=673d857a-805c-4f9c-971e-7db56a45334c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a8fe9540-e6c3-4996-a785-5f13baef83bc&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=673d857a-805c-4f9c-971e-7db56a45334c&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 389
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YSPLKwAEB7_ViAA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YSPLKwAEB7_ViAA4&gdpr=0&gdpr_consent=&_test=YSPLKwAEB7_ViAA4
Request Chain 390
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4011348884065977945&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 392
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:132aa32b-b9a4-4dc5-a4c4-7f2d75d92b28&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 393
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 394
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1260761893480028416
Request Chain 395
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_25ce9fb6-f991-44d4-ab5d-bd7077e00501
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBN2k6Nqh34zh6JBdJaz-Us&google_cver=1
Request Chain 397
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSPLKsP9bhXaNvrTn0FPQAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBN2k6Nqh34zh6JBdJaz-Us&google_cver=1
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENd72-0HH9vTB9x_OtaoSGQ&google_cver=1
Request Chain 399
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk5OTMzNTI5MDE0NDg4MzQ1NA%3D%3D
Request Chain 407
  • https://fw.adsafeprotected.com/rfw/bgd/564357/54904813/xbbe/creative/adj?p=APEucNWCLq93jJridOGtuvINwi1SYqVW5wYW94wMkk13A9Yi9NIpMb0&d=CnkAoCZ_4FTw9hpVrOvuqyEjgAXSlc7Nfe5KCO27Pz53jCQKG62lb5yS80wLB6cogA09Lzdb2mDkOf7uH9lk0vTsII7LKZRGya1QkdLFOg0thbXVUjbxAYHxciEwjgH-IR25KhITiojzsZduHKQGOleIPAQHOkvCgNXNEqkTAKAmf-CsqwUUlTDaEIsZia5_iczUGjUkJiwOQ1_1ipubX_EAlm1Od6MVcFq3RW3z6ke9eNV0Nt3fPoSaiid3ug4X3Rw8QiFNV-linMwnflpoBrWH-Q_nEXp-JoUrjZqiojJT-GoS5GONhFGUhhneBErfzofmc5WJYS4oTEi8Km6Z__j0jCPOgfUq0BeqmufiK3tRrmxZBbEz5ndDexTttZz7R0uHBXeRQaikng46B9yPIZf70EgNe9L4DG4Lnkt8Jm-7FZTjr5R9-FHPYNxx8NxEzGrLkxd8sKDojRXhlhWRItd0PmDjn6YvDTQnlmXsMu-SWDzIJQ_an1t2a_2qqJ0qFvhd_FNK-nrdkuStqkkST2p1QIbzMItSg3dObzyeYVMOdFoDej2iy3Wj8WnxL3yeQGDd1PtoHljatTXklhcrKQty0kaLoBLBHvHH_JnV-2tZj3Kd17bbyPKl-3QfsRi9c7LxBkibri8Pkn3sard_oGhf4hJT5CZSiRSSGZzxbN9yUJbV6XFrJCB45w5goAg52pqMtB3v1vf4tNBOk-KNoPGlXBUgUR2ta4d4zddpi_pzuoNJzMWi5SirW5mMwgrJZOJNKdPxN37rt4Eqm9_DwqIBgA_mVm7aVt0BjSK7ltvDFuaIGYfiF52GoFZCJ9dCClbabmMLzGQGCDpM11dR5YlNsw_hy4iy1K5J8lHzWzO26AwysSh7_OtCuwubnKYCitVwveoze3-ny2g_IBaFja1xK57p4syxuTUlTsWmBlgmtb4of2d1aQeN8XQEBeobDgmSM_v3BbCabTaWgToZFlJHGrC8cr0r7fpEsXwEoA-1gixAExjgphJCNSJiOxhXo5wEqwCa7QhedrrlKGE23lszbiywlnnWDbUur-_aF7wsy12aWGoXnROuGoIzOfArgTSPz8yyhU4JmHHCY0s9pGn5RzkGXT_T6w3r43LkPKYgjmXEZv9hjIZN0mWDsO1nJz-vWvAD5TuvIr9zGOEcdB1XajE7Ks4p7WAMhN9nVc8Nt3LE0TReMzAlKuUZ5ibJc_1f6V_M-Dko5glTgjXnthX5RdTzXQnxn4nEObxYUfTfmlquW2G7fMJJOFWU_soigV1V_Hi8hgp6N6pQvsy_IXvT15nFpN6b_9TdhezekgucFkdT5xGfMIoGgvWrBIaI3Y1yw7vHjUiZNK3PF9zZAkX9-qiCCEO5QinlzSw5xN2g8tuffch7qZ9k6pt7DBYMx1-ltLs-QEU2sjgdMnZM2lveOA_c5134DglegLjA-HlNdfMEnPIYlGoz4Dq3cCEGsRTlIjyICcy6DzZ9vG97LXtcsaJjzSmMp0x0UKsvI7-f5TNx0LtSwre9Virau3gBUeh2lMCjKvdLBl9ekAUEAY1OiD3XlZsMyXRGSQAq_0_ry0-4FCN6hH6i1i-N1NmA3RFIDP0fFEqPJEvpW-tMKTPWEalyBZmMwnPNnWfrLVeyJWZeS0ah5Luof0uis5EEIEAfNvoE3YwLQ2amnkrdcnurRwIyS8j6Pd1N67AnQolFlEJIBd4SjEASuudcC_WRfRdtoJy31MftIzNSvX6mMKhffa0WYAuhzLcJupazFRdK8y_GNnHVc809_M65W6MDlYMqg6RD9JPZM9Zi_gFwd2BAA0vaPoC4ykGqgV-JU6UX-SQjZWxdGJmvOzgodbi0A8PFQjGkIqH3Aoj4NVO4VinmFIMuMszACPRxtnDOPRT_ZFfyjsnyU2ehLx_A-ub_NvAJIyAPSh6BYiI0Q-RCs2FPoK1AdcPQUIMbNCFQ221Cu0t0g1h-M4sM7LLOXrq3msT3kMDoaFuZiDH1H5AO8-1OEa5uT75SAouJo5P8p1WyBrZSzIegTRVBWjw1JY1sxink5zgEvm0TB1iBDU-a6ALLTxUb9vu7bQUW7M3_jiqMzSeW9YTp6oksrPCyPY0AWs3ITS7AmwNHDpVtuQVZiP3u9pZHE3Y_LoYpUnONjWVJiNwuYhJvPzibUil960pN4Ga07Z579chaOEntgvev6gdVqADS9EdqVLk_ZENT8EpfXEam5YfPnmEF7SqhVKXecpLHiXD3-JPKXQMo-DYF598qutj9_urnFQ_nQfK3vHPKYJBxYqaXYpNDh7h9odn63aIrDys8WrYeA99aY4F0ti7GiwCZ5gid_-iJF6Oy9qF7DmdajXJTEPbQWHoMaUg9zQPrQwMd7IxH7ZtDU6mOS4rqyFAuv_0btAK2-ngnTYsWPaaz2JmxOrF1rhTLVJEIn-6tuOFTbApWpe_tQiGgj1YwmBCInKScxCPk2Fc_GZe15EQD_hJxOlmppzOLDyCLzLQOkUn14jwsvEXb6k1eikwH8WN6j8THGBgWsImJ3kn-5WEn8s6g1V4WVv_WoF7_LmCh551kK7D38yQ5zqNoJcV2iqI4mLKtbPYmXNnpB-C46K-rf2j5Gxv0WgzZqvOjKnrAxgNwSFkiIMU6VUUbo9CD9dP4Dc6_BYD4JSwWtmCKNiN9BUeJ6pzEgcGlye7-wduSEw9Re35bQyj1SGGDSf5U4l_AC4qCl634R1OmrzQfHczohdRbpSWKL1yYpsqINZVgfU4NuaJzGi1wtHmY9UntaL9Ahsq2tBh-RRB-lwYtOdp0NI-XTJsKPAljHNb423rFUjOUyTE5l9VumURlfIGxVNXDJ3ybrfnnu4l3v9JGD6j3phP5_ywjcWOr9kxGnLuIkvB0mhOPtVvTL5Puqr4WNO_GN-5Dqi9UBUplu48pmgNFaPBwdLDBeRc1LjCSJBJfrH-VGhLBFcmS63erQrXpyGMr8RbRVVmiBpSA9VaiAS4tczZzpL1L0dW5IWeGP1U1fjMZz8ni1eeG9mRUZrVPmfo7S4xxX2_RNyTGGtt7i6jHuj0sA2Hcc9s8kE7DM0Kcu_zeCtCQfYHA_YGSeGrU40QzIawp1zx1qzY245vzknr0dGRmgzl46YXwsvIVqYchQNb9snv9NjABZOpE_LNZXOByQQrd2CRfmHELK6nDp5V2LPJf4Sx8WYR8RY-1jVDe2FSiqYt27L3utRIwuzqLC4AXlEBNBlHZZSsgds-ExzeioZzb4mglm0SZcHey4sKvXBLWtL-EqUyJ7BrdKKn0Fe1BVDzgZ1i45yRbnS303gsB-5B2Lpp-iVjkNoVWIL8e8AnfUC4cmGav0nWSqAAUotnsDhjUmcZmiBAoO7kKBSLw20MMgo_FXgwj11tPUTEhZQldHjt-RCPqk_2D4H1TOBKyVx_u5HRNFvY5fLvEQbOsLT3rA02pXaZGayYTUJzgR9jvmBoZCAASFeRorY-KNMlzO14xAl2LB_XlLTSTXmAB&adsafe_url=https%3A%2F%2Faskleo.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bd1176b3-2550-3690-9cf4-7babc2d4115f,c:m8tkqW,sl:na,em:true,fr:false,mn:app04ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:sGVD0ry+11%7C12%7C131%7C132%7C133%7C14%7C15%7C161%7C162%7C163%7C164%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1a6%7C1a7%7C1a8%7C1a9%7C1aa%7C1ab%7C1ac%7C1ad%7C1b1%7C1c*.564357-54904813%7C1c1%7C1c21,idMap:1c*,rp:s,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:107,oid:3fe0da62-042e-11ec-a64f-061b2abdf756,v:19.8.234,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWCLq93jJridOGtuvINwi1SYqVW5wYW94wMkk13A9Yi9NIpMb0&d=CnkAoCZ_4FTw9hpVrOvuqyEjgAXSlc7Nfe5KCO27Pz53jCQKG62lb5yS80wLB6cogA09Lzdb2mDkOf7uH9lk0vTsII7LKZRGya1QkdLFOg0thbXVUjbxAYHxciEwjgH-IR25KhITiojzsZduHKQGOleIPAQHOkvCgNXNEqkTAKAmf-CsqwUUlTDaEIsZia5_iczUGjUkJiwOQ1_1ipubX_EAlm1Od6MVcFq3RW3z6ke9eNV0Nt3fPoSaiid3ug4X3Rw8QiFNV-linMwnflpoBrWH-Q_nEXp-JoUrjZqiojJT-GoS5GONhFGUhhneBErfzofmc5WJYS4oTEi8Km6Z__j0jCPOgfUq0BeqmufiK3tRrmxZBbEz5ndDexTttZz7R0uHBXeRQaikng46B9yPIZf70EgNe9L4DG4Lnkt8Jm-7FZTjr5R9-FHPYNxx8NxEzGrLkxd8sKDojRXhlhWRItd0PmDjn6YvDTQnlmXsMu-SWDzIJQ_an1t2a_2qqJ0qFvhd_FNK-nrdkuStqkkST2p1QIbzMItSg3dObzyeYVMOdFoDej2iy3Wj8WnxL3yeQGDd1PtoHljatTXklhcrKQty0kaLoBLBHvHH_JnV-2tZj3Kd17bbyPKl-3QfsRi9c7LxBkibri8Pkn3sard_oGhf4hJT5CZSiRSSGZzxbN9yUJbV6XFrJCB45w5goAg52pqMtB3v1vf4tNBOk-KNoPGlXBUgUR2ta4d4zddpi_pzuoNJzMWi5SirW5mMwgrJZOJNKdPxN37rt4Eqm9_DwqIBgA_mVm7aVt0BjSK7ltvDFuaIGYfiF52GoFZCJ9dCClbabmMLzGQGCDpM11dR5YlNsw_hy4iy1K5J8lHzWzO26AwysSh7_OtCuwubnKYCitVwveoze3-ny2g_IBaFja1xK57p4syxuTUlTsWmBlgmtb4of2d1aQeN8XQEBeobDgmSM_v3BbCabTaWgToZFlJHGrC8cr0r7fpEsXwEoA-1gixAExjgphJCNSJiOxhXo5wEqwCa7QhedrrlKGE23lszbiywlnnWDbUur-_aF7wsy12aWGoXnROuGoIzOfArgTSPz8yyhU4JmHHCY0s9pGn5RzkGXT_T6w3r43LkPKYgjmXEZv9hjIZN0mWDsO1nJz-vWvAD5TuvIr9zGOEcdB1XajE7Ks4p7WAMhN9nVc8Nt3LE0TReMzAlKuUZ5ibJc_1f6V_M-Dko5glTgjXnthX5RdTzXQnxn4nEObxYUfTfmlquW2G7fMJJOFWU_soigV1V_Hi8hgp6N6pQvsy_IXvT15nFpN6b_9TdhezekgucFkdT5xGfMIoGgvWrBIaI3Y1yw7vHjUiZNK3PF9zZAkX9-qiCCEO5QinlzSw5xN2g8tuffch7qZ9k6pt7DBYMx1-ltLs-QEU2sjgdMnZM2lveOA_c5134DglegLjA-HlNdfMEnPIYlGoz4Dq3cCEGsRTlIjyICcy6DzZ9vG97LXtcsaJjzSmMp0x0UKsvI7-f5TNx0LtSwre9Virau3gBUeh2lMCjKvdLBl9ekAUEAY1OiD3XlZsMyXRGSQAq_0_ry0-4FCN6hH6i1i-N1NmA3RFIDP0fFEqPJEvpW-tMKTPWEalyBZmMwnPNnWfrLVeyJWZeS0ah5Luof0uis5EEIEAfNvoE3YwLQ2amnkrdcnurRwIyS8j6Pd1N67AnQolFlEJIBd4SjEASuudcC_WRfRdtoJy31MftIzNSvX6mMKhffa0WYAuhzLcJupazFRdK8y_GNnHVc809_M65W6MDlYMqg6RD9JPZM9Zi_gFwd2BAA0vaPoC4ykGqgV-JU6UX-SQjZWxdGJmvOzgodbi0A8PFQjGkIqH3Aoj4NVO4VinmFIMuMszACPRxtnDOPRT_ZFfyjsnyU2ehLx_A-ub_NvAJIyAPSh6BYiI0Q-RCs2FPoK1AdcPQUIMbNCFQ221Cu0t0g1h-M4sM7LLOXrq3msT3kMDoaFuZiDH1H5AO8-1OEa5uT75SAouJo5P8p1WyBrZSzIegTRVBWjw1JY1sxink5zgEvm0TB1iBDU-a6ALLTxUb9vu7bQUW7M3_jiqMzSeW9YTp6oksrPCyPY0AWs3ITS7AmwNHDpVtuQVZiP3u9pZHE3Y_LoYpUnONjWVJiNwuYhJvPzibUil960pN4Ga07Z579chaOEntgvev6gdVqADS9EdqVLk_ZENT8EpfXEam5YfPnmEF7SqhVKXecpLHiXD3-JPKXQMo-DYF598qutj9_urnFQ_nQfK3vHPKYJBxYqaXYpNDh7h9odn63aIrDys8WrYeA99aY4F0ti7GiwCZ5gid_-iJF6Oy9qF7DmdajXJTEPbQWHoMaUg9zQPrQwMd7IxH7ZtDU6mOS4rqyFAuv_0btAK2-ngnTYsWPaaz2JmxOrF1rhTLVJEIn-6tuOFTbApWpe_tQiGgj1YwmBCInKScxCPk2Fc_GZe15EQD_hJxOlmppzOLDyCLzLQOkUn14jwsvEXb6k1eikwH8WN6j8THGBgWsImJ3kn-5WEn8s6g1V4WVv_WoF7_LmCh551kK7D38yQ5zqNoJcV2iqI4mLKtbPYmXNnpB-C46K-rf2j5Gxv0WgzZqvOjKnrAxgNwSFkiIMU6VUUbo9CD9dP4Dc6_BYD4JSwWtmCKNiN9BUeJ6pzEgcGlye7-wduSEw9Re35bQyj1SGGDSf5U4l_AC4qCl634R1OmrzQfHczohdRbpSWKL1yYpsqINZVgfU4NuaJzGi1wtHmY9UntaL9Ahsq2tBh-RRB-lwYtOdp0NI-XTJsKPAljHNb423rFUjOUyTE5l9VumURlfIGxVNXDJ3ybrfnnu4l3v9JGD6j3phP5_ywjcWOr9kxGnLuIkvB0mhOPtVvTL5Puqr4WNO_GN-5Dqi9UBUplu48pmgNFaPBwdLDBeRc1LjCSJBJfrH-VGhLBFcmS63erQrXpyGMr8RbRVVmiBpSA9VaiAS4tczZzpL1L0dW5IWeGP1U1fjMZz8ni1eeG9mRUZrVPmfo7S4xxX2_RNyTGGtt7i6jHuj0sA2Hcc9s8kE7DM0Kcu_zeCtCQfYHA_YGSeGrU40QzIawp1zx1qzY245vzknr0dGRmgzl46YXwsvIVqYchQNb9snv9NjABZOpE_LNZXOByQQrd2CRfmHELK6nDp5V2LPJf4Sx8WYR8RY-1jVDe2FSiqYt27L3utRIwuzqLC4AXlEBNBlHZZSsgds-ExzeioZzb4mglm0SZcHey4sKvXBLWtL-EqUyJ7BrdKKn0Fe1BVDzgZ1i45yRbnS303gsB-5B2Lpp-iVjkNoVWIL8e8AnfUC4cmGav0nWSqAAUotnsDhjUmcZmiBAoO7kKBSLw20MMgo_FXgwj11tPUTEhZQldHjt-RCPqk_2D4H1TOBKyVx_u5HRNFvY5fLvEQbOsLT3rA02pXaZGayYTUJzgR9jvmBoZCAASFeRorY-KNMlzO14xAl2LB_XlLTSTXmAB
Request Chain 420
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPLKvk92JEDIiCukCrexwAABFMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPLKvk92JEDIiCukCrexwAABFMAAAAB&dcc=t
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSPLKvk92JEDIiCukCrexwAABFMAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMHy7mGc9GX8GMM6FR2eHjs&google_cver=1
Request Chain 425
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4d657920-e713-416c-8be5-8b2bb45081ac HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4d657920-e713-416c-8be5-8b2bb45081ac&C=1
Request Chain 426
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 427
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 442
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEED8ZrP2GhQvaBxZe5yaWIw&google_cver=1
Request Chain 443
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSPLKvk92JEDIiCukCrexwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEED8ZrP2GhQvaBxZe5yaWIw&google_cver=1
Request Chain 444
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEYRHN0M20BUdKSE5blrStE&google_cver=1
Request Chain 445
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2MDc2MTg5MzQ4MDAyODQxNg%3D%3D
Request Chain 446
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDdCx97WiL1ESmiWlUrDDiQ&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDdCx97WiL1ESmiWlUrDDiQ&google_cver=1
Request Chain 447
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWRlN2I5YTQtMDQxMi0yN2JkLWMxNTEtZDA1MGQ2OWUwZjc3
Request Chain 448
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBTH0jeW0pf9w6OCjk-Rllk&google_cver=1
Request Chain 465
  • https://ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/B20896411.220210114;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=429784044;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?%22BORDER=%220%22HEIGHT=%221%22WIDTH=%221%22ALT=%22Advertisement HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/B20896411.220210114;dc_pre=CMiikNfGx_ICFYUo4AodY20LDw;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=429784044;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?%22BORDER=%220%22HEIGHT=%221%22WIDTH=%221%22ALT=%22Advertisement
Request Chain 494
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEwmPa5UdUjCLF6PeXFNkzM&google_cver=1&google_push=AYg5qPKmsb6AOWU7_KCde0ZNrNvH9Fe2YPn91N-LAvz60Kc4gg6_5gxmiNbhdnaZ89nqJ03yOzX9KizPXpzV7qzBqUN24kdN8OT0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPKmsb6AOWU7_KCde0ZNrNvH9Fe2YPn91N-LAvz60Kc4gg6_5gxmiNbhdnaZ89nqJ03yOzX9KizPXpzV7qzBqUN24kdN8OT0
Request Chain 495
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOVTbSarg7w9NYtte8idS0c&google_cver=1&google_push=AYg5qPIyoZdVSWMtYsMcbluQLrYbY8a5JjOSLuuv9Xxp3wcwykTQ6x_vHKghKDr1ozSC33vvB7E8d1nD55d_8pV9QFRRuL376Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5OTY2MTY0MDAwNjk1NzIwNQ%3D%3D&google_push=AYg5qPIyoZdVSWMtYsMcbluQLrYbY8a5JjOSLuuv9Xxp3wcwykTQ6x_vHKghKDr1ozSC33vvB7E8d1nD55d_8pV9QFRRuL376Q
Request Chain 496
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEKerypSomrOU-_y2bylDNSU&google_cver=1&google_push=AYg5qPJjSC6DtIrxp5F6O0HKef3dVaPwmqf5btB9DmLgDXqhl7ntdBeZuuP0VRMr42QLUn5fmY6rcB2YodayLCBJ165_aIs0hZ1U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPJjSC6DtIrxp5F6O0HKef3dVaPwmqf5btB9DmLgDXqhl7ntdBeZuuP0VRMr42QLUn5fmY6rcB2YodayLCBJ165_aIs0hZ1U
Request Chain 497
  • https://a.c.appier.net/gcm?google_gid=CAESEIfg6FKwrqpNXQ1LkEUD3Pg&google_cver=1&google_push=AYg5qPJ40wVJAZCXNXR0qYixELEYXer7AZco-OfuWA9thW_AvzQVR7seHaby2Sze9QxEcMEWifmOt8bR5tvme7RzH2qVSHZEeobU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=RW5Nd1hyVWNBT3lsNktXN0xNc2pZUQ%3D%3D&google_push=AYg5qPJ40wVJAZCXNXR0qYixELEYXer7AZco-OfuWA9thW_AvzQVR7seHaby2Sze9QxEcMEWifmOt8bR5tvme7RzH2qVSHZEeobU
Request Chain 498
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBGN8-HkCStJqdJAIIin66o&google_cver=1&google_push=AYg5qPJ6_efzjqzNDbEEAivFqkhZpEFhn_B4DwOTsI94tlh5A2--8euW-KsppirkaxFzutJWG9r8CDDBKZiZTUJgneSTGsuEbX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NPVUtLT08tRi1IRllO&google_push=AYg5qPJ6_efzjqzNDbEEAivFqkhZpEFhn_B4DwOTsI94tlh5A2--8euW-KsppirkaxFzutJWG9r8CDDBKZiZTUJgneSTGsuEbX4
Request Chain 499
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJf4HvVvyohi0Tak4ebIGqM&google_cver=1&google_push=AYg5qPKrmxtyL8FYlQweUiO-H36yPrHn9AdfBvXOKlSofWsC5I2T4n9XoKFQiExhMo5cYWWikxJnmr-lzmBa-eqjpu55nDnChEB4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKrmxtyL8FYlQweUiO-H36yPrHn9AdfBvXOKlSofWsC5I2T4n9XoKFQiExhMo5cYWWikxJnmr-lzmBa-eqjpu55nDnChEB4
Request Chain 500
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGJ_RdqmhCOZNDhGF-jDoyo&google_cver=1&google_push=AYg5qPIBtF_JAtcWQlRKKw0an5iNVshm9Dq_pOnAxD1J9qFpZtOsPXIDQKiuuGyvZRcluhzH9FsaPgVRxsKT__aPBVb_irA6hiHB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIBtF_JAtcWQlRKKw0an5iNVshm9Dq_pOnAxD1J9qFpZtOsPXIDQKiuuGyvZRcluhzH9FsaPgVRxsKT__aPBVb_irA6hiHB&google_hm=NjUzNDIzNjc1OTU2MTg4ODMz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIBtF_JAtcWQlRKKw0an5iNVshm9Dq_pOnAxD1J9qFpZtOsPXIDQKiuuGyvZRcluhzH9FsaPgVRxsKT__aPBVb_irA6hiHB&google_hm=NjUzNDIzNjc1OTU2MTg4ODMz&google_tc=
Request Chain 502
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAsN3dXfK7wXnIQ3yAHw9wA&google_cver=1&google_push=AYg5qPLtoO3hWqsKWtchfeTUpwdwjKOyQwwSMXAZZYaLE2BBLW-1v2gjcUVNrb28nK7nTcPqNKH6TVFnfTwj_qe79zqJbQPadYwy HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAsN3dXfK7wXnIQ3yAHw9wA&google_cver=1&google_push=AYg5qPLtoO3hWqsKWtchfeTUpwdwjKOyQwwSMXAZZYaLE2BBLW-1v2gjcUVNrb28nK7nTcPqNKH6TVFnfTwj_qe79zqJbQPadYwy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZHRpejJLdFMxTWljSTQ1&google_gid=CAESEAsN3dXfK7wXnIQ3yAHw9wA&google_cver=1&google_push=AYg5qPLtoO3hWqsKWtchfeTUpwdwjKOyQwwSMXAZZYaLE2BBLW-1v2gjcUVNrb28nK7nTcPqNKH6TVFnfTwj_qe79zqJbQPadYwy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZHRpejJLdFMxTWljSTQ1&google_gid=CAESEAsN3dXfK7wXnIQ3yAHw9wA&google_cver=1&google_push=AYg5qPLtoO3hWqsKWtchfeTUpwdwjKOyQwwSMXAZZYaLE2BBLW-1v2gjcUVNrb28nK7nTcPqNKH6TVFnfTwj_qe79zqJbQPadYwy&google_tc=
Request Chain 503
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENjFIHSXXQ90A1HG6_FWUmQ&google_cver=1&google_push=AYg5qPKbYmNKXoQRWXEHYawdx0s2IQqhWnEJbOkRkUjUuoNcmbrYKy3oUynQFR0Sdzx9qzKpCXkwgfGedKR0oNvLSQzHIOQ-O_k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKbYmNKXoQRWXEHYawdx0s2IQqhWnEJbOkRkUjUuoNcmbrYKy3oUynQFR0Sdzx9qzKpCXkwgfGedKR0oNvLSQzHIOQ-O_k
Request Chain 504
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFiIZn1FKoPF1BNwJIudPuM&google_cver=1&google_push=AYg5qPIKol5Dz_RUla0mnmGgGtI5b6y_cnZrasSt9vmP153JqqaTw0EWaRvRU4-_7cFifuzSA7322bIy0DA4t6wdfS4W5TjVK76m HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVNQTEt3QUVCN19WaUFBNA==&google_gid=CAESEFiIZn1FKoPF1BNwJIudPuM&google_cver=1&google_push=AYg5qPIKol5Dz_RUla0mnmGgGtI5b6y_cnZrasSt9vmP153JqqaTw0EWaRvRU4-_7cFifuzSA7322bIy0DA4t6wdfS4W5TjVK76m
Request Chain 506
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGdt8fdfxNuv5P9M2HgOvXI&google_cver=1&google_push=AYg5qPKcADUya-f1vCKtfHbvMzL3WbRDO2Kr2-2rSiKAcRnubW63PJUQTox6FXPMNoRpk4GINSYOnVJcCe7BZUwobdY0-XvgdWU HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGdt8fdfxNuv5P9M2HgOvXI&google_push=AYg5qPKcADUya-f1vCKtfHbvMzL3WbRDO2Kr2-2rSiKAcRnubW63PJUQTox6FXPMNoRpk4GINSYOnVJcCe7BZUwobdY0-XvgdWU&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKcADUya-f1vCKtfHbvMzL3WbRDO2Kr2-2rSiKAcRnubW63PJUQTox6FXPMNoRpk4GINSYOnVJcCe7BZUwobdY0-XvgdWU&google_hm=bURKb1Zvb2NiNnREYzFUNTZJZm0=
Request Chain 507
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIK2unb4DMZv-THygsSiLbc&google_cver=1&google_push=AYg5qPLt1t0TAyGnjmGo2Esn7MICfLF4RNI-_tpRLZrGOFJLOsmaf8ps3G5w1D2-y-Y68bY3S9pWoYqepqM6IUVdEq1j_Z8RhSdA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uCJ7nelfR4-4BWPjzNqUoQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLt1t0TAyGnjmGo2Esn7MICfLF4RNI-_tpRLZrGOFJLOsmaf8ps3G5w1D2-y-Y68bY3S9pWoYqepqM6IUVdEq1j_Z8RhSdA
Request Chain 508
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEP92h56pQ1lwVD_JkJ2Rp68&google_cver=1&google_push=AYg5qPKSMh_OYoER4EIH6JypIBih2h4eu5AEO5XIkpPziZTiMUZn0yDYRhloqIzKgF1alI6w2rpJJUv7KZlAWu03Uz7SBXAGpyIUwA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKSMh_OYoER4EIH6JypIBih2h4eu5AEO5XIkpPziZTiMUZn0yDYRhloqIzKgF1alI6w2rpJJUv7KZlAWu03Uz7SBXAGpyIUwA&google_hm=MjgyMDU3NTg4ODIwNDA4MjkyMA==
Request Chain 533
  • https://gcdn.2mdn.net/videoplayback/id/c55bf449626797d8/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3759401616/sparams/id,itag,source,ratebypass,mime,acao,ip,ipbits,expire/signature/24EB32D560502F2944BC121F68A2CCA73CD794E5.90B2DB995E925F600D0125134C6E257C83C30E03/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/c55bf449626797d8/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3759401616/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/4313889120B9A30CC14F500783B1C24374A0E1BA.54DCC59214552C876ACB0DAFE8F8F2ADB2E097D5/key/cms1/cms_redirect/yes/mh/xD/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1629735393/mv/m/mvi/1/pl/50/file/file.mp4
Request Chain 556
  • https://tags.bluekai.com/site/82519?limit=0&phint=event%3Dimp&phint=aid%3D%eadv!&phint=cid%3D%ebuy!&phint=crid%3D%ecid!&phint=pid%3D%epid!&phint=segment%3DINMKT-CITY-LYS-DCO&redir=https%3A%2F%2Fads.travelaudience.com%2Ftrg.gif%3Fds%3Ddp%26acc%3DSC%26lvl%3D1%26pl%3Ddubai%26pt%3D16%26rcm%3D724%26pix%3D0%26exid%3D$_BK_UUID%26dp%3Devent_type%3Aimpression HTTP 302
  • https://ads.travelaudience.com/trg.gif?ds=dp&acc=SC&lvl=1&pl=dubai&pt=16&rcm=724&pix=0&exid=4goWJTOS9xef60BC&dp=event_type:impression

555 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/ 		325 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
01aa68e81f70d57c8dc3acba0ec75437cca46ad0e985dec97a03826f0e79435b

Request headers

:method
GET
:authority
askleo.com
:scheme
https
:path
/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cache-control
max-age=0, must-revalidate, no-cache, no-store
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 23 Aug 2021 16:21:52 GMT
display
pub_site_sol
expires
Sun, 22 Aug 2021 16:21:52 GMT
last-modified
Mon, 23 Aug 2021 15:37:30 GMT
pagespeed
off
response
200
server
nginx
set-cookie
ezoadgid_173078=-1; Path=/; Domain=askleo.com; Expires=Mon, 23 Aug 2021 16:51:51 UTC ezoref_173078=; Path=/; Domain=askleo.com; Expires=Mon, 23 Aug 2021 18:21:51 UTC ezoab_173078=mod85; Path=/; Domain=askleo.com; Expires=Mon, 23 Aug 2021 18:21:51 UTC active_template::173078=pub_site.1629735711; Path=/; Domain=askleo.com; Expires=Wed, 25 Aug 2021 16:21:51 UTC ezopvc_173078=1; Path=/; Domain=askleo.com; Expires=Mon, 23 Aug 2021 16:51:52 UTC ezepvv=1265; Path=/; Domain=askleo.com; Expires=Tue, 24 Aug 2021 16:21:52 UTC ezovid_173078=1114168860; Path=/; Domain=askleo.com; Expires=Mon, 23 Aug 2021 16:51:52 UTC lp_173078=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/; Path=/; Domain=askleo.com; Expires=Mon, 23 Aug 2021 16:51:52 UTC ezovuuidtime_173078=1629735712; Path=/; Domain=askleo.com; Expires=Wed, 25 Aug 2021 16:21:52 UTC ezovuuid_173078=663f24fa-fae3-4fd0-5aff-649062f3e3f8; Path=/; Domain=askleo.com; Expires=Mon, 23 Aug 2021 16:51:52 UTC ezCMPCCS=true; Path=/; Domain=askleo.com; Expires=Tue, 23 Aug 2022 16:21:52 GMT
vary
Accept-Encoding Accept-Encoding,Cookie,User-Agent
x-middleton-display
pub_site_sol
x-middleton-response
200
x-sol
pub_site
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
295062a4203e70412532530983a6c4e75758872160ec9a5d869e34b25697a83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"967 / 983 of 1000 / last-modified: 1629717150"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25469
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:21:52 GMT
dall.js
go.ezodn.com/hb/ 		288 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a13c3785019a3df9ec138c9f5cb05d697c0c3dfe089b3ccc18017af4bc5e8537

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Aug 2021 18:30:55 GMT
server
cloudflare
age
1115457
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FVIhCXedD%2BU20GHpjH9rgXT38HuerX6yy8FNzATQUSZ4ABTct4yFggPWY4id64Lr9UYUfcGW33vVZedLoJr3abFiANM%2F%2FR5Ltanp35No4TYZ71%2FoY8XpXQwTmI2c7zqrPZyCp0Fx4C%2BzcU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6835ad2affa64315-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
br8Q4i3dEA8uVNGX09fNwYv6uZoRuUdy
content-encoding
gzip
etag
f8520ea4ebd91256d6b4f461d472242a
age
548
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0WREMH92E13ZB21G75TF
date
Mon, 23 Aug 2021 16:12:44 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Bn-DcfHpLPEwaBWOZT-LmHtVwqf5ppGfJl4A_JlnP-rVFKjatwY24A==
style.min.css
askleo.askleomedia.com/wp-includes/css/dist/block-library/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
9945
response
200
last-modified
Wed, 21 Jul 2021 04:58:05 GMT
server
nginx
etag
"1626843485"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds012.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
wc-blocks-vendors-style.css
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=1629562564
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ae707ec81b142f04b6d5f785a5d4f7e8301bdb62a95288dee1f3e58930d21c7a

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
909
response
200
last-modified
Sat, 21 Aug 2021 16:16:04 GMT
server
nginx
etag
"1629562564"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds232.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
wc-blocks-style.css
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 		178 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=1629562564
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
65d5149458411882e55592136d5d5bfa559466266b18c0164c6307a070180252

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
17701
response
200
last-modified
Sat, 21 Aug 2021 16:16:04 GMT
server
nginx
etag
"1629562564"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds220.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
tooltip.min.css
askleo.askleomedia.com/wp-content/plugins/TooltipProEcommerce/assets/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/TooltipProEcommerce/assets/css/tooltip.min.css?ver=5.8
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8a12cd1ba53519b9b8f531f062e149c5b29ddcf92c45df0c873ca6a21aa086f8

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
2663
response
200
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
etag
"1626185109"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds214.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
dashicons.min.css
askleo.askleomedia.com/wp-content/cache/min/1/wp-includes/css/ 		58 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-includes/css/dashicons.min.css?ver=1629562564
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8276d99808a3a111dcb2dc61c895388c21341d48be9c3f87d905787a49c2b832

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
35138
response
200
last-modified
Sat, 21 Aug 2021 16:16:04 GMT
server
nginx
etag
"1629562564"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds141.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
animate.css
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/TooltipProEcommerce/assets/css/ 		57 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/TooltipProEcommerce/assets/css/animate.css?ver=1629562564
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
edaa305a75e55c4bc4687fc43cc9778cb8c86cff4fae321402ea9494a0a605b4

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
3848
response
200
last-modified
Sat, 21 Aug 2021 16:16:04 GMT
server
nginx
etag
"1629562564"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds136.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
askleo.css
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/askleo-internal/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/askleo-internal/askleo.css?ver=1629562564
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ad1daeb0c017c11c68df7e8c08916788e2dcf248e26df4f032ba6c1e148b481e

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
1878
response
200
last-modified
Sat, 21 Aug 2021 16:16:04 GMT
server
nginx
etag
"1629562564"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds017.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
foobox.min.css
askleo.askleomedia.com/wp-content/plugins/foobox-image-lightbox-premium/pro/css/ 		102 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/foobox-image-lightbox-premium/pro/css/foobox.min.css?ver=2.7.16
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
2620ea80d4b627207ed8ee055d6db3b460e241936dbede10f54cd5bf26653c6b

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
10211
response
200
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
etag
"1626185109"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds010.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
1-popupally-pro-style.css
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/popupally-pro-scripts/ 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/popupally-pro-scripts/1-popupally-pro-style.css?ver=1629562564
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
39d5cdc19374a44077c4246db6f442209b230d42642019e056574a20090403c4

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
1688
response
200
last-modified
Sat, 21 Aug 2021 16:16:04 GMT
server
nginx
etag
"1629562564"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds268.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
woocommerce-layout.css
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=1629562564
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
48052f6267b2e21fb086ad26457c715b3b8b5e8c6fcbcdea42589da06b05e9be

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
2374
response
200
last-modified
Sat, 21 Aug 2021 16:16:04 GMT
server
nginx
etag
"1629562564"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds155.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
woocommerce.css
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/ 		62 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=1629562564
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
c3b9547ad5efb844125a3f9751483384a257a2a3a33d34b461ef62ca61f0845d

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
8481
response
200
last-modified
Sat, 21 Aug 2021 16:16:04 GMT
server
nginx
etag
"1629562564"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds017.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
wc-memberships-frontend.min.css
askleo.askleomedia.com/wp-content/plugins/woocommerce-memberships/assets/css/frontend/ 		4 KB
773 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/woocommerce-memberships/assets/css/frontend/wc-memberships-frontend.min.css?ver=1.21.8
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
cef56cfb50af106eee13a8077d15efd46d114217ffa7446463414fb8b25e028e

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
660
response
200
last-modified
Tue, 29 Jun 2021 16:36:38 GMT
server
nginx
etag
"1624984598"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds013.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
unsemantic-grid.min.css
askleo.askleomedia.com/wp-content/themes/generatepress/assets/css/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/themes/generatepress/assets/css/unsemantic-grid.min.css?ver=3.0.4
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
7ee7784d217b273bd847dcc83ca3451f76f63cc1b619805dbdb297197bb44eb8

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
1652
response
200
last-modified
Wed, 14 Jul 2021 15:11:48 GMT
server
nginx
etag
"1626275508"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds120.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
style.min.css
askleo.askleomedia.com/wp-content/themes/generatepress/assets/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/themes/generatepress/assets/css/style.min.css?ver=3.0.4
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
83d6a90d1dee1d91b0513febd572f8b5c807454c5c1c7baedf3cd5251ac7de07

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
4852
response
200
last-modified
Wed, 14 Jul 2021 15:11:48 GMT
server
nginx
etag
"1626275508"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds288.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
mobile.min.css
askleo.askleomedia.com/wp-content/themes/generatepress/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/themes/generatepress/assets/css/mobile.min.css?ver=3.0.4
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5b29f10d6e7c79c2f7f11b0abe16a4fb45e29673dababd29a0313d72aeaa90b5

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
973
response
200
last-modified
Wed, 14 Jul 2021 15:11:48 GMT
server
nginx
etag
"1626275508"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds128.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
font-icons.min.css
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/ 		3 KB
801 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=1629562564
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
dd4993e5c6015cb663a4ff917d77897ed71deda6eedaed515b41326305b3ed72

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
691
response
200
last-modified
Sat, 21 Aug 2021 16:16:04 GMT
server
nginx
etag
"1629562564"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds203.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
style.css
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/themes/askleo-generatepress/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/themes/askleo-generatepress/style.css?ver=1629562564
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ca365af1bccae26f47327961da261d6851977cd77fdade42589a3c8839cbdb75

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
983
response
200
last-modified
Sat, 21 Aug 2021 16:16:04 GMT
server
nginx
etag
"1629562564"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds230.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
navigation-branding.min.css
askleo.askleomedia.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 		3 KB
687 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding.min.css?ver=2.0.3
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
586
response
200
last-modified
Wed, 21 Jul 2021 17:04:29 GMT
server
nginx
etag
"1626887069"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds140.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
woocommerce.min.css
askleo.askleomedia.com/wp-content/plugins/gp-premium/woocommerce/functions/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce.min.css?ver=2.0.3
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
2087d023c149cf3b8c828e94c7c057c759648209f45447774b40c67f1b288ba1

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
4596
response
200
last-modified
Wed, 21 Jul 2021 17:04:29 GMT
server
nginx
etag
"1626887069"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds284.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
icons.min.css
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/gp-premium/general/icons/ 		575 B
274 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/gp-premium/general/icons/icons.min.css?ver=1629562564
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ed1449a3d34f0c975f912645da2e304003524c91ba5c80e3ab9907cf2768654e

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
173
response
200
last-modified
Sat, 21 Aug 2021 16:16:04 GMT
server
nginx
etag
"1629562564"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds098.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
jquery.min.js
askleo.askleomedia.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
30310
response
200
last-modified
Wed, 21 Jul 2021 04:58:05 GMT
server
nginx
etag
"1626843485"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds011.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
jquery-migrate.min.js
askleo.askleomedia.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
3998
response
200
last-modified
Tue, 29 Jun 2021 16:36:38 GMT
server
nginx
etag
"1624984598"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds123.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
core.min.js
askleo.askleomedia.com/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-ezoic-cdn
Bypass
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
6596
response
200
last-modified
Fri, 23 Apr 2021 18:46:13 GMT
server
nginx/1.16.0
etag
"1619203573"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds253.fr8.c
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, must-revalidate, proxy-revalidate, public
accept-ranges
bytes
cm-related-articles.js
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/TooltipProEcommerce/assets/js/ 		2 KB
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/TooltipProEcommerce/assets/js/cm-related-articles.js?ver=1629562564
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
dbdbacda218432f315ac3e50c11c793d3b095afce52955d97a56ef7bd680bd8e

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
554
response
200
last-modified
Sat, 21 Aug 2021 16:16:04 GMT
server
nginx
etag
"1629562564"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds292.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
modernizr.min.js
askleo.askleomedia.com/wp-content/plugins/TooltipProEcommerce/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/TooltipProEcommerce/assets/js/modernizr.min.js?ver=3.9.14
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1d679474c62830d6a3e51724af7fb034d9151eea7168bf3b02a715a4dfdb3fd5

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
1082
response
200
last-modified
Wed, 02 Jun 2021 21:58:41 GMT
server
nginx/1.16.0
etag
"1622671121"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds213.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
jquery.flip.min.js
askleo.askleomedia.com/wp-content/plugins/TooltipProEcommerce/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/TooltipProEcommerce/assets/js/jquery.flip.min.js?ver=3.9.14
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c460b99f65b6c9db943bdee926064c37d4e1ea4f7f6309c958861e97d22f23d2

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-ezoic-cdn
Hit ds;mm;f5bf78b33216592eb4772139e7a8ae4f;2-173078-2;2d2c069a-d9fb-4e66-5543-ff5b6dba6dbb
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
1662
response
200
last-modified
Mon, 10 May 2021 18:15:33 GMT
server
nginx/1.16.0
etag
"1620670533"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds240.fr8.c
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, must-revalidate, proxy-revalidate, public,max-age=2591999
accept-ranges
bytes
banger.js
askleo.com/porpoiseant/ 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/banger.js?cb=195-2&bv=60&v=51&PageSpeed=off
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fb522ec3242cac33d5bde39303f2eba60d3328ac8606a9979113fd5826856869

Request headers

:path
/porpoiseant/banger.js?cb=195-2&bv=60&v=51&PageSpeed=off
pragma
no-cache
cookie
ezoadgid_173078=-1; ezoref_173078=; ezoab_173078=mod85; active_template::173078=pub_site.1629735711; ezopvc_173078=1; ezepvv=1265; ezovid_173078=1114168860; lp_173078=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/; ezovuuidtime_173078=1629735712; ezovuuid_173078=663f24fa-fae3-4fd0-5aff-649062f3e3f8; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
mediaelement-and-player.min.js
askleo.askleomedia.com/wp-includes/js/mediaelement/ 		154 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-ezoic-cdn
Bypass
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
35851
response
200
last-modified
Fri, 12 Mar 2021 17:56:24 GMT
server
nginx/1.16.0
etag
"1615571784"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds269.fr8.c
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, must-revalidate, proxy-revalidate, public
accept-ranges
bytes
mediaelement-migrate.min.js
askleo.askleomedia.com/wp-includes/js/mediaelement/ 		1 KB
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.8
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
481
response
200
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
etag
"1626185109"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds015.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
tooltip.min.js
askleo.askleomedia.com/wp-content/plugins/TooltipProEcommerce/assets/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/TooltipProEcommerce/assets/js/tooltip.min.js?ver=3.9.14
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
85f1dc7c35f47c67b139453f0221075ccd0848b444a1039fb1d2ba25a59b7e01

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-ezoic-cdn
Hit ds;mm;05797394f4a05f1c713cc9c6abb0f60f;2-173078-2;434c0196-9198-42eb-7639-8449396ca56e
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
5792
response
200
last-modified
Mon, 10 May 2021 18:15:33 GMT
server
nginx/1.16.0
etag
"1620670533"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds011.fr8.c
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, must-revalidate, proxy-revalidate, public,max-age=2591999
accept-ranges
bytes
check-source.min.js
askleo.askleomedia.com/wp-content/plugins/popupally-pro/resource/frontend/ 		540 B
389 B 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/popupally-pro/resource/frontend/check-source.min.js?ver=3.2.2
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ec4be0f885f8bf796aa356fc6e4fca12d0e620b3e160ee3a8b26f6ad2f877d2e

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
288
response
200
last-modified
Wed, 02 Jun 2021 21:58:41 GMT
server
nginx/1.16.0
etag
"1622671121"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds215.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
1-popupally-pro-code.js
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/popupally-pro-scripts/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/popupally-pro-scripts/1-popupally-pro-code.js?ver=1629562564
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
4ee6cb4482225d6c4f47f4db5011d22a38a4248a59063d7b4cde53ad1fea1723

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
964
response
200
last-modified
Sat, 21 Aug 2021 16:16:04 GMT
server
nginx
etag
"1629562564"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds015.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
popup.min.js
askleo.askleomedia.com/wp-content/plugins/popupally-pro/resource/frontend/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/popupally-pro/resource/frontend/popup.min.js?ver=3.2.2
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a3c216cefae59e5da3e9fd500ac9c3e09112a11ec45fd633d4f30ff3fb43f5e0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
5191
response
200
last-modified
Wed, 02 Jun 2021 21:58:41 GMT
server
nginx/1.16.0
etag
"1622671121"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds017.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cookieconsent.min.js
askleo.com/ezoic/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.com/ezoic/cookieconsent.min.js
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

:path
/ezoic/cookieconsent.min.js
pragma
no-cache
cookie
ezoadgid_173078=-1; ezoref_173078=; ezoab_173078=mod85; active_template::173078=pub_site.1629735711; ezopvc_173078=1; ezepvv=1265; ezovid_173078=1114168860; lp_173078=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/; ezovuuidtime_173078=1629735712; ezovuuid_173078=663f24fa-fae3-4fd0-5aff-649062f3e3f8; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
etag
"11a4-5c701b9c2cf40-gzip"
vary
Accept-Encoding Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-robots-tag
noindex
content-length
1707
expires
Tue, 23 Aug 2022 16:21:52 GMT
related.css
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/yet-another-related-posts-plugin/style/ 		495 B
318 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=1629562568
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
a48e3091c3e26309f1329bb7ee2812cf158deb93cd80fe6439e53e8d57e58d3d

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
206
response
200
last-modified
Sat, 21 Aug 2021 16:16:08 GMT
server
nginx
etag
"1629562568"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds277.fr8.c
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
jquery.blockUI.min.js
askleo.askleomedia.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.6.0
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
b49498d1142de7f2e16afc2cd4250d2ba30c5df4de5d291f51d7cf69727efdbe

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
3246
response
200
last-modified
Tue, 17 Aug 2021 20:11:33 GMT
server
nginx
etag
"1629231093"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds207.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
add-to-cart.min.js
askleo.askleomedia.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.6.0
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
974
response
200
last-modified
Tue, 17 Aug 2021 20:11:33 GMT
server
nginx
etag
"1629231093"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds274.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
js.cookie.min.js
askleo.askleomedia.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.6.0
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
900
response
200
last-modified
Tue, 17 Aug 2021 20:11:33 GMT
server
nginx
etag
"1629231093"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds254.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
woocommerce.min.js
askleo.askleomedia.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		2 KB
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.6.0
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
679
response
200
last-modified
Tue, 17 Aug 2021 20:11:33 GMT
server
nginx
etag
"1629231093"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds011.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cart-fragments.min.js
askleo.askleomedia.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.6.0
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
934
response
200
last-modified
Tue, 17 Aug 2021 20:11:33 GMT
server
nginx
etag
"1629231093"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds127.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
main.min.js
askleo.askleomedia.com/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.4
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
1618
response
200
last-modified
Wed, 14 Jul 2021 15:11:48 GMT
server
nginx/1.16.0
etag
"1626275508"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds262.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
comment-reply.min.js
askleo.askleomedia.com/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-includes/js/comment-reply.min.js?ver=5.8
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
1230
response
200
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
etag
"1626185109"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds015.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
foobox.min.js
askleo.askleomedia.com/wp-content/plugins/foobox-image-lightbox-premium/pro/js/ 		146 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/foobox-image-lightbox-premium/pro/js/foobox.min.js?ver=2.7.16
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
73d269abb8a6ba50a6393840c5c5cff3bd149a14d638434b09cd38ff1268f08e

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
36481
response
200
last-modified
Wed, 02 Jun 2021 21:58:41 GMT
server
nginx/1.16.0
etag
"1622671121"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds279.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
woocommerce.min.js
askleo.askleomedia.com/wp-content/plugins/gp-premium/woocommerce/functions/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/gp-premium/woocommerce/functions/js/woocommerce.min.js?ver=2.0.3
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
d325476db806449106ec43620c920e7aae14b5193de849534ca479aebe8982ff

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
1200
response
200
last-modified
Wed, 21 Jul 2021 17:04:29 GMT
server
nginx
etag
"1626887069"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds165.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
player.min.js
askleo.askleomedia.com/wp-content/plugins/powerpress/ 		3 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/powerpress/player.min.js?ver=5.8
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
629db7e286c97c88af572b9ee82bf16a937f8916093adbe89f14f77ebf3ee79d

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
921
response
200
last-modified
Thu, 19 Aug 2021 23:17:02 GMT
server
nginx
etag
"1629415022"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds123.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
form.js
askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/akismet/_inc/ 		589 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/akismet/_inc/form.js?ver=1629562568
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
7bf99bd072ef2181aaa53f2e5cebd463ff723828c971d8527a450ac48fcc54ff

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
211
response
200
last-modified
Sat, 21 Aug 2021 16:16:08 GMT
server
nginx
etag
"1629562568"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds005.fr8.hn,1629735712.cds041.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
lazyload.min.js
askleo.askleomedia.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
2570
response
200
last-modified
Wed, 04 Aug 2021 16:11:19 GMT
server
nginx
etag
"1628093479"
vary
Accept-Encoding
x-hw
1629735712.cds005.fr8.hn,1629735712.cds143.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
pubads_impl_2021081901.js
securepubads.g.doubleclick.net/gpt/ 		331 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Aug 2021 08:39:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118670
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:21:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		81 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
dbc8af587b4d1133648936495aa2d60c4cf3aabbe2282eb16f4a8f31b94e2e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:21:52 GMT
ezosuigeneris.js
g.ezoic.net/ 		555 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/ezosuigeneris.js
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ef4a51d1cd2bd151839092725e90e8e556be00aee315cc7bab78fec9db774f11

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
etag
774a8de04059fa0080152dcd29ddf935
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cache-control
max-age=999999, private
content-length
275
expires
Mon, 29 Apr 2020 21:44:55 GMT
cmbv2.js
askleo.com/detroitchicago/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
81a2dbbcb0084b0c758491f99ac65e7845ebefbdae81a99bace7bea32402f982

Request headers

:path
/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
pragma
no-cache
cookie
ezoadgid_173078=-1; ezoref_173078=; ezoab_173078=mod85; active_template::173078=pub_site.1629735711; ezopvc_173078=1; ezepvv=1265; ezovid_173078=1114168860; lp_173078=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/; ezovuuidtime_173078=1629735712; ezovuuid_173078=663f24fa-fae3-4fd0-5aff-649062f3e3f8; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f6cacd54975e047a9bb152841f8fa870b1797366cd5993462f121ee77711e13

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
generatepress.woff2
askleo.askleomedia.com/wp-content/themes/generatepress/assets/fonts/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by
Host: askleo.askleomedia.com
URL: https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=1629562564
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Origin
https://askleo.com
Referer
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=1629562564
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
x-middleton-response
200
content-length
1264
response
200
last-modified
Wed, 14 Jul 2021 15:11:48 GMT
server
nginx
etag
"1626275508"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds145.fr8.hn,1629735712.cds216.fr8.c
content-type
font/woff2
access-control-allow-origin
https://askleo.com
cache-control
public, max-age=2592000
accept-ranges
bytes
gp-premium.ttf
askleo.askleomedia.com/wp-content/plugins/gp-premium/general/icons/ 		3 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://askleo.askleomedia.com/wp-content/plugins/gp-premium/general/icons/gp-premium.ttf
Requested by
Host: askleo.askleomedia.com
URL: https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/gp-premium/general/icons/icons.min.css?ver=1629562564
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
e5bdc8836e401144476fe22b6fd05b2c6d1a94aea39564bc356ac9d09c39673c

Request headers

Origin
https://askleo.com
Referer
https://askleo.askleomedia.com/wp-content/cache/min/1/wp-content/plugins/gp-premium/general/icons/icons.min.css?ver=1629562564
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
x-middleton-response
200
content-length
1597
response
200
last-modified
Wed, 21 Jul 2021 17:04:29 GMT
server
nginx
etag
"1626887069"
vary
Accept-Encoding,Origin
x-hw
1629735712.cds145.fr8.hn,1629735712.cds288.fr8.c
content-type
font/ttf
access-control-allow-origin
https://askleo.com
cache-control
public, max-age=2592000
accept-ranges
bytes
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e509f02367cdd95bb7b298c1096def66626cf1c01c61e0939698d8b285b64b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5d0eed1e60aa4445314f7e0be635f86d2e6a23ad316e79f2a1581e1f4dc1bfa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3391b26fd634859b900670bddcdd8ef22a819e3581da050f15f48c85a15ba5c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f78dced421cfd84fc6b1ce1853708b63e6bc80d1cdecd275297001f370aede8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fc4209c1df4006c475e8cff0e951b301922d7eb6822cd85f59d51ea6f0b391d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
config
c.amazon-adsystem.com/cdn/prod/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
via
1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://askleo.com
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
cgdWcf5JC8-ku2IBm3_9Dr6GwO2D2YlF84VP_qW2jziieQ0s7YawyQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&pid=RzuRxJ69QFfit&cb=0&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-medrectangle-3%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-medrectangle-3%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-medrectangle-3%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-medrectangle-2%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-large-leaderboard-2%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-large-leaderboard-2%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-large-leaderboard-2%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-large-billboard-2%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-large-billboard-2%22%7D%2C%7B%22sd%22%3A%229%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-medrectangle-4%22%7D%2C%7B%22sd%22%3A%2210%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-medrectangle-4%22%7D%2C%7B%22sd%22%3A%2211%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-medrectangle-4%22%7D%2C%7B%22sd%22%3A%2212%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-medrectangle-1%22%7D%2C%7B%22sd%22%3A%2213%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-medrectangle-1%22%7D%2C%7B%22sd%22%3A%2214%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-medrectangle-1%22%7D%2C%7B%22sd%22%3A%2215%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-large-mobile-banner-1%22%7D%2C%7B%22sd%22%3A%2216%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-box-2%22%7D%2C%7B%22sd%22%3A%2217%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%22%2F1254144%2C1057873%2Faskleo_com-box-3%22%7D%5D&cfgv=0&schain=1.0%2C1!ezoic.ai%2C0d933186705efdb55cfbfa127978ddae%2C1%2C%2C%2C&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
via
1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://askleo.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
XKAHlP1gFa8bqQxJkPNcsNtxWstmxzlTgY8ATuuq9xIh0y4s0_-LIQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 03:51:14 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
45039
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Sat, 21 Aug 2021 01:59:01 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
96XhsjGsBxsrm3kyucJOVw9g9hT2d.yB
via
1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
43B1JGtk6rLKZ7CRIpbXgJ0l0LXMtl9DqETrjjMtGxxH9SJdYg0b3A==
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
imp.gif
askleo.com/detroitchicago/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_count_adjustment%22%3A3%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%2221%2C21%2C21%2C5%2C36%2C36%2C36%2C34%2C34%2C22%2C22%2C22%2C4%2C4%2C4%2C700%2C1%2C2%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A18%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A2%2C%22city%22%3A%22Brussels%22%2C%22country%22%3A%22BE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A8%2C%22domain_id%22%3A173078%2C%22domain_test_group%22%3A20210307%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A25%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1101%2C1101%2C1101%2C1103%2C1104%2C1105%2C1105%2C1106%2C1106%2C1106%2C1107%2C1107%2C1107%2C1108%2C1109%2C1109%2C1109%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2209d729d5-2aaa-4196-732b-291643c0daba%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%221930%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A210792%2C%22response_time_orig%22%3A735%2C%22serverid%22%3A%2218.159.101.226%3A29861%22%2C%22state%22%3A%22BRU%22%2C%22sub_page_ad_positions%22%3A%221100%2C1101%2C1101%2C1101%2C1103%2C1104%2C1105%2C1105%2C1106%2C1106%2C1106%2C1107%2C1107%2C1107%2C1108%2C1109%2C1109%2C1109%22%2C%22t_epoch%22%3A1629735711%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A4760%2C%22worst_bad_word_level%22%3A3%7D
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:path
/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_count_adjustment%22%3A3%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%2221%2C21%2C21%2C5%2C36%2C36%2C36%2C34%2C34%2C22%2C22%2C22%2C4%2C4%2C4%2C700%2C1%2C2%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A18%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A2%2C%22city%22%3A%22Brussels%22%2C%22country%22%3A%22BE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A8%2C%22domain_id%22%3A173078%2C%22domain_test_group%22%3A20210307%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A25%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1101%2C1101%2C1101%2C1103%2C1104%2C1105%2C1105%2C1106%2C1106%2C1106%2C1107%2C1107%2C1107%2C1108%2C1109%2C1109%2C1109%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2209d729d5-2aaa-4196-732b-291643c0daba%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%221930%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A210792%2C%22response_time_orig%22%3A735%2C%22serverid%22%3A%2218.159.101.226%3A29861%22%2C%22state%22%3A%22BRU%22%2C%22sub_page_ad_positions%22%3A%221100%2C1101%2C1101%2C1101%2C1103%2C1104%2C1105%2C1105%2C1106%2C1106%2C1106%2C1107%2C1107%2C1107%2C1108%2C1109%2C1109%2C1109%22%2C%22t_epoch%22%3A1629735711%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A4760%2C%22worst_bad_word_level%22%3A3%7D
pragma
no-cache
cookie
ezoadgid_173078=-1; ezoref_173078=; ezoab_173078=mod85; active_template::173078=pub_site.1629735711; ezopvc_173078=1; ezepvv=1265; ezovid_173078=1114168860; lp_173078=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/; ezovuuidtime_173078=1629735712; ezovuuid_173078=663f24fa-fae3-4fd0-5aff-649062f3e3f8; ezCMPCCS=true; ezouspvv=0; ezouspva=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
image/gif
x-middleton-display
imp_sol
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
47
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
gzip
etag
"lp772EpWKwf8Kq7YKMhbuw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 30 Aug 2021 16:21:52 GMT
ezosuigenerisc.js
g.ezoic.net/ 		0
54 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/ezosuigenerisc.js?nogen=1
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
cache-control
max-age=300, private
server
nginx
content-length
0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
cmbdv2.js
askleo.com/detroitchicago/ 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.com/detroitchicago/cmbdv2.js?gcb=195-2&cb=03-4y0c-5y18-3y34-15y57-21&cmbcb=20&sj=x03x0cx18x34x57&abt=JoykatTest
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
af28f3c80c13d9c5d9fb069c86792f6b15b56e89d44e12f0576e7638dd0ca207

Request headers

:path
/detroitchicago/cmbdv2.js?gcb=195-2&cb=03-4y0c-5y18-3y34-15y57-21&cmbcb=20&sj=x03x0cx18x34x57&abt=JoykatTest
pragma
no-cache
cookie
ezoadgid_173078=-1; ezoref_173078=; ezoab_173078=mod85; active_template::173078=pub_site.1629735711; ezopvc_173078=1; ezepvv=1265; ezovid_173078=1114168860; lp_173078=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/; ezovuuidtime_173078=1629735712; ezovuuid_173078=663f24fa-fae3-4fd0-5aff-649062f3e3f8; ezCMPCCS=true; ezouspvv=0; ezouspva=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
nmash.js
askleo.com/porpoiseant/ 		24 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/nmash.js?v=60
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
acbbae3ea8c718877be4d5cc6437e6837d712b847a82b4f0aed2dc10bf9fdb64

Request headers

:path
/porpoiseant/nmash.js?v=60
pragma
no-cache
cookie
ezoadgid_173078=-1; ezoref_173078=; ezoab_173078=mod85; active_template::173078=pub_site.1629735711; ezopvc_173078=1; ezepvv=1265; ezovid_173078=1114168860; lp_173078=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/; ezovuuidtime_173078=1629735712; ezovuuid_173078=663f24fa-fae3-4fd0-5aff-649062f3e3f8; ezCMPCCS=true; ezouspvv=0; ezouspva=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
same-origin
accept
*/*
cache-control
no-cache
sec-fetch-dest
worker
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
last-modified
Mon, 23 Aug 2021 08:11:32 GMT
server
nginx
etag
"60b1-5ca3590a45d38;5c701b9c2cf40-gzip"
vary
Accept-Encoding Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-robots-tag
noindex
greenoaks.gif
askleo.com/detroitchicago/ 		0
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiZG9tYWluX2lkIjoiMTczMDc4IiwidF9lcG9jaCI6MTYyOTczNTcxMSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDgtMjMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImRhdGEiOlt7Im5hbWUiOiJ1bml2ZXJzYWxfdXNlcl9pZCIsInZhbCI6Ijc3NGE4ZGUwNDA1OWZhMDA4MDE1MmRjZDI5ZGRmOTM1In1dfV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiZG9tYWluX2lkIjoiMTczMDc4IiwidF9lcG9jaCI6MTYyOTczNTcxMSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDgtMjMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImRhdGEiOlt7Im5hbWUiOiJ1bml2ZXJzYWxfdXNlcl9pZCIsInZhbCI6Ijc3NGE4ZGUwNDA1OWZhMDA4MDE1MmRjZDI5ZGRmOTM1In1dfV0=
pragma
no-cache
cookie
ezoadgid_173078=-1; ezoref_173078=; ezoab_173078=mod85; active_template::173078=pub_site.1629735711; ezopvc_173078=1; ezepvv=1265; ezovid_173078=1114168860; lp_173078=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/; ezovuuidtime_173078=1629735712; ezovuuid_173078=663f24fa-fae3-4fd0-5aff-649062f3e3f8; ezCMPCCS=true; ezouspvv=0; ezouspva=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:52 UTC
denver.js
askleo.com/detroitchicago/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askleo.com/detroitchicago/denver.js?gcb=2&cb=1
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e45818350fb6700935c0dce924d8317b166845c5516bc391a1dbda39203f143a

Request headers

:path
/detroitchicago/denver.js?gcb=2&cb=1
pragma
no-cache
cookie
ezoadgid_173078=-1; ezoref_173078=; ezoab_173078=mod85; active_template::173078=pub_site.1629735711; ezopvc_173078=1; ezepvv=1265; ezovid_173078=1114168860; lp_173078=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/; ezovuuidtime_173078=1629735712; ezovuuid_173078=663f24fa-fae3-4fd0-5aff-649062f3e3f8; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezosuigeneris=774a8de04059fa0080152dcd29ddf935
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
1273
integrator.js
adservice.google.be/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		894 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=2389839393401003&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-box-2%2Caskleo_com-box-3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=468x60%2C468x60&prev_scp=a%3D%257C5%257C%26iid1%3D7580608852935457%26eid%3D7580608852935457%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D16%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Daskleo_com-box-2-7580608852935457%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D1%26bvm%3D0%26bvr%3D7%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D120%26br2%3D180%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C996%2C988%2C783%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C5%257C%26iid1%3D2292548548984151%26eid%3D2292548548984151%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1104%26sap%3D1104%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D17%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Daskleo_com-box-3-2292548548984151%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D22%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D3%26br1%3D100%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D2%2C152%2C176%2C4%2C161%2C122%2C196%2C20%2C26%2C171%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C996%2C988%2C783%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1629733050&dt=1629735712945&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=566%2C566&adys=285%2C478&adks=2713242136%2C942053875&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x60%7C960x60&msz=468x60%7C468x60&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0%2C0&ohw=0%2C0&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
1fb8544e73538de55afcfe79ceaa681e59d9837ca0594fe91e0cc8b4df6f9404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 42E5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://askleo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 23 Aug 2021 16:21:52 GMT
expires
Tue, 23 Aug 2022 16:21:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		456 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=788549175554065&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=a%3D%257C252%257C%26iid1%3D6660346330955657%26eid%3D6660346330955657%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Daskleo_com-medrectangle-2-6660346330955657%26eb_br%3D26dfa00588543c52511429ade391f561%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D3%26bvr%3D2%26shp%3D1%26ftsn%3D3%26br1%3D550%26br2%3D260%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C193%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C783%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1629733050&dt=1629735712981&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=3444788124&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
79f4bc782a8607a8be12480a4048ef477cb68d115a8b119adbcbfc114c8aeee4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
243
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-31iz6hfFutd16.js
rules.quantcount.com/ 		3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:f200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:21:24 GMT
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
age
14430
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:50:24 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
L74s5XxM_CFGjPOoC4fX74XSaqgPuLHpWMI_oANRny8MpJa8GDYO6w==
/
askleo.com/ 		574 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/?wc-ajax=get_refreshed_fragments
Requested by
Host: askleo.askleomedia.com
URL: https://askleo.askleomedia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
859e7bdcd95e7481128e01b5a7ff2fcf34a963198abaea0f0c483e40d22b2986

Request headers

sec-fetch-mode
cors
origin
https://askleo.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
ezoadgid_173078=-1; ezoref_173078=; ezoab_173078=mod85; active_template::173078=pub_site.1629735711; ezopvc_173078=1; ezepvv=1265; ezovid_173078=1114168860; lp_173078=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/; ezovuuidtime_173078=1629735712; ezovuuid_173078=663f24fa-fae3-4fd0-5aff-649062f3e3f8; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezosuigeneris=774a8de04059fa0080152dcd29ddf935; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200
content-length
18
:path
/?wc-ajax=get_refreshed_fragments
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 23 Aug 2021 16:21:53 GMT
content-encoding
br
vary
Accept-Encoding Accept-Encoding,Origin
x-sol
pub_site
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
253
response
200
server
nginx
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
max-age=0, must-revalidate, no-cache, no-store
expires
Sun, 22 Aug 2021 16:21:53 GMT
logo2019-400w.png.webp
askleo.askleomedia.com/wp-content/uploads/2019/05/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://askleo.askleomedia.com/wp-content/uploads/2019/05/logo2019-400w.png.webp
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
cc3533e181e6e2e97e0bcfd2c8bbe98becc92d6b4338953ee4afdba5bc3dc10b

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:53 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-ezoic-cdn
Hit ds;mm;d2dad5751a2ea6650255d494826ccc60;2-173078-2;e6b5663d-ee8b-4944-75d3-56312812ea76
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
9054
response
200
last-modified
Fri, 26 Mar 2021 19:40:25 GMT
server
nginx/1.16.0
etag
"1616787625"
vary
Accept-Encoding
x-hw
1629735713.cds005.fr8.hn,1629735713.cds248.fr8.c
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=10368000
accept-ranges
bytes
on-screen-keyboard.png.webp
askleo.askleomedia.com/wp-content/uploads/2009/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://askleo.askleomedia.com/wp-content/uploads/2009/01/on-screen-keyboard.png.webp
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
09be3165c49c3331ccd6588936e3bc62744ae0dfb44a578ee49c65e2d7caa537

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:53 GMT
content-encoding
br
display
staticcontent_sol, staticcontent_sol
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
content-length
16464
response
200
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
etag
"1626185109"
vary
Accept-Encoding,Origin
x-hw
1629735713.cds005.fr8.hn,1629735713.cds145.fr8.c
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
bestof50.png
img.askleomedia.com/tags/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.askleomedia.com/tags/bestof50.png
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3a75eaffe81ffd2ca154675c64ee887de61f5c30fc2035794aaf06a6eb9d8ea

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:53 GMT
last-modified
Fri, 09 Apr 2021 16:31:34 GMT
server
AmazonS3
x-amz-request-id
6PQ9GD78ZCER0ANN
etag
"defc3c7931f88efcf36ed6af98db4e84"
x-hw
1629735713.cds109.fr8.hn,1629735713.cds137.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=92
accept-ranges
bytes
content-length
2018
x-amz-id-2
NO7PbIydbfiyRILJxz5vn47HcISxauIF8APbGCf8jgQADGA5MnYlwS3lTnQKz+bPUwhECHLw4Mw=
pixel;r=2065776435;labels=Domain.askleo_com%2CDomainId.173078;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F;uht=2;fpan=...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2065776435;labels=Domain.askleo_com%2CDomainId.173078;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F;uht=2;fpan=1;fpa=P0-1166294967-1629735713048;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=askleo.com;je=0;sr=1600x1200x24;dst=1;et=1629735713047;tzo=-120;ogl=locale.en_US%2Ctype.article%2Ctitle.Will%20Using%20an%20On-Screen%20Keyboard%20Stop%20Keyloggers%3F%2Cdescription.Using%20an%20on-screen%20keyboard%20instead%20of%20a%20real%20keyboard%20might%20stop%20some%20keylogger%2Curl.https%3A%2F%2Faskleo%252Ecom%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_ha%2Csite_name.Ask%20Leo!%2Cimage.https%3A%2F%2Faskleo%252Easkleomedia%252Ecom%2Fwp-content%2Fuploads%2F2009%2F01%2Fon-screen-keyboard%252Epng%2Cimage%3Awidth.1205%2Cimage%3Aheight.359
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
greenoaks.gif
askleo.com/detroitchicago/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6Ijg1NCJ9XX1d
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6Ijg1NCJ9XX1d
pragma
no-cache
cookie
ezoadgid_173078=-1; ezoref_173078=; ezoab_173078=mod85; active_template::173078=pub_site.1629735711; ezopvc_173078=1; ezepvv=1265; ezovid_173078=1114168860; lp_173078=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/; ezovuuidtime_173078=1629735712; ezovuuid_173078=663f24fa-fae3-4fd0-5aff-649062f3e3f8; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezosuigeneris=774a8de04059fa0080152dcd29ddf935; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; __qca=P0-1166294967-1629735713048; __gads=ID=20d02adf5f0b6a42-22b99503adc8000c:T=1629735713:S=ALNI_MbGBdIB5SKqE_MFvNFMRUnD2Ax9Pw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:53 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:53 UTC
dark-bottom.css
askleo.com/ezoic/styles/ 		3 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://askleo.com/ezoic/styles/dark-bottom.css
Requested by
Host: askleo.com
URL: https://askleo.com/ezoic/cookieconsent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

:path
/ezoic/styles/dark-bottom.css
pragma
no-cache
cookie
ezoadgid_173078=-1; ezoref_173078=; ezoab_173078=mod85; active_template::173078=pub_site.1629735711; ezopvc_173078=1; ezepvv=1265; ezovid_173078=1114168860; lp_173078=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/; ezovuuidtime_173078=1629735712; ezovuuid_173078=663f24fa-fae3-4fd0-5aff-649062f3e3f8; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezosuigeneris=774a8de04059fa0080152dcd29ddf935; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; __qca=P0-1166294967-1629735713048; __gads=ID=717ecc9b69bc6606-2218ce2aacc800a9:T=1629735712:S=ALNI_Mb-a7pYpvIehPli2d_yy_3KIN5PJA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:53 GMT
content-encoding
br
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
etag
"bd7-5c701b9c2cf40-gzip"
vary
Accept-Encoding Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
x-robots-tag
noindex
content-length
725
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1431cdf90e23ab4795bcbc806e8b6aea38cefaf18922bef42705ac5f8fea986a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8558
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:21:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 89CC 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://askleo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 23 Aug 2021 16:21:20 GMT
expires
Tue, 23 Aug 2022 16:21:20 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
33
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0C79 		783 B
921 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0933213569bb16a7f86305d19cb08ad2d9a7c6d474afbd7a3c831a3a2c1bef8f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iLHLbq0sn2EofYTjdPynVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://askleo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 23 Aug 2021 16:21:53 GMT
date
Mon, 23 Aug 2021 16:21:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-iLHLbq0sn2EofYTjdPynVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 89CC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 15:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
2535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 15:39:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081901&jk=3969800989600765&bg=!8_Cl8LTNAAZvV8FTb1c7ACkAdvg8Wi_EzLx0hhCw5aVy5goegJlXCvst6wCMRGG5eCoyc_EIMGsRVwIAAAB3UgAAAA5oAQcKAKkDuAY9lZTd0ZZrOh7bhyfQcG44Mp0hEYBVsbYUD_HbKAirjXA6yUOR4Zop9iVNBujqTGUWJlMYD7DZ2opPuCxAskMqF1RyeMIj3uJzxDcZ4ZysWwU2fhoh5eGvYx2q6TQFiOzT8auqrp92ctSwkCu3-raMvJYG4UWV34Q6Ca-uXYVf5VQjNN_Y9wZIfpSAIHH1h99xykJY30TwgdbEs32q1eox7ge2XOxLmQJ242RN6pcjLLkxC9aNrIijCIV12PL7E9x1PvKpBYcttey-E7KnVaw8UyCT593wFXX3_SWGWWo6GV7zG7uzZn2vt8r7_dY4bYUTyUmfkeczbhkLR67mKbZsjY_yxQ8LnK-w1prgmhtM7di9_0BTWT2yf_u_23_efhqOGLrqh95xkqVc2Z4c0wPa2NmqZCUIZNIInCa2nuYf7DgMBoBdJXaWNo6uW-bPiceIyCu7FX0GX6ysSoPx56fg5oDEjEU9oEO2SImAzV5NrQppRQXWbFSTfeEqBQd_VpheAWb_1-ghAkFERM1UAXxTbq6vRVa2GUx3Ey1vzLqHR16cKEQqKt7Z52IzX0NY6SaIuX6_HO2WaRxvTWT31n-9R_9JnBR5LrYkdRhi2Js7g57fzBMM9aCye6epricPKVhxdfz5Fi8nlbMCATN4Kog-4sO5Rmu5Dh1C-24nOzpKZe43RjIoG_4phe9PtwFDQY5MhLW0ElgyRNYZPsNlSCt3mbWD_TciqmcnJtacJy0DRfEEPHqFf7dMBeCIw0ZUpykbXQRvoKBezVgFY9TF0r8rIC9lqEuBPwy5UXcigkaHPAjqdPQdnFaRnsikQMJLXlWdIjWpXUHHQQP2yYomdMrd_kCtpsl5ulBf4Lt1F2vwRVC0e5yRC9_5O2s8Du7JV8dBcoBXQQarbrjuic-lruS4GpZiYjpcOBDGxz7ZZq4opyhnHzl6xIJOa0qYemND5Lp_WqkyWn7XToOJodC0Hejm-D7vxpRYGXhgZ2U3zKxXgwM9N4pExlVZyoGu0j9IE3Hkl1z9zFnRjp6OfFTc-p1_tCJwbA5Yn1Nnsvo2shwL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.be/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=1054418425683691&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ris=4&rcs=1&prev_scp=a%3D%257C5%257C%26iid1%3D2292548548984151%26eid%3D2292548548984151%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1104%26sap%3D1104%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D17%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Daskleo_com-box-3-2292548548984151%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D22%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D3%26br1%3D50%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D2%2C152%2C176%2C4%2C161%2C122%2C196%2C20%2C26%2C171%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C996%2C988%2C783%2C17%2C19%2C20%2C608%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D100%26reqt%3D1629735716497&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1629733050&dt=1629735716503&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=566&adys=478&adks=942053875&ucis=2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=960x60&msz=468x60&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
80fe516a14d9be1a4cd35f21df843a00ac70dab7d57910bcbc422a22e97dd402
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7535
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		447 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=764481606318962&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ris=4&rcs=1&prev_scp=a%3D%257C5%257C%26iid1%3D7580608852935457%26eid%3D7580608852935457%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D16%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Daskleo_com-box-2-7580608852935457%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D1%26bvm%3D0%26bvr%3D7%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D60%26br2%3D180%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C996%2C988%2C783%2C17%2C19%2C20%2C608%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D120%26reqt%3D1629735716506&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1629733050&dt=1629735716509&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=566&adys=285&adks=2713242136&ucis=1&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x60&msz=468x60&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
4c3d23d7025038f5971f496b7cfe56432f045fac5b2e248ab32c89fd6c6c54ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		456 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=4316356166031885&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=4&rcs=1&prev_scp=a%3D%257C252%257C%26iid1%3D6660346330955657%26eid%3D6660346330955657%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Daskleo_com-medrectangle-2-6660346330955657%26eb_br%3D26dfa00588543c52511429ade391f561%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D3%26bvr%3D2%26shp%3D1%26ftsn%3D3%26br1%3D550%26br2%3D260%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C193%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C783%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D550%26reqt%3D1629735716513&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1629733050&dt=1629735716516&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=3444788124&ucis=3&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
59a5e8318addddfb2444d1f424da19c513403900acd58e779c26ef93ab9a2780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E9CF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://askleo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 23 Aug 2021 16:21:52 GMT
expires
Tue, 23 Aug 2022 16:21:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
greenoaks.gif
askleo.com/detroitchicago/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6Ijc3In0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIxMDk4In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIyOSJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiI1NjIifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiI1OTIifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMTM2MyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjE0MTcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjE0MTcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6Ijc3In0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIxMDk4In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIyOSJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiI1NjIifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiI1OTIifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMTM2MyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjE0MTcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjE0MTcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0=
pragma
no-cache
cookie
__gads=ID=4c5f0321aa6d5b49-22e434efacc8007e:T=1629735716:S=ALNI_MZUXH7sIJ_BJhcbM8uqL0OcOdqnPg; ezouspvv=50; ezouspva=1; ezouspvh=50
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:56 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:56 UTC
greenoaks.gif
askleo.com/detroitchicago/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkuMiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjQ0MzUifV19XQ==
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkuMiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjQ0MzUifV19XQ==
pragma
no-cache
cookie
__gads=ID=4c5f0321aa6d5b49-22e434efacc8007e:T=1629735716:S=ALNI_MZUXH7sIJ_BJhcbM8uqL0OcOdqnPg; ezouspvv=50; ezouspva=1; ezouspvh=50
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:56 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:54 UTC
army.gif
askleo.com/porpoiseant/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIzYmE5ODJmYzQyMzhkZDQxOTdiMWQ1MWIzNDU0NzhkYyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDUsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA1LCJiaWRfZmxvb3JfcHJldiI6MC4wMDEsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyMjkyNTQ4NTQ4OTg0MTUxIiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwNDE2OTg4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyMjkyNTQ4NTQ4OTg0MTUxIiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIzYmE5ODJmYzQyMzhkZDQxOTdiMWQ1MWIzNDU0NzhkYyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDUsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA1LCJiaWRfZmxvb3JfcHJldiI6MC4wMDEsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyMjkyNTQ4NTQ4OTg0MTUxIiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwNDE2OTg4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyMjkyNTQ4NTQ4OTg0MTUxIiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
pragma
no-cache
cookie
__gads=ID=4c5f0321aa6d5b49-22e434efacc8007e:T=1629735716:S=ALNI_MZUXH7sIJ_BJhcbM8uqL0OcOdqnPg; ezouspvv=50; ezouspva=1; ezouspvh=50
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:56 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:55 UTC
28687274
g.ezoic.net/dac/ 		0
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/dac/28687274
Requested by
Host: askleo.com
URL: https://askleo.com/porpoiseant/banger.js?cb=195-2&bv=60&v=51&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 23 Aug 2021 16:21:56 GMT
cache-control
max-age=3600, public
server
nginx
content-length
0
vary
Accept-Encoding
content-type
text/plain
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA4LTIzIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTgifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA4LTIzIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTgifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma
no-cache
cookie
__gads=ID=4c5f0321aa6d5b49-22e434efacc8007e:T=1629735716:S=ALNI_MZUXH7sIJ_BJhcbM8uqL0OcOdqnPg; ezouspvv=50; ezouspva=1; ezouspvh=50
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:56 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:56 UTC
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImF1Y3Rpb25fZXBvY2giOjE2Mjk3MzU3MTcsImFkX3Bvc2l0aW9uIjoxMTA0LCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiYmlkX2Zsb29yX2luaXRpYWwiOjEwMCwiYmlkX2Zsb29yX3ByZXYiOjEwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6NTAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjM4MCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImF1Y3Rpb25fZXBvY2giOjE2Mjk3MzU3MTcsImFkX3Bvc2l0aW9uIjoxMTA0LCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiYmlkX2Zsb29yX2luaXRpYWwiOjEwMCwiYmlkX2Zsb29yX3ByZXYiOjEwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6NTAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjM4MCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
pragma
no-cache
cookie
__gads=ID=4c5f0321aa6d5b49-22e434efacc8007e:T=1629735716:S=ALNI_MZUXH7sIJ_BJhcbM8uqL0OcOdqnPg; ezouspvv=50; ezouspva=1; ezouspvh=50
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:56 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:56 UTC
pixel
googleads.g.doubleclick.net/xbbe/ Frame 127C 		624 B
611 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNW4dXbxMvcTBI8fZXBe4LcaDEkDFS6dWUIOzlhaEjLkomZr8C8MJnK2I8mqbD4gB8OAShncWhBg7x-BpjNzDututoueADdCj1nXwEiAIKtKSDA3HyWyvYsPc5Alvah-Eh0_v_b17QtwGlqZBSNlTAA38tLbE2sxS0mYcEBVAaWqUoiWWI33KPBYG5361LjWH_99gCntCYwsEIiFTBVqKCLg9d40BA
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNW4dXbxMvcTBI8fZXBe4LcaDEkDFS6dWUIOzlhaEjLkomZr8C8MJnK2I8mqbD4gB8OAShncWhBg7x-BpjNzDututoueADdCj1nXwEiAIKtKSDA3HyWyvYsPc5Alvah-Eh0_v_b17QtwGlqZBSNlTAA38tLbE2sxS0mYcEBVAaWqUoiWWI33KPBYG5361LjWH_99gCntCYwsEIiFTBVqKCLg9d40BA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 23 Aug 2021 16:21:56 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUm8_IPu3YG_QHGR9nEu9uVtCRcdMrdQqgW7x_PpRgX0AoDkR1oKNZ_VONOR; expires=Sat, 17-Sep-2022 16:21:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 16:21:56 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E9CF 		83 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Af1i-D3dSMpZgeH5c45nRg2RY7atJE91I9I_KTZBiYydDQv3AjpN3eawK_en5pggA6RTa_xFgugGBcUXIMdUW2VNR0C7PMUGdc39rrbJWYfkBwSHtAHnQimhOxGtnp1cnZvt0HQj9iDiXiVEndmK3KvHWMKQ&dbm_d=AKAmf-Co8B2FfvBjeu4daaTUgke7vDCLRIFQgli1JLcnheNdJG2Uz-2MjpmmQ6PWdpnQSkzhD_QJOYtcMfi7ZDCR3nYLzqgfcxMHzgfSOE3VttLAPVL37E8lIGOcRk_B8L5okKPcD85Fs-C0wjtonbKZ2d-scI-MeDHxzPPgiVC0nwqK-Doi0pD-ev-LXvEYVp6vLFS167Px_Q_ED2a2VZ0grjl5c8S7X3t8h2Mm9Wrti1QtWbvQXKUqoED7G83a7IUHIjVGNA-_wDRc7V7mZfhRrGA_aUGEivEJvJjz1t0v-uSDnd0qbv8Y_Za1lSmxzOHBPIu-ae30y0JFEJRfPyGwajgtGyokw6ctRAhuTdBBPMbhwPPFqzLNOuLs4LrW1iwUO6kismXkt8--PKiUuFzFx2Dm5NDmiKo_S0XhK-VJzBtQyNARKVMHg9xQwRn9a0sOhGs6Seal4n4pHmKHTDZNpJjmkbKn76CtluH_CHWda6JweQ7GgoYmP9lphReam74nh_loKAE3Erha5fareV87ct4QbAEEXe0YYB4vrMNIzqLcCbk_60CZ08QEgCNvzOUZ015b-sQMRlfWxIDizxpGiCG5nYdR8TY1Cro9-USNmbYWUwb6es5CKixU4bZWJxMHQ_UTrcHCie73uBDsa54EQKbG_cxuwRLN0Wq0xhwadlrT_Arhnmf0VDA2VxHVMGrOcRNHqWP_AY4B4qHBl879q6l94Hq_5DnkGT409ajYrMy5IUnmuyictJb_MTJ_Utjc_dECxd8ltxfyjeR0aBCxko8L8YltGdfzQ9CNtL5d5SgjYPNpR-DXQlJ9SEXdHpNGjmywd2Fji9iG5ipFln6iBgTi4EPz84zpddkAYkSiFfN4fbKwHA3kEe2GnHlj96-DTmf5SDCnZadtmH5scrs5suQwqlTBtbaMCIDHMCU-36LYI5kRBQpmjVyftMgUcUDwNkMkdpOPtOKkaYskKzNizADhRx4j6uKa9EjKLJqpOWKTsDSz87DPAwXx7SUDEs-Lvefmsgzu2eV_-1KWB9It15Uo4RgVg6ZQV3IYsD1DCUe2ALfd66hUKfpbLjchht9JnZRKJQQSk5vQwhSySJLGUiOAAXOynKbg8wMiFaMFZSckfaUBEsmfZPIL-Qb5AJ-sXwRZpVhUx1bKX_OUur9I-u5xZm3qo2Liib8_T33a-SOJwwSd6fFA0myW7BVxwxJFcZ23z3qNKE5M3G79TOviCcKnV4QN-zDr6zy9_Ei8-EoYt2opncfWeXNdeYUz2UjfgOIoqhBbKIiBIWvOL2iI6kRFQnNPlGjrTHIcbEcu6VM68o30WmWD5-f-_CWWDsekIxeJCN-XjVnZ5Ne7f-xp5vK222-iBR4JXREi-XJ6hJ8_Cx2dFqbITrf97FX_Fh_spe21iun66lxU4n2JA2shZ7SxQBrMWut1PFND93Jbvvnf0c7sudGZTNMSVBsKHGoRxildRHHzGXzCbOh1Xf5N7BALxOXXPYIOws6aWWDxZdtioke5LnMNXd8EoTbdUevuSVRr8xUJ6Tb_x5wQVaIa5-ywB7YR_0_FoEmgIk-dA9CgJufQgfiTObKRSANAPrzJXqR9LdyfAsM9FNBMAIpLuCdgCwUwfrsKi-LC8eOue7v25hzd7iT7Xpoisnh0ZI_uqN_rW910Q2D1CNI3XBhVzdY6McQvAQzbzBpZE-J8Q-DUsJuRJwtgWR04_UNuHiJpsTqI5e3MHFatCYJTrb9oVumu7cQORcFyvGejHuj1ySZhb3CAkPNIFbSFSjniy-H_8ry3RN6jZxPCCKHBleCa3HPk2i8OedpRQPsKAuHNNaqZBhPvuGlcmyyE45Hjsf2moDXTBOJZcnhQiMkAxIMOcO6_YvCtPUDH70xEbHc0YPjjqB1MK7O7JBMkOESDaReqNzF6I6vB0kz1MmF_p8h8Q6wYEgOxRy40dUVb5iCmczPl0KbnlNh2LbY1gkWTTNyZK2HboqWSnTX912qMXhChsLK34zONNWzA-LWayeZJHNNYRc-y99A4OG3F2b6zfpzaaiWXN5Hz4TfWvTpIossRhHLmIXVfmsG78vBbDXlb_753I7AJCJTQ31e17weOwIs-4f_sKQ29sC009TjCesyqadF4CDO23bUI7lQC7d0qlSz9EkuuRVIdbdKijGSLllWIDGt-uBdPGVvsfxa765UEl42n-DKyFfuyZb3vU5rnCXjOum_bXZ3i19nMdFjcbxwQEd3KTNAMBHcE-Wuxy8vE638CZ3s0Sju7unX4I7rxymE-UP3S55efe7ycTfdldWlz0XMiZQL1_3fnkA9k3T7tS7jrZ3QWb7zrHUlMHsCG_2DZVcAy1_EZJqsOUU8X1bkwkohkByXf0c5FgEAiwj_j1kgDIOpqeWbSCtqrJkjn3PqTHn7yc-ke3HkYkT3JB9f8RLlck2mgCRd80PHhfyK8tqbibUm9kt8pOns2qNyeWkk-YTQF_yReSx7kQQwuN3xE7CAqKKb5lRVT7z3P3rcibig5gJADvWB9hVozPkU3uquViDE5pm3ZRNdyJsnREZ9zMZ_uSMLQTN2TPdzWIYtBUrdzxNz31hDGsUKLnj3czP_dg0P3QQ7ZFEflZ8egRvbam0dQEBVKww8j7N8hCBAH3quDPqRi14d1isiaVTGPV-Uh4M6EvnyrCOddL7tbfhWFtrwqkjdxacDyuzwQX_8RlKUU41Ikih7WBNbXzgVh0GmPY7HkZxI_vGNGJoAgfBIvWSXSzUrANbVS5TBN83e8Kge_8NASu3BeOJjxoj0QYIq2jD_7tVpvp0X98EWtfONkjizwZW2rSJPxpnUCwiAZsa14g8iMSbLka-tqIXcCsAi4v0lGybqHxOewh4fCykuO7s9lvkbKV1IQtpj-KHK0DLBscFzeITzbj0w4eqzN3g1P6j_b73pZ7ii-zDTkKfweN6VLQ_qZXIppccTjagHFzK0dqHjeB3BP46XiPPT3ZS_N1OyfhoF0k11B96MO-yxeUp_J3hJpflKqBsKsDA4djDopLBf7rVIMd0oXTPFNGU4Z_FlPWR7JqSTS0mtVEbxgufOke9px56239pYAG9awvM-pimHqOy8KcNUwyzXpMfX7PaMzhg8ddY6msDcsizi0O7oQi-tGaEusyW50yqxFZ_3bqgcINBLzGpZXizifEtNTax644R1xCqRMAh9FqKhKHDO3tLRUClGYbQO0aZZpP250lEDB12Qnc0C-MgjG2dfY63N4a0hE3gESi_CemxOrIHDYoCPg&cid=CAASFeRoFRGYLy8GZ9aG24A5m7gHATOWcA&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d87211f63f610d7365da06fa2d7cda1609ecc7a0405bcbc170da028801c9156d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30572
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E9CF 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ARg_z3VsUmUPwSDEsDX3V_8blG2Z1IT7jkj7HStQDgvbz4RcXe-HQ21ur_43YgKUaGeVw65DFOGN9-uvjKBfcOBH1vQuHn30XNnR4OtI1-fyR9VHs
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame E9CF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:11:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E9CF 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:56 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:21:56 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame E9CF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:20:58 GMT
l
www.google.com/ads/measurement/ Frame E9CF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSefhZP4TnAMnQU-dBmfnCuXPs8WXc1lDRy9LXJajCtEU09uz2o74ceGdruWHLPcFHnEvHREGQrN1wjVpfFQ2msLcDnYw
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 127C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0qYRNknL2UQmrMjeZtnz4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0qYRNknL2UQmrMjeZtnz4&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0qYRNknL2UQmrMjeZtnz4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNW4dXbxMvcTBI8fZXBe4LcaDEkDFS6dWUIOzlhaEjLkomZr8C8MJnK2I8mqbD4gB8OAShncWhBg7x-BpjNzDututoueADdCj1nXwEiAIKtKSDA3HyWyvYsPc5Alvah-Eh0_v_b17QtwGlqZBSNlTAA38tLbE2sxS0mYcEBVAaWqUoiWWI33KPBYG5361LjWH_99gCntCYwsEIiFTBVqKCLg9d40BA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 16:21:57 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0qYRNknL2UQmrMjeZtnz4&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Mon, 23 Aug 2021 16:21:57 GMT
rum
dsum-sec.casalemedia.com/ Frame 127C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSPLJQfmemqNqkH1mKvivAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC9QXzG5UK3Bv3hYNIeH0qk&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC9QXzG5UK3Bv3hYNIeH0qk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNW4dXbxMvcTBI8fZXBe4LcaDEkDFS6dWUIOzlhaEjLkomZr8C8MJnK2I8mqbD4gB8OAShncWhBg7x-BpjNzDututoueADdCj1nXwEiAIKtKSDA3HyWyvYsPc5Alvah-Eh0_v_b17QtwGlqZBSNlTAA38tLbE2sxS0mYcEBVAaWqUoiWWI33KPBYG5361LjWH_99gCntCYwsEIiFTBVqKCLg9d40BA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 16:21:57 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC9QXzG5UK3Bv3hYNIeH0qk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 127C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIMe4Nz8fB5NRBkTgjH_srg&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIMe4Nz8fB5NRBkTgjH_srg%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIMe4Nz8fB5NRBkTgjH_srg%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNW4dXbxMvcTBI8fZXBe4LcaDEkDFS6dWUIOzlhaEjLkomZr8C8MJnK2I8mqbD4gB8OAShncWhBg7x-BpjNzDututoueADdCj1nXwEiAIKtKSDA3HyWyvYsPc5Alvah-Eh0_v_b17QtwGlqZBSNlTAA38tLbE2sxS0mYcEBVAaWqUoiWWI33KPBYG5361LjWH_99gCntCYwsEIiFTBVqKCLg9d40BA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:57 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
466fb9d6-82bd-4bb2-b840-fda653f792f5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:57 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e9c04d7a-f7a3-4275-a3aa-01e2b3e31082
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIMe4Nz8fB5NRBkTgjH_srg%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 127C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1MDAzNDc2NzI1MTQ0MDQ3Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1MDAzNDc2NzI1MTQ0MDQ3Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNW4dXbxMvcTBI8fZXBe4LcaDEkDFS6dWUIOzlhaEjLkomZr8C8MJnK2I8mqbD4gB8OAShncWhBg7x-BpjNzDututoueADdCj1nXwEiAIKtKSDA3HyWyvYsPc5Alvah-Eh0_v_b17QtwGlqZBSNlTAA38tLbE2sxS0mYcEBVAaWqUoiWWI33KPBYG5361LjWH_99gCntCYwsEIiFTBVqKCLg9d40BA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:57 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e8dc653f-7d12-4a29-ac4d-d8bf28c20479
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1MDAzNDc2NzI1MTQ0MDQ3Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame E9CF 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 22:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 22:43:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/ Frame E9CF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Af1i-D3dSMpZgeH5c45nRg2RY7atJE91I9I_KTZBiYydDQv3AjpN3eawK_en5pggA6RTa_xFgugGBcUXIMdUW2VNR0C7PMUGdc39rrbJWYfkBwSHtAHnQimhOxGtnp1cnZvt0HQj9iDiXiVEndmK3KvHWMKQ&dbm_d=AKAmf-Co8B2FfvBjeu4daaTUgke7vDCLRIFQgli1JLcnheNdJG2Uz-2MjpmmQ6PWdpnQSkzhD_QJOYtcMfi7ZDCR3nYLzqgfcxMHzgfSOE3VttLAPVL37E8lIGOcRk_B8L5okKPcD85Fs-C0wjtonbKZ2d-scI-MeDHxzPPgiVC0nwqK-Doi0pD-ev-LXvEYVp6vLFS167Px_Q_ED2a2VZ0grjl5c8S7X3t8h2Mm9Wrti1QtWbvQXKUqoED7G83a7IUHIjVGNA-_wDRc7V7mZfhRrGA_aUGEivEJvJjz1t0v-uSDnd0qbv8Y_Za1lSmxzOHBPIu-ae30y0JFEJRfPyGwajgtGyokw6ctRAhuTdBBPMbhwPPFqzLNOuLs4LrW1iwUO6kismXkt8--PKiUuFzFx2Dm5NDmiKo_S0XhK-VJzBtQyNARKVMHg9xQwRn9a0sOhGs6Seal4n4pHmKHTDZNpJjmkbKn76CtluH_CHWda6JweQ7GgoYmP9lphReam74nh_loKAE3Erha5fareV87ct4QbAEEXe0YYB4vrMNIzqLcCbk_60CZ08QEgCNvzOUZ015b-sQMRlfWxIDizxpGiCG5nYdR8TY1Cro9-USNmbYWUwb6es5CKixU4bZWJxMHQ_UTrcHCie73uBDsa54EQKbG_cxuwRLN0Wq0xhwadlrT_Arhnmf0VDA2VxHVMGrOcRNHqWP_AY4B4qHBl879q6l94Hq_5DnkGT409ajYrMy5IUnmuyictJb_MTJ_Utjc_dECxd8ltxfyjeR0aBCxko8L8YltGdfzQ9CNtL5d5SgjYPNpR-DXQlJ9SEXdHpNGjmywd2Fji9iG5ipFln6iBgTi4EPz84zpddkAYkSiFfN4fbKwHA3kEe2GnHlj96-DTmf5SDCnZadtmH5scrs5suQwqlTBtbaMCIDHMCU-36LYI5kRBQpmjVyftMgUcUDwNkMkdpOPtOKkaYskKzNizADhRx4j6uKa9EjKLJqpOWKTsDSz87DPAwXx7SUDEs-Lvefmsgzu2eV_-1KWB9It15Uo4RgVg6ZQV3IYsD1DCUe2ALfd66hUKfpbLjchht9JnZRKJQQSk5vQwhSySJLGUiOAAXOynKbg8wMiFaMFZSckfaUBEsmfZPIL-Qb5AJ-sXwRZpVhUx1bKX_OUur9I-u5xZm3qo2Liib8_T33a-SOJwwSd6fFA0myW7BVxwxJFcZ23z3qNKE5M3G79TOviCcKnV4QN-zDr6zy9_Ei8-EoYt2opncfWeXNdeYUz2UjfgOIoqhBbKIiBIWvOL2iI6kRFQnNPlGjrTHIcbEcu6VM68o30WmWD5-f-_CWWDsekIxeJCN-XjVnZ5Ne7f-xp5vK222-iBR4JXREi-XJ6hJ8_Cx2dFqbITrf97FX_Fh_spe21iun66lxU4n2JA2shZ7SxQBrMWut1PFND93Jbvvnf0c7sudGZTNMSVBsKHGoRxildRHHzGXzCbOh1Xf5N7BALxOXXPYIOws6aWWDxZdtioke5LnMNXd8EoTbdUevuSVRr8xUJ6Tb_x5wQVaIa5-ywB7YR_0_FoEmgIk-dA9CgJufQgfiTObKRSANAPrzJXqR9LdyfAsM9FNBMAIpLuCdgCwUwfrsKi-LC8eOue7v25hzd7iT7Xpoisnh0ZI_uqN_rW910Q2D1CNI3XBhVzdY6McQvAQzbzBpZE-J8Q-DUsJuRJwtgWR04_UNuHiJpsTqI5e3MHFatCYJTrb9oVumu7cQORcFyvGejHuj1ySZhb3CAkPNIFbSFSjniy-H_8ry3RN6jZxPCCKHBleCa3HPk2i8OedpRQPsKAuHNNaqZBhPvuGlcmyyE45Hjsf2moDXTBOJZcnhQiMkAxIMOcO6_YvCtPUDH70xEbHc0YPjjqB1MK7O7JBMkOESDaReqNzF6I6vB0kz1MmF_p8h8Q6wYEgOxRy40dUVb5iCmczPl0KbnlNh2LbY1gkWTTNyZK2HboqWSnTX912qMXhChsLK34zONNWzA-LWayeZJHNNYRc-y99A4OG3F2b6zfpzaaiWXN5Hz4TfWvTpIossRhHLmIXVfmsG78vBbDXlb_753I7AJCJTQ31e17weOwIs-4f_sKQ29sC009TjCesyqadF4CDO23bUI7lQC7d0qlSz9EkuuRVIdbdKijGSLllWIDGt-uBdPGVvsfxa765UEl42n-DKyFfuyZb3vU5rnCXjOum_bXZ3i19nMdFjcbxwQEd3KTNAMBHcE-Wuxy8vE638CZ3s0Sju7unX4I7rxymE-UP3S55efe7ycTfdldWlz0XMiZQL1_3fnkA9k3T7tS7jrZ3QWb7zrHUlMHsCG_2DZVcAy1_EZJqsOUU8X1bkwkohkByXf0c5FgEAiwj_j1kgDIOpqeWbSCtqrJkjn3PqTHn7yc-ke3HkYkT3JB9f8RLlck2mgCRd80PHhfyK8tqbibUm9kt8pOns2qNyeWkk-YTQF_yReSx7kQQwuN3xE7CAqKKb5lRVT7z3P3rcibig5gJADvWB9hVozPkU3uquViDE5pm3ZRNdyJsnREZ9zMZ_uSMLQTN2TPdzWIYtBUrdzxNz31hDGsUKLnj3czP_dg0P3QQ7ZFEflZ8egRvbam0dQEBVKww8j7N8hCBAH3quDPqRi14d1isiaVTGPV-Uh4M6EvnyrCOddL7tbfhWFtrwqkjdxacDyuzwQX_8RlKUU41Ikih7WBNbXzgVh0GmPY7HkZxI_vGNGJoAgfBIvWSXSzUrANbVS5TBN83e8Kge_8NASu3BeOJjxoj0QYIq2jD_7tVpvp0X98EWtfONkjizwZW2rSJPxpnUCwiAZsa14g8iMSbLka-tqIXcCsAi4v0lGybqHxOewh4fCykuO7s9lvkbKV1IQtpj-KHK0DLBscFzeITzbj0w4eqzN3g1P6j_b73pZ7ii-zDTkKfweN6VLQ_qZXIppccTjagHFzK0dqHjeB3BP46XiPPT3ZS_N1OyfhoF0k11B96MO-yxeUp_J3hJpflKqBsKsDA4djDopLBf7rVIMd0oXTPFNGU4Z_FlPWR7JqSTS0mtVEbxgufOke9px56239pYAG9awvM-pimHqOy8KcNUwyzXpMfX7PaMzhg8ddY6msDcsizi0O7oQi-tGaEusyW50yqxFZ_3bqgcINBLzGpZXizifEtNTax644R1xCqRMAh9FqKhKHDO3tLRUClGYbQO0aZZpP250lEDB12Qnc0C-MgjG2dfY63N4a0hE3gESi_CemxOrIHDYoCPg&cid=CAASFeRoFRGYLy8GZ9aG24A5m7gHATOWcA&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:21:48 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame E9CF 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Af1i-D3dSMpZgeH5c45nRg2RY7atJE91I9I_KTZBiYydDQv3AjpN3eawK_en5pggA6RTa_xFgugGBcUXIMdUW2VNR0C7PMUGdc39rrbJWYfkBwSHtAHnQimhOxGtnp1cnZvt0HQj9iDiXiVEndmK3KvHWMKQ&dbm_d=AKAmf-Co8B2FfvBjeu4daaTUgke7vDCLRIFQgli1JLcnheNdJG2Uz-2MjpmmQ6PWdpnQSkzhD_QJOYtcMfi7ZDCR3nYLzqgfcxMHzgfSOE3VttLAPVL37E8lIGOcRk_B8L5okKPcD85Fs-C0wjtonbKZ2d-scI-MeDHxzPPgiVC0nwqK-Doi0pD-ev-LXvEYVp6vLFS167Px_Q_ED2a2VZ0grjl5c8S7X3t8h2Mm9Wrti1QtWbvQXKUqoED7G83a7IUHIjVGNA-_wDRc7V7mZfhRrGA_aUGEivEJvJjz1t0v-uSDnd0qbv8Y_Za1lSmxzOHBPIu-ae30y0JFEJRfPyGwajgtGyokw6ctRAhuTdBBPMbhwPPFqzLNOuLs4LrW1iwUO6kismXkt8--PKiUuFzFx2Dm5NDmiKo_S0XhK-VJzBtQyNARKVMHg9xQwRn9a0sOhGs6Seal4n4pHmKHTDZNpJjmkbKn76CtluH_CHWda6JweQ7GgoYmP9lphReam74nh_loKAE3Erha5fareV87ct4QbAEEXe0YYB4vrMNIzqLcCbk_60CZ08QEgCNvzOUZ015b-sQMRlfWxIDizxpGiCG5nYdR8TY1Cro9-USNmbYWUwb6es5CKixU4bZWJxMHQ_UTrcHCie73uBDsa54EQKbG_cxuwRLN0Wq0xhwadlrT_Arhnmf0VDA2VxHVMGrOcRNHqWP_AY4B4qHBl879q6l94Hq_5DnkGT409ajYrMy5IUnmuyictJb_MTJ_Utjc_dECxd8ltxfyjeR0aBCxko8L8YltGdfzQ9CNtL5d5SgjYPNpR-DXQlJ9SEXdHpNGjmywd2Fji9iG5ipFln6iBgTi4EPz84zpddkAYkSiFfN4fbKwHA3kEe2GnHlj96-DTmf5SDCnZadtmH5scrs5suQwqlTBtbaMCIDHMCU-36LYI5kRBQpmjVyftMgUcUDwNkMkdpOPtOKkaYskKzNizADhRx4j6uKa9EjKLJqpOWKTsDSz87DPAwXx7SUDEs-Lvefmsgzu2eV_-1KWB9It15Uo4RgVg6ZQV3IYsD1DCUe2ALfd66hUKfpbLjchht9JnZRKJQQSk5vQwhSySJLGUiOAAXOynKbg8wMiFaMFZSckfaUBEsmfZPIL-Qb5AJ-sXwRZpVhUx1bKX_OUur9I-u5xZm3qo2Liib8_T33a-SOJwwSd6fFA0myW7BVxwxJFcZ23z3qNKE5M3G79TOviCcKnV4QN-zDr6zy9_Ei8-EoYt2opncfWeXNdeYUz2UjfgOIoqhBbKIiBIWvOL2iI6kRFQnNPlGjrTHIcbEcu6VM68o30WmWD5-f-_CWWDsekIxeJCN-XjVnZ5Ne7f-xp5vK222-iBR4JXREi-XJ6hJ8_Cx2dFqbITrf97FX_Fh_spe21iun66lxU4n2JA2shZ7SxQBrMWut1PFND93Jbvvnf0c7sudGZTNMSVBsKHGoRxildRHHzGXzCbOh1Xf5N7BALxOXXPYIOws6aWWDxZdtioke5LnMNXd8EoTbdUevuSVRr8xUJ6Tb_x5wQVaIa5-ywB7YR_0_FoEmgIk-dA9CgJufQgfiTObKRSANAPrzJXqR9LdyfAsM9FNBMAIpLuCdgCwUwfrsKi-LC8eOue7v25hzd7iT7Xpoisnh0ZI_uqN_rW910Q2D1CNI3XBhVzdY6McQvAQzbzBpZE-J8Q-DUsJuRJwtgWR04_UNuHiJpsTqI5e3MHFatCYJTrb9oVumu7cQORcFyvGejHuj1ySZhb3CAkPNIFbSFSjniy-H_8ry3RN6jZxPCCKHBleCa3HPk2i8OedpRQPsKAuHNNaqZBhPvuGlcmyyE45Hjsf2moDXTBOJZcnhQiMkAxIMOcO6_YvCtPUDH70xEbHc0YPjjqB1MK7O7JBMkOESDaReqNzF6I6vB0kz1MmF_p8h8Q6wYEgOxRy40dUVb5iCmczPl0KbnlNh2LbY1gkWTTNyZK2HboqWSnTX912qMXhChsLK34zONNWzA-LWayeZJHNNYRc-y99A4OG3F2b6zfpzaaiWXN5Hz4TfWvTpIossRhHLmIXVfmsG78vBbDXlb_753I7AJCJTQ31e17weOwIs-4f_sKQ29sC009TjCesyqadF4CDO23bUI7lQC7d0qlSz9EkuuRVIdbdKijGSLllWIDGt-uBdPGVvsfxa765UEl42n-DKyFfuyZb3vU5rnCXjOum_bXZ3i19nMdFjcbxwQEd3KTNAMBHcE-Wuxy8vE638CZ3s0Sju7unX4I7rxymE-UP3S55efe7ycTfdldWlz0XMiZQL1_3fnkA9k3T7tS7jrZ3QWb7zrHUlMHsCG_2DZVcAy1_EZJqsOUU8X1bkwkohkByXf0c5FgEAiwj_j1kgDIOpqeWbSCtqrJkjn3PqTHn7yc-ke3HkYkT3JB9f8RLlck2mgCRd80PHhfyK8tqbibUm9kt8pOns2qNyeWkk-YTQF_yReSx7kQQwuN3xE7CAqKKb5lRVT7z3P3rcibig5gJADvWB9hVozPkU3uquViDE5pm3ZRNdyJsnREZ9zMZ_uSMLQTN2TPdzWIYtBUrdzxNz31hDGsUKLnj3czP_dg0P3QQ7ZFEflZ8egRvbam0dQEBVKww8j7N8hCBAH3quDPqRi14d1isiaVTGPV-Uh4M6EvnyrCOddL7tbfhWFtrwqkjdxacDyuzwQX_8RlKUU41Ikih7WBNbXzgVh0GmPY7HkZxI_vGNGJoAgfBIvWSXSzUrANbVS5TBN83e8Kge_8NASu3BeOJjxoj0QYIq2jD_7tVpvp0X98EWtfONkjizwZW2rSJPxpnUCwiAZsa14g8iMSbLka-tqIXcCsAi4v0lGybqHxOewh4fCykuO7s9lvkbKV1IQtpj-KHK0DLBscFzeITzbj0w4eqzN3g1P6j_b73pZ7ii-zDTkKfweN6VLQ_qZXIppccTjagHFzK0dqHjeB3BP46XiPPT3ZS_N1OyfhoF0k11B96MO-yxeUp_J3hJpflKqBsKsDA4djDopLBf7rVIMd0oXTPFNGU4Z_FlPWR7JqSTS0mtVEbxgufOke9px56239pYAG9awvM-pimHqOy8KcNUwyzXpMfX7PaMzhg8ddY6msDcsizi0O7oQi-tGaEusyW50yqxFZ_3bqgcINBLzGpZXizifEtNTax644R1xCqRMAh9FqKhKHDO3tLRUClGYbQO0aZZpP250lEDB12Qnc0C-MgjG2dfY63N4a0hE3gESi_CemxOrIHDYoCPg&cid=CAASFeRoFRGYLy8GZ9aG24A5m7gHATOWcA&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9341
x-xss-protection
0
server
cafe
etag
177112232901409761
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:08:22 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E9CF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 07:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Aug 2022 07:21:40 GMT
truncated
/ Frame E9CF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad57d9fa035ad21ee0e725b9a1791c447c57599ebf388c5833a3e5444b491457

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3A61 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 23 Aug 2021 07:21:40 GMT
expires
Tue, 23 Aug 2022 07:21:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
32417
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
be_NL_S-M_Prospecting_MC_468x60.html
s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/ Frame 4B88 		2 KB
914 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
720b7e396b7a7387b1f93a9e1f5cc8f5bdf9e6ebf40e7d8ad8892d6c4267b4a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
889
date
Mon, 23 Aug 2021 16:21:57 GMT
expires
Tue, 24 Aug 2021 16:21:57 GMT
cache-control
public, max-age=86400
last-modified
Fri, 12 Jun 2020 11:46:56 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame E9CF 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_o0gqU4tY3B5ckMQYf0cHL8lZY1WfKEDWWHgpYrP7b6pK6XTSj6H5S92bpKoRyvcGtSpsxR4PHHb6-62up9Et6lpqG3Vi-1zjVWHg-FrEImOIihlex9Jy0SRb1EAgFRpgtL-amnkOgnJvSVtH6algY55ixY5KfMqUrFQQxd8j9GFVMTnbwQ84UPNggzNr_mGvyxAXqBG57zk_iIMn5KleYuSenmhVNXcCUIi2sbH8xx-56g7MwXCDDeMkyBYR5KV40jgXaG8gEXXQCZQ42H2vQOJ3juXbbP1KJI6Q-gexMKowCMDTYKVh8-GINoqnKYIq6V9CmNtih9xJ9eV09rO4tZjtyghUdbc95nJJk1sAjKjbsnsErsPW45FBzXOYxXnN6Ov17NMGIe-e8NFQQXTH_CYmckKmBHfzf0-_N4cVQPhL_eyTbbvAaAAZwQiRDQ_-m0Edz3KsPjKEVjDTloEl5lY2y5HUOZH4Y70F7BW9YE_zVoSuCBVY97ynhZvk39hdaDXsg55D9fy3k8XU2sanM-hDYsQfWD6fd1rD2_YwbyBYBrbu7kYVwws8uYMojheA8zxJaJxBQwZyndGgluizzoqDQUITiMNQpkpVCKKCKd7t-IaIMdJkQptAc6TJQ0V0EX1I8LKKj22_RWLU9n0NXWIlAxhsiDZPwnq2eV28wPHSsn2TXh82K_WTCoJzutvDSivr8xjc-j68zB3oN5fKc0c9yojNFZtuV93kUOWvLS4I37c6p4bqH1PpK1zWm4jmSIjpfFzRHccHaG4vtYcW1_DRs36f2nigWk8M8zZY2xVIXn3EjafISlV1x_LlbrC_V7csv2wfVae4OrMd_cWe9XkQh61tj3L0CXqws-FDroqdaYirxQ_cc2IOklt9j_jb_-JRIj5ncGnsMuEJt-oR-7G-7i000XvJedgYaxCtDGbzV9BSTXj6IHbnkFEwNjoku7G4PQKB9a2yvq9BTXKJrw5umjVjz6VS4aE3ugyqv3mXMXsLPGEnhuq_C4y2dzkVj8-uN0tNg5yaBMpaZu5kfzZxaFaEYYt-t5FqDvzpngAU2myHAHwy3Ewgxq-SW1in4v5suowyGsQ4BpwnXvHSRQRvOxmaR0PcPvvvJJh3kwbLu5FlSXxEaqwPOG0YTbPeuH3OjyQpvLCHHICj_E7XCc_8LW1Yg_IohXHIDLmtlwh5IwNJXKA&sai=AMfl-YQP2ykaXiWQVlxilHVfx3VltlYGzhsU7fUbKty2V-5hVcMiI1_zUFbBzrF7jJtjsYO4_dgViNajXcIRyr6q62aCFtqGSAhBM_RhtNDu1Ub3UdnTGGMqkBJdMOYvRcqCXVntjgQ5kNXmTr8-v6kWCl4tNMVtE49PqBuoiF0&sig=Cg0ArKJSzIUx-1Y-VkbwEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=106&cbvp=1&cstd=98&cisv=r20210816.61913&adurl=
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 23 Aug 2021 16:21:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
opt.objectiveportal.com/ Frame E9CF 		35 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://opt.objectiveportal.com/pixel.gif?customer=COO&brand=COO&domain=VL&process=banner&campaignid=22001357&placementid=297057715&che=4076410069&cmsiteid=4802677&adid=490168431&crid=108978826&gvalue=ct=DE&st=&city=0&dma=0&zp=&bw=4&keyvalue=0&line_item_id=55819178&creativeid=332324197&exchangeid=1&insertionorderid=22497943&sourceurl=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/&universalsiteid=101267030471&auctionid=ABAjH0jpd0dNBr6NF16H0lLpzCYm&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.152.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.152.201.195.clients.your-server.de
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.objectiveportal.com objectiveportal.com
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
9811c409-b298-4095-a6ff-54e83d9a9546
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors *.objectiveportal.com objectiveportal.com
strict-transport-security
max-age=63072000; includeSubdomains
content-length
35
x-content-type-options
nosniff
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 3A61 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 15:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
2539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 15:39:38 GMT
Enabler_01_242.js
s0.2mdn.net/879366/ Frame 4B88 		107 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_242.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54040
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37452
x-xss-protection
0
last-modified
Thu, 06 Feb 2020 15:49:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 01:21:17 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/ Frame 4B88 		114 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
418381
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
34868
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1c604"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7NpW5QESLVPavJs6HzdY4gvzYAUVM67pZlfWueke8aoDAEu6oCmKG32aIKNpFVP6pykp8KSFUzRvBxITXWRQVdvKZCRvUUHAztqhINmA%2BhU9MMQiOd%2F9IkJXGT3mo0%2F%2BJQoh97tHFWuedBNBTIv8szH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6835ad481d672c4a-FRA
expires
Sat, 13 Aug 2022 16:21:57 GMT
S-M.js
s0.2mdn.net/creatives/assets/3758120/ Frame 4B88 		39 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3758120/S-M.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e42eb4dc61c96c40d59cee5896e8f484346f11007d056cea941d1cc90fd7f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6482
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 12:19:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:32:42 GMT
cbBdsV2.js
s0.2mdn.net/creatives/assets/3781309/ Frame 4B88 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758120/S-M.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ce12c6a858d78dbc3b062ff1905ec4e84e23e72887f6c054f7687d19ee8aa0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4666
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 10:44:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:36 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E9CF 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_o0gqU4tY3B5ckMQYf0cHL8lZY1WfKEDWWHgpYrP7b6pK6XTSj6H5S92bpKoRyvcGtSpsxR4PHHb6-62up9Et6lpqG3Vi-1zjVWHg-FrEImOIihlex9Jy0SRb1EAgFRpgtL-amnkOgnJvSVtH6algY55ixY5KfMqUrFQQxd8j9GFVMTnbwQ84UPNggzNr_mGvyxAXqBG57zk_iIMn5KleYuSenmhVNXcCUIi2sbH8xx-56g7MwXCDDeMkyBYR5KV40jgXaG8gEXXQCZQ42H2vQOJ3juXbbP1KJI6Q-gexMKowCMDTYKVh8-GINoqnKYIq6V9CmNtih9xJ9eV09rO4tZjtyghUdbc95nJJk1sAjKjbsnsErsPW45FBzXOYxXnN6Ov17NMGIe-e8NFQQXTH_CYmckKmBHfzf0-_N4cVQPhL_eyTbbvAaAAZwQiRDQ_-m0Edz3KsPjKEVjDTloEl5lY2y5HUOZH4Y70F7BW9YE_zVoSuCBVY97ynhZvk39hdaDXsg55D9fy3k8XU2sanM-hDYsQfWD6fd1rD2_YwbyBYBrbu7kYVwws8uYMojheA8zxJaJxBQwZyndGgluizzoqDQUITiMNQpkpVCKKCKd7t-IaIMdJkQptAc6TJQ0V0EX1I8LKKj22_RWLU9n0NXWIlAxhsiDZPwnq2eV28wPHSsn2TXh82K_WTCoJzutvDSivr8xjc-j68zB3oN5fKc0c9yojNFZtuV93kUOWvLS4I37c6p4bqH1PpK1zWm4jmSIjpfFzRHccHaG4vtYcW1_DRs36f2nigWk8M8zZY2xVIXn3EjafISlV1x_LlbrC_V7csv2wfVae4OrMd_cWe9XkQh61tj3L0CXqws-FDroqdaYirxQ_cc2IOklt9j_jb_-JRIj5ncGnsMuEJt-oR-7G-7i000XvJedgYaxCtDGbzV9BSTXj6IHbnkFEwNjoku7G4PQKB9a2yvq9BTXKJrw5umjVjz6VS4aE3ugyqv3mXMXsLPGEnhuq_C4y2dzkVj8-uN0tNg5yaBMpaZu5kfzZxaFaEYYt-t5FqDvzpngAU2myHAHwy3Ewgxq-SW1in4v5suowyGsQ4BpwnXvHSRQRvOxmaR0PcPvvvJJh3kwbLu5FlSXxEaqwPOG0YTbPeuH3OjyQpvLCHHICj_E7XCc_8LW1Yg_IohXHIDLmtlwh5IwNJXKA&sai=AMfl-YQP2ykaXiWQVlxilHVfx3VltlYGzhsU7fUbKty2V-5hVcMiI1_zUFbBzrF7jJtjsYO4_dgViNajXcIRyr6q62aCFtqGSAhBM_RhtNDu1Ub3UdnTGGMqkBJdMOYvRcqCXVntjgQ5kNXmTr8-v6kWCl4tNMVtE49PqBuoiF0&sig=Cg0ArKJSzIUx-1Y-VkbwEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=232&vt=11&dtpt=126&dett=3&cstd=98&cisv=r20210816.61913&adurl=
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
cbstyle.css
s0.2mdn.net/creatives/assets/3758114/ Frame 4B88 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
381a270a8837746d2393af408a52499565fe633d757dcf4bd775b77d48a70e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4142
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 09:23:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:29:41 GMT
cbLib.js
s0.2mdn.net/creatives/assets/3781309/ Frame 4B88 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3781309/cbLib.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc590c10742490a00daef3a82ef8fe7ab4bc736122c79b27c4ac7dea80e3af1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9729
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 13:53:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:36 GMT
cbResourceList.js
s0.2mdn.net/creatives/assets/3781309// Frame 4B88 		47 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3781309//cbResourceList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99d52606bf2e9b52a8a30569f553738909f7684432235bd53c39f95bde9d4ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6287
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 11:42:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:38 GMT
moduleList.js
s0.2mdn.net/creatives/assets/3781309/ Frame 4B88 		5 KB
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3781309/moduleList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75ab967337aa8edae5bb0cf87c905b770b76b85be76de75eae74fa4c6041b060
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
802
x-xss-protection
0
last-modified
Wed, 09 Jun 2021 14:23:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:37 GMT
AssetsList.js
s0.2mdn.net/creatives/assets/3757766/ Frame 4B88 		1 KB
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3757766/AssetsList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02159cd3570c28fb35026c7708464a7fa408568bd8c56c75c50152fc7e624214
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
last-modified
Mon, 04 Jan 2021 11:52:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:36 GMT
dobraslab-medium-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 4B88 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/dobraslab-medium-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Oct 2019 14:21:22 GMT
server
sffe
age
477
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11356
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:29:00 GMT
dobraslab-book-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 4B88 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/dobraslab-book-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:13:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Oct 2019 14:21:00 GMT
server
sffe
age
509
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28524
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:28:28 GMT
aebl____-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 4B88 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/aebl____-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:13:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Oct 2019 14:21:37 GMT
server
sffe
age
509
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20060
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:28:28 GMT
OpenSans-Regular.ttf
s0.2mdn.net/creatives/assets/3512464/ Frame 4B88 		95 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Regular.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
510
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59331
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:29:46 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:28:27 GMT
promotionManager.js
s0.2mdn.net/creatives/assets/4012510/ Frame 4B88 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4012510/promotionManager.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
844b23a41ac030e589ee673e50ba1d0d5581b1cdebd48dd2d4fd1675bde66185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1289
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 16:40:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:34:38 GMT
productCard.js
s0.2mdn.net/creatives/assets/3782707/ Frame 4B88 		86 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782707/productCard.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f3f6121ee9e9db4bb59cb15d5584d38625752b6a3d5a69988464177eb726092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10516
x-xss-protection
0
last-modified
Fri, 23 Jul 2021 13:01:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:22:33 GMT
carousel.js
s0.2mdn.net/creatives/assets/3782701/ Frame 4B88 		61 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782701/carousel.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed99e90ee1e28944cb257b8a06d730a89f3cbf40dcb2f102b8414e80897dabda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9789
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 11:20:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:24:43 GMT
uspCtaV2.js
s0.2mdn.net/creatives/assets/3782491/ Frame 4B88 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782491/uspCtaV2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9c57c81d47ce90d89f07b6fa259e7b6ab9e7d843ab8608950e3d2d9bad3da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1550
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 09:59:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:36:54 GMT
whiteBox.js
s0.2mdn.net/creatives/assets/3758108/ Frame 4B88 		6 KB
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3758108/whiteBox.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5390fbeb6fcb4697d18f9e2603d96b82dc4fd3f5922806a83df0fb439747063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
939
x-xss-protection
0
last-modified
Sat, 10 Oct 2020 09:46:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:24:56 GMT
mainImage.js
s0.2mdn.net/creatives/assets/3773403/ Frame 4B88 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3773403/mainImage.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd6ac5a1e0b62484abe064705a98e8d30694a1ff6345a35e5ae28295eca5f360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1763
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 13:26:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:24:37 GMT
S-M.css
s0.2mdn.net/creatives/assets/3758120/ Frame 4B88 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3758120/S-M.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4d6559fa96f1a97ce556c90facd8504d53bc656d238d9d5fd89a63aab36525b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2769
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 10:20:29 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:23:29 GMT
BE_NL_DISPLAY_PROS_MC_S_M.js
s0.2mdn.net/creatives/assets/3782500/ Frame 4B88 		19 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782500/BE_NL_DISPLAY_PROS_MC_S_M.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f5874208db31922418ad3337a1792c52bfbcc2942f3135ab4b87e20235a5bc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2310
x-xss-protection
0
last-modified
Fri, 22 Jan 2021 10:02:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:35:50 GMT
factSloganSplashV3.css
s0.2mdn.net/creatives/assets/3782803/ Frame 4B88 		1 KB
395 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6179c4db6016209d3297febf8a9243c7356e99b52cb8b3c7e7b72c0bbc7dbaf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
387
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
363
x-xss-protection
0
last-modified
Wed, 30 Dec 2020 11:09:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:30 GMT
factSloganSplashV3.js
s0.2mdn.net/creatives/assets/3782803/ Frame 4B88 		30 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d3315c2b2c849bdb5d2a94f08472eaadb8147502748cef585adc1d000e1a38b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4000
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 08:22:42 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:36:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A61 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_UawJMsjYbOFOIXz3wOHp464BAAAAAA4AeAEAg&bg=!Li2lLWnNAAZvV8FTb1c7ACkAdvg8Wu1tR_EGg8iKauSe0b2jtRyLArOMnS1rCnOA3keHGQr05erEhgIAAACOUgAAAA9oAQeZArjA-c1rIZCFhqb_wkV8KcLf6zV_7QhYvNtti5P1Nua1fAWpDawEvitJOHAXptQthxfBcDCqmVHH0KIAFRkjcmPxqf6ybIo8ltrlkBqnhV3Hs7oXv3dq5H2x_RVldM7yMkrPzfYMZfLKXqOPm1y0ati3Pj2C2W68K33pqbmbpvnQH9SDVGb-OqYutEOWfnPktw96qC5okPTBFDWGpr34-G0zweyUBjc7YjiVhLcOFUnf7qVvDZgacGzoEgaN7DOvv1SNCW58tGgGdhYPn8n5knu3cmfAcF_Uo6bJHFJXUU1dFxy5x_XBHX1m34Y9h_Eo7pZWV4OXIl-oqf7uiLia-DyR2XsGXVhMfKmampuRS93tCBvkba9eZqrOcniBZI-5vAtDH9gL8RYozsa72jD6W5SsjrV4AhaI8aq6K0l_YcN6uqGNsa4HfHYEao_FY5CQEjU-Oy-nfoHAlayMsVcb4Ga-w7YuBy4GtJjzOfpvugebNHjQAwwUTeErb10EuWNis6WYDww6flhgm6FbuYGahdLGJXHD5ShqAcD-pva5wuids_7e6QiqeGQkjC16cCa7sC0rmXhtHut6DyWcjR-3j8sgAy5dzodPy0RkSe4Arwend7D2EXdPv_WZL25VqDA2pG-Qdsq7MULrhKQ3bVKGR7Q3LiQCnOinvQcUnVTMnfd1xS4Pd0E_1L_MJhzs-pUqgsy-ejO7t0PtGaKWv67gCU2whKKzQQPCSeFXJRTqFCI6QVQsd_K8I5cDbRr3xCkK7UnKUEWIIGnabaxKvB13d6m6BIhCX_tJ46EZXN02m-vrMEwE8U9r7MTVvT8_aVasOjEio8q7hnf_KDE4uS6-tnMgmjPsVqpHhBAe07NTrUnC28wfW5aUDXjxfL4YSI49vi7yw42DsjpUDqgbD1ZsUps0C4Secb5vfHE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mainImage.css
s0.2mdn.net/creatives/assets/3773403/ Frame 4B88 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3773403/mainImage.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3db931fdc86bd4c3c5e5e68853da1d4754d95d9839e3aac0fcf06f757b764c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1076
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 10:27:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:36:20 GMT
whiteBox.css
s0.2mdn.net/creatives/assets/3758108/ Frame 4B88 		49 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3758108/whiteBox.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00fc7b252d629bd7e3243ca99628088fc65717696bcaa98bd4a52c81237465e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
628
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5184
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 13:38:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:26:29 GMT
uspCtaV2.css
s0.2mdn.net/creatives/assets/3782491/ Frame 4B88 		5 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782491/uspCtaV2.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a34f0ac0e0bae229e0913698c55cf65d12b30bb97c62e0bd6c8691dbbf2f9857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
758
x-xss-protection
0
last-modified
Tue, 08 Jun 2021 14:10:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:36:53 GMT
productCard.css
s0.2mdn.net/creatives/assets/3782707/ Frame 4B88 		110 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782707/productCard.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dde55dc1c914a593fb92f692a3442e570eb8eb62b9ed631878e3789b6e562072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8655
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 14:03:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:36:21 GMT
carousel.css
s0.2mdn.net/creatives/assets/3782701/ Frame 4B88 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782701/carousel.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
237c7b47a1aa95b662e01c9628165f3731cda8f807109d86e2fed9a9b6ff7f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1679
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 15:40:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:43 GMT
CB-logo.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 4B88 		5 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3782689/CB-logo.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1492
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 07:30:57 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:22:54 GMT
OpenSans-Bold.ttf
s0.2mdn.net/creatives/assets/3512464/ Frame 4B88 		102 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Bold.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:09:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62275
x-xss-protection
0
last-modified
Tue, 17 Dec 2019 08:35:20 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:24:18 GMT
bannerImage-872342.png_1612587737441_bannerImage-872342.png
s0.2mdn.net/dynamic/2/10747850/coolblue.bynder.com/m/02fb9e2d92f484d9/ Frame 4B88 		242 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10747850/coolblue.bynder.com/m/02fb9e2d92f484d9/bannerImage-872342.png_1612587737441_bannerImage-872342.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae9eb13db541a6965ba0df5c4b3c4e0b5a331a7297a625b03f319c16e3550f77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 04:43:16 GMT
x-content-type-options
nosniff
last-modified
Sat, 06 Feb 2021 05:02:23 GMT
server
sffe
age
41921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247623
x-xss-protection
0
expires
Tue, 23 Aug 2022 04:43:16 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E9CF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMluWDltkD6iCXkvxh-RgqL4sv8MRB7Vm2gBlzqS0_WEPkmlGQma0fg2LPvAPTQo8IHRb5OaNatKg3p0COJnSyoznrq57C_tTG4aWMqH7-tL6788cXsoLE8FIZWw&sai=AMfl-YT8CuWdpIxZNu3XRDYTynQ6WSvR6mSddRzoggDJWMmzxBBV8hdOUbAdhOLtELwbs89CyKjXKFqMPKYYLZ4iWYr_IYltS1uNzDgIRtwj5OCTAXHYgHSOIbJHpcCshAQ&sig=Cg0ArKJSzCltWI6ELuHSEAE&cid=CAASFeRoFRGYLy8GZ9aG24A5m7gHATOWcA&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210820&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=942053875&rs=4&met=ce&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.be/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		447 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=1976325434002979&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ris=2&rcs=2&prev_scp=a%3D%257C5%257C%26iid1%3D7580608852935457%26eid%3D7580608852935457%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D16%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Daskleo_com-box-2-7580608852935457%26eb_br%3Dee685f77592ce296910ee91457d66ba3%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D1%26bvm%3D0%26bvr%3D7%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D40%26br2%3D180%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C996%2C988%2C783%2C17%2C19%2C20%2C608%2C17%2C19%2C20%2C608%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D60%26reqt%3D1629735717056&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1629733050&dt=1629735718064&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=566&adys=285&adks=2713242136&ucis=1&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x60&msz=468x60&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
99dcbdaab6b94a5296d3152512c6e2549649ed7c3b4e8afca003db2c29bf49c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		456 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=1151852484858656&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=2&rcs=2&prev_scp=a%3D%257C252%257C%26iid1%3D6660346330955657%26eid%3D6660346330955657%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Daskleo_com-medrectangle-2-6660346330955657%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D3%26bvr%3D2%26shp%3D1%26ftsn%3D3%26br1%3D400%26br2%3D260%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C193%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C783%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D550%26reqt%3D1629735717060&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1629733050&dt=1629735718070&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=3444788124&ucis=3&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
40863be2b431a191bda85df5372da56e3f5cc09e0402d2a65422b124a94654f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
askleo.com/porpoiseant/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:58 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:59 UTC
be-NL_CBK_R_White.svg
s0.2mdn.net/creatives/assets/3782692/ Frame 4B88 		43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3782692/be-NL_CBK_R_White.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60934467/20200612044656202/be_NL_S-M_Prospecting_MC_468x60.html?e=69&leftOffset=0&topOffset=0&c=75pGd7bl8m&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:18:57 GMT
x-content-type-options
nosniff
server
sffe
age
181
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:33:57 GMT
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils0NjgsNjBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyMjkyNTQ4NTQ4OTg0MTUxIiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyMjkyNTQ4NTQ4OTg0MTUxIiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIyNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils0NjgsNjBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyMjkyNTQ4NTQ4OTg0MTUxIiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyMjkyNTQ4NTQ4OTg0MTUxIiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIyNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:58 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:56 UTC
integrator.js
adservice.google.be/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=3883939704733063&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-3&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=300x250%2C300x250%2C300x250&prev_scp=a%3D%257C124%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D450%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C3%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D450%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C1%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D450%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie=ID%3D23468bca104aa5f4-2216d30eadc80036%3AT%3D1629735718%3AS%3DALNI_MaThS9Fcm-ZN8ZtUInhb5R8LDRX6g&bc=31&abxe=1&lmt=1629733050&dt=1629735718498&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=320%2C644%2C967&adys=1549%2C1549%2C1549&adks=3023815051%2C3346484721%2C3346484726&ucis=4%7C5%7C6&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250%7C323x250%7C323x250&msz=323x250%7C323x250%7C323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0%2C0%2C0&ohw=0%2C0%2C0&btvi=1%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8b0723635b932d07aa18138a7f0ec12eaf80065b3e33f328aa135b52aa60ebb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252
x-xss-protection
0
google-lineitem-id
-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.be/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=340062439163522&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ris=1&rcs=3&prev_scp=a%3D%257C5%257C%26iid1%3D7580608852935457%26eid%3D7580608852935457%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D16%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Daskleo_com-box-2-7580608852935457%26eb_br%3D1e913e99b80640fd5b86a539e5b97c94%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D1%26bvm%3D0%26bvr%3D7%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D22%26br2%3D180%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C996%2C988%2C783%2C17%2C19%2C20%2C608%2C17%2C19%2C20%2C608%2C17%2C18%2C19%2C20%2C608%2C1428%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D40%26reqt%3D1629735718568&eri=1&cookie=ID%3D310ee5d8fe22e4d3-22acb2fbacc800c3%3AT%3D1629735718%3AS%3DALNI_MZnQCWmWbtAWaefw9u_eAs1KPuXog&bc=31&abxe=1&lmt=1629733050&dt=1629735718574&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=566&adys=285&adks=2713242136&ucis=1&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x60&msz=468x60&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
b5ca6a5538f84c38359f176278d88a2b0b2596c4e10cff85b9e5ef34e13f96f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14228
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=3351458915255029&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=1&rcs=3&prev_scp=a%3D%257C252%257C%26iid1%3D6660346330955657%26eid%3D6660346330955657%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D4%26at%3Dbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Daskleo_com-medrectangle-2-6660346330955657%26eb_br%3Dzero%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D0%26bvm%3D3%26bvr%3D2%26shp%3D1%26ftsn%3D3%26br1%3D0%26br2%3D260%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C193%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C783%2C17%2C18%2C19%2C20%2C1428%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D400%26reqt%3D1629735718585%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D310ee5d8fe22e4d3-22acb2fbacc800c3%3AT%3D1629735718%3AS%3DALNI_MZnQCWmWbtAWaefw9u_eAs1KPuXog&bc=31&abxe=1&lmt=1629733050&dt=1629735718590&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=3444788124&ucis=3&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
997bcb47618fae4ce1bcbb8eb0bd8e8f8e30d0e57aba263d6ec148d5ee6c5c8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8775
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Faskleo.com%2F&domain=askleo.com&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://askleo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://askleo.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1181
date
Mon, 23 Aug 2021 16:21:58 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Faskleo.com%2F&domain=askleo.com&cw=1
  • https://mug.criteo.com/sid?cpp=qCK_rnxadmJGdC9lc2U2UlRUZGFtYnE2UDZSaUxkRUVXVmphY3dpYmNiWHRDS20rZUtvaGlIYVhOWDcxMFNiTXQ0UHdxNERIdC91NlF4M3dKem1VbG9xaXNBcDhhSXRKL1B4QTAzQmNVVlNGSkJkekhVK25nZUw5ckF2ZG...
355 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qCK_rnxadmJGdC9lc2U2UlRUZGFtYnE2UDZSaUxkRUVXVmphY3dpYmNiWHRDS20rZUtvaGlIYVhOWDcxMFNiTXQ0UHdxNERIdC91NlF4M3dKem1VbG9xaXNBcDhhSXRKL1B4QTAzQmNVVlNGSkJkekhVK25nZUw5ckF2ZGRuT0F1czZCdnRqbGFzaUpLZ3B0bytzbTV5WGNPcXlPclFPVFFKV1VCZ0JEWFk1ekcvQ1N5MUw1M1ZBMHBpOWJmUHdaMzVINmJWUVdKd3hwUDllaWF4a0FWWldwdG4zb1dtVldvTVRjSHNESFg3d21ORUxBPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
de9901d70f685458ce4c69c62a143877ad1cba00815bcfda248da5e349c98b6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 23 Aug 2021 16:21:59 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2740
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 23 Aug 2021 16:21:58 GMT
location
https://mug.criteo.com/sid?cpp=qCK_rnxadmJGdC9lc2U2UlRUZGFtYnE2UDZSaUxkRUVXVmphY3dpYmNiWHRDS20rZUtvaGlIYVhOWDcxMFNiTXQ0UHdxNERIdC91NlF4M3dKem1VbG9xaXNBcDhhSXRKL1B4QTAzQmNVVlNGSkJkekhVK25nZUw5ckF2ZGRuT0F1czZCdnRqbGFzaUpLZ3B0bytzbTV5WGNPcXlPclFPVFFKV1VCZ0JEWFk1ekcvQ1N5MUw1M1ZBMHBpOWJmUHdaMzVINmJWUVdKd3hwUDllaWF4a0FWWldwdG4zb1dtVldvTVRjSHNESFg3d21ORUxBPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2494
content-length
482
expires
0
cookie_sync
pb-server.ezoic.com/ 		269 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb-server.ezoic.com/cookie_sync
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.205.247.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-247-225.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
14375082f18c8501a36b803a80a3489476d037a97867ffa2a1aae1b65df4fa57

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.14.0 (Ubuntu)
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
269
Expires
0
auction
pb-server.ezoic.com/openrtb2/ 		152 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb-server.ezoic.com/openrtb2/auction
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.205.247.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-247-225.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
043125925c1c824d15648aa72b6a36876d6fbd9d3c22de45d5d8d07080a1edde

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.14.0 (Ubuntu)
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
Expires
0
prebid
prebid.media.net/rtb/ 		1 KB
802 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUBCB617
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
92dfc771b95bd6572632549d34a03fdeece705631fc6d70f8270ac4b50024770

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://askleo.com
date
Mon, 23 Aug 2021 16:21:58 GMT
access-control-allow-credentials
true
vary
Origin
cygnus
htlb.casalemedia.com/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=305142&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2292c77e510268d6c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A17%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A17%2C%22ren%22%3Afalse%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2293c60673e2ce9c8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305142%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22943c4ed27a6de02%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305142%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2295d495145dbb91d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305142%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22960b4b77c7218b7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2297dae3b20a7b7cf%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305148%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%229872dbeb46e68cd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305148%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%229935c6db3bfdace%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305148%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22100d8ff673fc4e98%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305146%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%221014eb6ef471e4bd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305146%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22102a3499c6a00be4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305143%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22103f9803228fe6fa%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305143%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%221048410ebbdb2d14%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305143%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22105449ffa721e3a1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305140%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2210658a81d304ed95%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305140%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%221074a9048ad4f43c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305140%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22108058f7c2f6e417%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22305137%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%221093df57ee5d4dbd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22305138%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%220d933186705efdb55cfbfa127978ddae%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
051d92bd9abf927fe7d47b84dda61e8c1dd49d902229ac91b27477f570fe6481

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.136], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://askleo.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3563
x-ak-client-geo
28
expires
Mon, 23 Aug 2021 16:21:59 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=2d5749e6-522e-4e3e-a60a-25881a8dcd73&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.09923608764313796
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
83a8e7854d4f0a0f33e0a52d2dabec997b125058db15914104ba49c7a63359cb

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:58 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=3ac09a55-ee80-4dfb-9f17-151dd8918086&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4781032063516881
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b2721c18b1d73541b177b8d05ba7a9e1c7fcf8c4cfe4a8a75640523c14a62ff0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=cb471976-3d6f-4c3e-947a-ececc31a44ea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4112718153234882
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e1fb071a5a135b63fbd96a89a4a0c2c2e20fd01a9bbd703db45d199df6ad1525

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:58 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=c9d00255-d8fe-49ac-b7a1-54bc2f9b6f82&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7851687493625612
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0fea4f275704bb57b3ec17051db212de23efd556ce0ab4adcb33df8cba76e077

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:58 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=fbac9613-35fa-499e-9daa-c40f77ea7039&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8448988758079228
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
4b2d732121c09a7187640a98acc242938634d6eb885c444a10148051a3c6ce24

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=c3f03e38-1a85-4995-aec9-40a6b6b16eca&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4441206906821482
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1fda2e11a60ed0d8a4356f63755d7023483fd54ac7c15e9c71d755bdb5431f89

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=92edf3ae-e493-48f9-8829-e9c853e3c7d3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7246905642089767
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1bfb4195f92629d2bac3258d4c20c8c961f42490d6d477ab62944648abcce615

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=2952153b-f2df-49ce-ac4b-3858f8a8f5c6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8280841241530714
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0a27e451d447cf91977a122d2a184d299d135bfc04b6d04158a023a00258c0f7

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=02cbccf8-6f97-4573-8e9d-4b9398838a56&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.24492553844770049
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c01eb865aabc41361d25ec5a333411bebb146b11e264111f043615cd96b7177b

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=426f2d21-91ea-4a40-8436-8c0e8b95fbda&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5262595917859505
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
53c781ab15544fabc8a5884e3ec5b6b42f29129f8853156ac6b0ba35b07ec3fd

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=25c2bb5e-00d5-4b05-a72d-9e459e48f44b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3302339224645401
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ba9c563212915f4bb5b697b0858b564b9ee38b74fd9e1d944a81d600071c8a80

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=4988ad28-a524-4044-99bb-413ee9cfbbe9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4244140081951533
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
cf5607249df9251c245d675570dad6611ff2edfa90acd067655f8f93f0a58bac

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=5b080da2-1505-4034-ba7c-18781db0c40c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38123003845252934
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
154c85250d7bdf201fe19e9f5f20910d8727ee9dfbba11ce98dcb36a48b61ab5

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=ae6cff27-4b83-4043-830a-d5bc02d13cdb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5861091144417292
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f8d951b1faac73691f9c6e1df8345788cb862128575422c439d2cac0e3e7a2d7

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=31a365bd-dea2-45ad-b032-2c4f3fd13329&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.13292525223446994
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
8fcbe39f732897d9c5e7b665e3dd1708bc3a06fc0eb96653a54322aa1c0d484a

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&alt_size_ids=55&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=6a63902f-8da4-4595-9f04-2a9ccf636fb2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3824685615935779
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
fb56fab7f9b0405a03f249bfa6595de41410812a840af0bfbc01d694d711d1ce

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=1&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=ade442b8-9583-43b5-8bd1-d2c81732b2c9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3904340416725891
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6a0e73d2713a0d1fc0737daacef3c8f39e347ed1c9ce3ef6dddb3fce1dcd2b9f

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=1&rp_schain=1.0,1!ezoic.ai,0d933186705efdb55cfbfa127978ddae,1,,,&rf=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=754e2ed7-779e-47fe-bd03-c7e8ab5dce35&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.20260813169472125
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ae19adaabc7a5d8387d0e953041b3ef6135b3a26715281aeea76009ab771e752

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://askleo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIzMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI2NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyMDQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTBfMSIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyMDQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIzMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI2NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyMDQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTBfMSIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyMDQifV0sImlzX29yaWciOmZhbHNlfV0=
pragma
no-cache
cookie
__gads=ID=310ee5d8fe22e4d3-22acb2fbacc800c3:T=1629735718:S=ALNI_MZnQCWmWbtAWaefw9u_eAs1KPuXog; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:58 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:59 UTC
army.gif
askleo.com/porpoiseant/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjIwNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjIwNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma
no-cache
cookie
__gads=ID=310ee5d8fe22e4d3-22acb2fbacc800c3:T=1629735718:S=ALNI_MZnQCWmWbtAWaefw9u_eAs1KPuXog; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:58 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:57 UTC
army.gif
askleo.com/porpoiseant/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjU2NiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMjg1In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjU2NiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiNDc4In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDQifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIzMjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE1NDkifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzEiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI2NDQifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE1NDkifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjU2NiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMjg1In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjI5MjU0ODU0ODk4NDE1MSIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjU2NiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiNDc4In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDQifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIzMjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE1NDkifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzEiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI2NDQifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE1NDkifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma
no-cache
cookie
__gads=ID=310ee5d8fe22e4d3-22acb2fbacc800c3:T=1629735718:S=ALNI_MZnQCWmWbtAWaefw9u_eAs1KPuXog; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:58 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:58 UTC
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiOTY3In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxNTQ5In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiOTY3In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxNTQ5In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma
no-cache
cookie
__gads=ID=310ee5d8fe22e4d3-22acb2fbacc800c3:T=1629735718:S=ALNI_MZnQCWmWbtAWaefw9u_eAs1KPuXog; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:58 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:57 UTC
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qCK_rnxadmJGdC9lc2U2UlRUZGFtYnE2UDZSaUxkRUVXVmphY3dpYmNiWHRDS20rZUtvaGlIYVhOWDcxMFNiTXQ0UHdxNERIdC91NlF4M3dKem1VbG9xaXNBcDhhSXRKL1B4QTAzQmNVVlNGSkJkekhVK25nZUw5ckF2ZGRuT0F1czZCdnRqbGFzaUpLZ3B0bytzbTV5WGNPcXlPclFPVFFKV1VCZ0JEWFk1ekcvQ1N5MUw1M1ZBMHBpOWJmUHdaMzVINmJWUVdKd3hwUDllaWF4a0FWWldwdG4zb1dtVldvTVRjSHNESFg3d21ORUxBPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1109
date
Mon, 23 Aug 2021 16:21:59 GMT
content-encoding
gzip
vary
Accept-Encoding
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012108100143000/ Frame 3071 		188 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
531380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55213
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2f5786613d323c5a"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 3071 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
531380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4877
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0140540fbe581c13"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 3071 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
531380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28511
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"07ab47082d8b4bd2"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 3071 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
531380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1660
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"758b6350805b356b"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 3071 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
531380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12835
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e9aa942d03505fee"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
css
fonts.googleapis.com/ Frame 3071 		4 KB
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 15:33:04 GMT
server
ESF
date
Mon, 23 Aug 2021 16:21:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Aug 2021 16:21:59 GMT
css
fonts.googleapis.com/ Frame 3071 		4 KB
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 15:01:17 GMT
server
ESF
date
Mon, 23 Aug 2021 16:21:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Aug 2021 16:21:59 GMT
truncated
/ Frame 3071 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
902596331db2197744da09ad0713133650e5e01f66def98e475bf8efc64d7ba2

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
17714448501645138909
s0.2mdn.net/simgad/ Frame 3071 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17714448501645138909
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
777d64ed5f90cc4c4a9c683655965eb44cb7eb038b0fbc0dac1574c2ea3f1c4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 11:09:58 GMT
x-content-type-options
nosniff
age
364321
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143336
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 08:57:45 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Aug 2022 11:09:58 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3071 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CE8jLVPTDSW-tS01Madyc6RmEtcqPK1iAJMBJ-nWqZ2Az8R5jgC2DSeEU6Bvpmg4gyTHAGh5qvWzWSivia1DREXuXGtVu5pImiE39UlWJEiEnoXlunBcuVfIAdEfeA5bypgYOfHjVPu49UMLnTMLB6-xJv8Q&dbm_d=AKAmf-Dii6W53L5u4G3_2FxbopET3rb7Y-e7bDdltb3pPo12zyjg47MDMuS1KfIrse2ZRxgWa9W2LcGFV-8sG4iuv0rskUuvb9kBC_jPooQjd4kAJEbasfqEaVfzXmh06r5hzaJZnar42V3Y7Y9P9VNJCs9ce0_375-5k297sFeq2JUcF7Rrgho-G4vk_hP0zT3RXzvyg87hrWresh0Y5odf8nDcPdce7Ar2bH82F1N7fJPN6TBL6Afm7kEfyBQF9vm-NMCLQwsqb66lT-RfGJLbaSiFhBZAEY3-ieVcsyRyHFfqa9E5nbXuzBHFkricFqh-mJ0lsBwB-OUUzXbUJ8qxuVOTr6bv_Ikx03dkBAC6L-ApJoyvytLQWwf38S48Juq1mWgUgXOPjHmEiHxzCiXe_VCqG84cP-n4NFBMa7qf4LuA2nnfgFy9EnvehQKPmATnHL77Tvi-cpwLewREVaRW93FGCrp-L7g_MRfEpI3pOcd5NVQsC_51cJRr5jdT0O5bjxwgjykgDdmWt6JiyNwcSc4MvW4yj0Gkq9Xl4df6owjPGxUSr3pDp5dVj1UQE79ZAg3aOlSkhkjl5Zjs-fHgNnUWOBBcj3-BJZq-LiDTIGzejRGKEB7vUIH3LO-XBXJ_txcjhE6oISjEsN_Gipf8pbjbmohUAVVG5_CvOtCT4-82dlyvbvA5QQiZJE7Wt8t7Zx4fjcdYRxzfFhOH90bk8EFpypHKigiWOwrhZ29jIhL68kwutsiP41E0kYjUne1fk-HCnUT4KOKhRDntx8BQupgTWa27fqgrLx6gR_oEEPMxCuaJRNP8t8TF9iToZt0PSczSYeTg0C71o0A65qfZ3abvhTXp564f9eQE_AnLyKip6BI13JZwl7bIQOBVoZVtotaY_Ofn4oPd-6xJpQQpob-rbKD7S1Mj3MSaSWKw7BdsH0h5ZaSHqayQ6fm50zrMzZa1QRLSlISHCj2J5BE4HikbB7R9R_335sRKV6lJCMTazxOXjKQVkmQjwsz-OOV-c7daijh8QZ_Ksiwy-fpc4CZkAbTIFn2uQEUwyqVVpsS2YpPWIgp4zY0KARerSvkH-zKMKk5Jh-h1cNeWHvcxOj9VSYxvT-ij2Bbpk126J_WE-T0hWbFv-6sC8_6wZTOfZCGmfZxYrgU7Z4ZUgDdnvvA-v3rHQNasHcbPpdSKA_x76loGLoSg9dXVupiXcc2lZmhc1JTYz-4GsK9KsKSSSljZZ4BylE8CUovCUZ4QFUi2e3fCyaQBOFIiZv9YSOknEv7QZQYBfEKtMwU7eYvPbIpU9BbDI43y-PFYwXQB-hbps_eVQUH3SRXI1PfxXpWHzgaK1upopizmuZCKZJar055p-_mB6Lah1k3_bTJat6HVVLHWIxqHv7MBn5uMWl0ffkv7ChSxsb2vJJO4IsNcGDMXO29K9V7kBkaE_j07ZE2sykFHcMjoN12wVah6B-IvNb0m8rEUOsBm1MTc0GpvgTnqDVOmvmvwjYlIuZm7KvvAQKCcYOxhbaXWLyWhjIH3E14btMhKFWmByCVear1_yUrWiISvGL4bAAH_KMZOKYtXYn04D5ozzxKB9JZ0OD73YsiOIjizTI7cdMdh6Xx3VV-T7juh0y8ynQmB4BzWfdPPRARzDLZ4m7EFaw96z3ohO1ogRC3diRKx82a8p_hN2YXKXtbDMAzCXNDpt05-yl1kgtKoXqXvjyl5DBbOPYVbdLHbySqRNRe9VSMXGZLPrOM9b8QyDKYM6jO5ggjECSevk8gZcgQOodaLmgzeO_IWm6838eLk1Ju8hJmtHi8qmjQWKK_ayGqx7OeNS5qFF69J1dZzJFrugFsmK2O3wUNN0IJUAyRrJggax_cVFS5U_OU05eJv-LOrq5yRDKTVIl13VYn6zngmbiYgfzQCzvM5L0wJG7yQC32SfKDLl77_Mi_b8gwqZGenul4gc1gOkl1CXiUFXW1ADskA2YQ7fF6TBkV0BoQTcY5w_wRGoyXOY_SzXn44NGUep6PTwb97bwIVXcNocVDUoGb2kGIpsIkfvmq_Vcsls2zdDKsZfCpKvZxdC3mjzTnW0k5jZ535Xc9biCl87krH-6wPyUfCYEBx2t1fVKsvoJMitTgzfKSIXMpzGLlx5VvHwaDqsp18h7tcQX9OrEihvOWbQUggk2WzuzLD3m_uvtrpMVhvjnNWgeothRdoTbqDAgG5HieQ2uxmz52PvaCvwMUUhlHRcb8CtgURE8gJI7uaQIvmkVoTdhzWHg47_3V7H4GAwCh_Q-qgazgbuKpMn5KXP8UGFAmMrW-eAUvWupmo5Ai0prCgOVI0UmReztEotlJ_v04lOH8C7zf85PLPiqMN571-Ryy_ekX0fnFWw437gLc1C7zSdhsRHRMN-6qqyhz5x5sD4AjlEOSUyq-E9GHrdGbgmfD_mKKLhDoocDc6TdwqEiXT-57gMJe56Cvv4bDfebbj6tjfZg6baYwELFitQPaQeYQrS4yAdGh8f9vo9d3xwHR28rUpowN1XkVazaWDEizB_Cc733JDuK9Bq-7uRlC1jBOsknRpn2p0UrtBv7lMEkCTJOqstOSRxb46TkpAg6hX_YLDIpgEpMtjWSUzXzHacjajFvD1vNexLl3Hx6ON7ySK5SG5v2OmzXsmrR1c3X9w2hULQLt0HNfOSkLfWyYzcgFiT1kczLBv4jTIXGRym7ilo6dQc-Qm8VPvnGQABZqJKFeFVjuiKE7HaGKUj5TAAHuiX4RfUMYBhJCGvsX927F9jJqzzcMlYnOYd6bBB2zr1wCkljCwNER2CZZzHMnT1ZKsKBgvJqFwg2toUr813XGF0IR1PKuTJgUh9gNuta82UoiisQ3S_4q0TD07pfRmQUFeLRLonEuPZ5k28zwfctawxB09xbzsRs5XjfG_N-Wqx711ogx9taMXIQkJbFAMvL0sfe9Xv8I_mWvE8GAP5IyJp5b_-uy6MN7_FOioKEd2z6Dby6XczCsCScoSdOQ5SN1NzGf66JM8sL5GZ0uJrgD8QKr9Mp5aQXAa9IJoW6RNmcKuA5wQK1uxRz3XJjAR4_pQpr460eHMwJBmb0rLBFTNkC3pVdnnma7A-MtFhNokfPK89xBDo3-Pfna4_LncwfoeWwmkQ1ENK9-iUb0qnMryLy-D0UG-sdnor--EgnEW1VAz8XMGLkGkqqNCKDIHDimmqqL2uPG9tLGOdlhl2BJXnBSeY6kLiabwa2wpBUYcmjaV9S4axh-xGYXq8KPnC9gUxv2Xyhmucm3WEHhXiXBVA5pqxRHVMh0HlW6wsaGCfcv1qTL6KtXcQv6d5vuZej3Yh8_D9q_ZRruTfpNgCK4dj4ItiBAagw&cid=CAASEuRoaDblaIBll7hOAIG57lvo0A
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3071 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGvg8JssjYYf2J8mY3gP19rLwB7efnt1k44Tela4Ov-iivcABEAEg9PnGJWC5-MeA3AGgAczWhtgCyAEGqQIDgnSv-K6zPqgDAcgDCqoExwFP0IRvviWG3WH7yl3jE5W9x3sSyEFrAL5M4i6F8B168jjJszzm5eNNBNfI1xYEq6HK58zzTDWMOKbSYK9K7np9V10a02oPWrcojnkFYiCAc7VE0kODlPVHmOQWE311i8AmByRvYJr4Qlrw-Nkk0fZ_mQlMowfTqJaGDX-r8jXVOXJ_S2_c6F-Vz4YmOlzpUyM6_QG6tRdr0OVOq5sxQ5hdGiLUYra7LFigV_vYwG-APUtMXhVHIikBQdpHM7mtScdR84EpCkcGwASuzMy_ygPgBAOIBam-iYY1kgUGCAMQARgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAecqfmnAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcB8gcKEIaschjIjpCyAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNTk1Mjc1OTAyMTQ2NjQ4MoAKA8gLAbAThPqmDMgTisLw3QPQEwDYEwPYFAHQFQGAFwGyFx4KHAgAEhRwdWItNjM5Njg0NDc0MjQ5NzIwOBi-yQc&sigh=omK_ZswnkLI&cid=CAQSOwCNIrLMLuSW33eBVAtEIYsgi64K_31d7feBIZgg-cYKTRYtS-Snj95BmQdm1g5O847opt9ggDB_bxMM&template_id=509&vt=10
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 3071 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjVWRgbhi414Ty4dHDAJ7eDTBkAJnt9w2XUGjJekcvfrM8tfACiml1xxRzkrMmH7ehBskYLskJe4N8vg6_bwGdR1FOZg
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3071 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 15:34:33 GMT
x-content-type-options
nosniff
server
cafe
age
2846
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 24 Aug 2021 15:34:33 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3071 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
age
13466
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 24 Aug 2021 12:37:33 GMT
army.gif
askleo.com/porpoiseant/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIxZTkxM2U5OWI4MDY0MGZkNWI4NmE1MzllNWI5N2M5NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDIyLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMjIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3NTgwNjA4ODUyOTM1NDU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTE3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3NTgwNjA4ODUyOTM1NDU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIxZTkxM2U5OWI4MDY0MGZkNWI4NmE1MzllNWI5N2M5NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDIyLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMjIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3NTgwNjA4ODUyOTM1NDU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTE3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3NTgwNjA4ODUyOTM1NDU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
pragma
no-cache
cookie
_pbjs_userid_consent_data=3524755945110770; __gads=ID=310ee5d8fe22e4d3:T=1629735718:S=ALNI_MYhjyTRDx-Y7XHP8awhqsS6F2ziiQ; ezouspvv=22; ezouspva=1; ezouspvh=22
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:59 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:57 UTC
28687274
g.ezoic.net/dac/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/dac/28687274
Requested by
Host: askleo.com
URL: https://askleo.com/porpoiseant/banger.js?cb=195-2&bv=60&v=51&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 23 Aug 2021 16:21:59 GMT
cache-control
max-age=3600, public
server
nginx
content-length
0
vary
Accept-Encoding
content-type
text/plain
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA4LTIzIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTgifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA4LTIzIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTgifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma
no-cache
cookie
_pbjs_userid_consent_data=3524755945110770; __gads=ID=310ee5d8fe22e4d3:T=1629735718:S=ALNI_MYhjyTRDx-Y7XHP8awhqsS6F2ziiQ; ezouspvv=22; ezouspva=1; ezouspvh=22
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:59 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:57 UTC
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImF1Y3Rpb25fZXBvY2giOjE2Mjk3MzU3MTksImFkX3Bvc2l0aW9uIjoxMTAzLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiYmlkX2Zsb29yX2luaXRpYWwiOjEyMCwiYmlkX2Zsb29yX3ByZXYiOjQwLCJiaWRfZmxvb3JfZmlsbGVkIjoyMiwiYXVjdGlvbl9jb3VudCI6NCwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDkwLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImF1Y3Rpb25fZXBvY2giOjE2Mjk3MzU3MTksImFkX3Bvc2l0aW9uIjoxMTAzLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiYmlkX2Zsb29yX2luaXRpYWwiOjEyMCwiYmlkX2Zsb29yX3ByZXYiOjQwLCJiaWRfZmxvb3JfZmlsbGVkIjoyMiwiYXVjdGlvbl9jb3VudCI6NCwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDkwLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
pragma
no-cache
cookie
_pbjs_userid_consent_data=3524755945110770; __gads=ID=310ee5d8fe22e4d3:T=1629735718:S=ALNI_MYhjyTRDx-Y7XHP8awhqsS6F2ziiQ; ezouspvv=22; ezouspva=1; ezouspvh=22
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:59 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:58 UTC
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3071 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://askleo.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 06:52:18 GMT
x-content-type-options
nosniff
age
552581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 06:52:18 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3071 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://askleo.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 01:12:52 GMT
x-content-type-options
nosniff
age
572947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 01:12:52 GMT
/
onetag-sys.com/usync/ Frame 2B57 		2 KB
872 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUSER_TOKEN%7D
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
ee22f683394ec9d609b8c7b90e446dc4fde1cdcf0895322f7004078b5d3ed549
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUSER_TOKEN%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://askleo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
780
strict-transport-security
max-age=15552000
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3071
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date
Mon, 23 Aug 2021 16:21:59 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
17714448501645138909
s0.2mdn.net/simgad/ Frame 3071 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17714448501645138909
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
777d64ed5f90cc4c4a9c683655965eb44cb7eb038b0fbc0dac1574c2ea3f1c4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 11:09:58 GMT
x-content-type-options
nosniff
age
364321
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143336
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 08:57:45 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Aug 2022 11:09:58 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3071 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 15:34:33 GMT
x-content-type-options
nosniff
server
cafe
age
2846
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 24 Aug 2021 15:34:33 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3071 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
age
13466
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 24 Aug 2021 12:37:33 GMT
setuid
pb-server.ezoic.com/ Frame 2B57 		0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb-server.ezoic.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.205.247.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-247-225.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
nginx/1.14.0 (Ubuntu)
Vary
Origin
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
container.html
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4982 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://askleo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 23 Aug 2021 16:21:52 GMT
expires
Tue, 23 Aug 2022 16:21:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ4MjIsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ4MjIsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJ6ZXJvIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NjYwMzQ2MzMwOTU1NjU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAuMDAwMDAyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ4MjIsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NjYwMzQ2MzMwOTU1NjU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDgyMiwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0ODIyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NjYwMzQ2MzMwOTU1NjU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDgyMiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNzE2MTQzOTQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ4MjIsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ4MjIsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJ6ZXJvIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NjYwMzQ2MzMwOTU1NjU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAuMDAwMDAyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ4MjIsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NjYwMzQ2MzMwOTU1NjU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDgyMiwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0ODIyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NjYwMzQ2MzMwOTU1NjU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDgyMiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNzE2MTQzOTQifV0sImlzX29yaWciOmZhbHNlfV0=
pragma
no-cache
cookie
_pbjs_userid_consent_data=3524755945110770; __gads=ID=310ee5d8fe22e4d3:T=1629735718:S=ALNI_MYhjyTRDx-Y7XHP8awhqsS6F2ziiQ; ezouspvv=22; ezouspvh=22; ezouspva=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:59 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:57 UTC
71614394
g.ezoic.net/dac/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/dac/71614394
Requested by
Host: askleo.com
URL: https://askleo.com/porpoiseant/banger.js?cb=195-2&bv=60&v=51&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 23 Aug 2021 16:21:59 GMT
cache-control
max-age=3600, public
server
nginx
content-length
0
vary
Accept-Encoding
content-type
text/plain
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ4MjIsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA4LTIzIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTgifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ4MjIsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA4LTIzIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTgifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma
no-cache
cookie
_pbjs_userid_consent_data=3524755945110770; __gads=ID=310ee5d8fe22e4d3:T=1629735718:S=ALNI_MYhjyTRDx-Y7XHP8awhqsS6F2ziiQ; ezouspvv=22; ezouspvh=22; ezouspva=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:59 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:58 UTC
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImF1Y3Rpb25fZXBvY2giOjE2Mjk3MzU3MTksImFkX3Bvc2l0aW9uIjoxMTAwLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiYmlkX2Zsb29yX2luaXRpYWwiOjU1MCwiYmlkX2Zsb29yX3ByZXYiOjQwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6NCwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NjU0LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjcxNjE0Mzk0fV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImF1Y3Rpb25fZXBvY2giOjE2Mjk3MzU3MTksImFkX3Bvc2l0aW9uIjoxMTAwLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiYmlkX2Zsb29yX2luaXRpYWwiOjU1MCwiYmlkX2Zsb29yX3ByZXYiOjQwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6NCwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NjU0LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjcxNjE0Mzk0fV0=
pragma
no-cache
cookie
_pbjs_userid_consent_data=3524755945110770; __gads=ID=310ee5d8fe22e4d3:T=1629735718:S=ALNI_MYhjyTRDx-Y7XHP8awhqsS6F2ziiQ; ezouspvv=22; ezouspvh=22; ezouspva=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:59 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:59 UTC
pixel
googleads.g.doubleclick.net/xbbe/ Frame 87D6 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNUO2CQvmdbbsN2VksF8nN6HHcbyQ3ArnsOJTPc0cIDNQVjxC8nUR7-WddgsrsWQ0nx7UHQbiri-0TbPr7iSG6k9V6XRo34SbARXUfjLvbStVRD2dzP3xWexahjWXy1b6rGU6yUSqa6A9HZeTdWCU-kLiMDMdBhNuy7y68NPb2xUal9j0BYsmpoY_A3IcYxm_k1a-kWqT7DXKd--snq6tAh1M9YzWg
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNUO2CQvmdbbsN2VksF8nN6HHcbyQ3ArnsOJTPc0cIDNQVjxC8nUR7-WddgsrsWQ0nx7UHQbiri-0TbPr7iSG6k9V6XRo34SbARXUfjLvbStVRD2dzP3xWexahjWXy1b6rGU6yUSqa6A9HZeTdWCU-kLiMDMdBhNuy7y68NPb2xUal9j0BYsmpoY_A3IcYxm_k1a-kWqT7DXKd--snq6tAh1M9YzWg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkI94dOFqntRHbsBl0PDWnx56BXcTwjdLtRq1QCxRymXbkKEneEXHvEKmYHdqU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 23 Aug 2021 16:21:59 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 4982 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFANrLPBup4kr6H-hnTFK7V7bkre93xXXTSNs-w6DqU9HrcE_T5RI9StRtJEN8crCnO7dmx4pVTK3rHE3X6fZw5aKlo7AbDJ2-9yxjylxwkrYEZmSvu-afbhrvZrS0u7TmOcgxsAwKCLDC-tVnR65maAatQA&dbm_d=AKAmf-D9tdmgJ0bxZaZfLaojPUy-Oxlu0T46_F0rGLcZNfrThpHnaSwiK-2lL2DAIj0GXKWKrs1hZp1SgdeDMdRshtX0miN3LbS1drx7h5H0kkbjLdZ3l_Pg66WmIlXG_04sHKnfu8DRuet1X4Iqde8cfihrv1yEo5Mk9VUKIqCIEH64l6ktymYygZG_w_1ECZVv5cuhA5N7dnicn99WHkywr4rn9ygBXLpNfqbXeI3jXpEZFC_x0rTC7hXZX-I8RV83OkqNiywSNjpBCTmHV30FaqRt1aZSqHlQZ9_ch6-X89RKFELG8Y_AcQKPAy9pPH_KkeSuYpZtPLG5HnwLDBOwMIPpPBiikts_vfyl_UU-G1IxJuuaFRlJTzaOIY7KXqpXqUC0OwIAX3nRv2BsT9tjEEPTsf3o34ZcffeVvRenroEPsKre_R_7--RHOAguNbgQkQP-XAVV0Db-A3NeZW8QrlWZuzlSDjAqNWL_qa5hbMtEoclGmmp7O4OHy4NVJRWcgAneRdGXTN7qCmmuguszc0PYQEOpj13QQg6h6XFWhJ7OGZdj0K5ToFa5DaJlYbfKc4i2u2_xZdUhWXqqob8qiMDHGmFAW1MoNMUNEZwun7ZyInzeRrLsj52wtFqJjvlsEtd9l7J5L2qsgQ_kNmb8eo31rdmPXqVTg7LGX_c3cigG-eEZEdoKBFL1cHcUGnkF_02ypuCHmC1oHk9zepfS_FrYeypPgxf8NE-ds1OO8Zi0kzYkHF0mcEZ3I2aItVDIjOOXw2AKyInSELBLVBMiN3pT3NQRWIhjez_P4LhQYyAHMHj81X2otlesuhYcGa9FF5_CoTzFwBG5A7-tTYet8gwDq3jAqafw6rfvcJ71eJrQ8MCATfc_sgHmaCIeF7NpylU0LDxAKZ7yMtUQWTPqMyqdm5xqsRtZ3IEzJaVCjwz5Y9XOs2GH_J9qQednijMeP5ICaKqxjiZbLOsSo07Qkoe5ZoNkD-by8vS5IrufAnF_UEPja9BkhFoHxFHNGYsKhCvP1e_te0gEZ8joqpDqXlE1sjIhDDqQuMOSZQbPvGOpgYNFdzM9b-cgrOO-WqJq3SoWYqMjo2_uXsfdBuwGHXr_RSOzzchWiLlnOHjlafbRGieHiOda169ZL3Sc093PmDRRTxJiLY2PLmWxRoJsC3vL_QaUSoywrFz0tCw8N5UdiknZTN6wNuPdR8X3VOriuAQR6iBnY9_h0tbFrwC83mFrNehsaSy_DZE4vUCJD8_-WO5DCnLzdDXmBfv9Ph7dlPkA7W7ZEP40xmgjs50XakDPsg9BfRB0ITrsXC77L4X2MZinzk8tOAhki3iyy7g-_yCaKcCS9pIJR5f6sEu0kMg3SSsm6wWusfd78HyV96ZA6e2ZnHHzRoOY7jtk_Krpddc4w3VpfKkI96-bwPoAE8Y3fywgQlnAgXuoTMc--769HTz3-Yhp6MsvPiERgUOGz35cp5pVPTrqnUgjZIRxO8VvtC-YizWNDRGL2jbwL7FnRaSs7yun9gC_9Qyxb71rghFcN90xCjHzLpWWOZndaKOjAWQ1Rv_CARUlan7uFDLHt_JPWwK0cTbwTF1j-N6u0cHhmzIRsyuT67OYA1tQl0ubL_cq6tXM3kGzL5f95H6feXD1dxYHERJUBebfnxP2Yc5jV-Fqy168T8-tR34WehiMOdDWKpOwvRTH75_gOa4MpkYJoC_1ikbm6Qu09u5zXOqjN0z0-oCljc263B-5jZzd4xek3GvbcHXAaMGKfJDTb4gtphq40UoQ7rw6zC40F9PPXWVXiaZo2j7OjEVL_cPpDgn1GjWpkAoUhm1foKOsVZdd_IQEzyrzzC7j6seOy-MZTAoj05g5pkhJz7_YZmbA_0UBG8oyOUaBtCZPDL-zAT0PcHess1NKG5OiBO_QnnpF9qPqOBZwFjZbIg2FJKyRvbXdvoucyF-7pNsXJ_1rNYGCMgmhgqFULmxMzcB8eIXabuoKet9D79jG02-H_bmLjMel0MvrcclkvK820DbGzlC0CktZ8UkuD76xWEkA9DEgX57LHQPpnIoZpNvIAgGE9KdO28RnyTvZ2NVLIzJOus6srZ1c26ybIl_f55sMKkbbZ4rAB9GOKvv52dh6NkgS0wZYWowqaK6qyAJR_e2i_XE-WuWIwDcjD54mAOK3aP-MO4-bLEffnl__NaKuRgZG_PSQ9M41BZuJYDEqF5ySxz3bu1IAdmEOhKfT-q5yGejTOsdPfeTpJSV8X_uJIL9H3sUhcwnOlUgBbbWT7sN_lq9HUDMdJabWqldNTEbI7A12SEhs8ZlP_VdWV7iPNYvpoMe-DNfBYFWQd56fyRmNlgNL23z554xi-u6DNCQhRGsyZf1kFKEH1-reNxP88tHlgJCED0V4noX6HRHBAcWy2HmYjyI_A4ER3Vuy_USmJj7mNsdxvKqu8JRmeJeCUMNlKxiSIAoWtlXLhjQ88--bFGNV_1NSxCRAouOJR0Ir-uc1Tu0bDsXFY9iu3fUIL1JYYuDg-LLTFbjyinxfCjLqzPDBW4YapKCNqH8T6gAb3of3imQfg4OpPU6FU1sFgoCrQtIPG8IaoaH-gBmH2Q45XvYrpOkz83MI8PV9usBf1OJge08ItMr_tu0jp5BmwxPd_hmHz7E42cGaUnSaX5bBRKB2PAi4HeA3UnP5_7vhiAn3KMK6cyVkRSC6C046o72atZamvDQtgGcx9gDrDeh9EPL_JK1qSm69Py7UN8UwQ1l9j8Og3KeSQTVbzndZWt9phhOvkxTCKUOgVrhlZnsOI_WZxiMiiVDvh2UYWXh4NcPzP8fulS8vtB3R5CAc7siIkWdYcbnxgNmgXZsUX6pXKvuol2A-uh6qFYHk0hC7WgTpiWH6CdGK0P9ZjWnFlvv1kcKDW6stEsGr5226MBg3mdIedWmQ2lxtlXBsTHyClMlfJPvYRwZH8kqKih2N9cLY-ln44phE-sT1UTyZWPpq7nQ-NeH_lbQqJbV_aMuCXfHx1PYnDpx_wFCkxSfoEkYIjSWrc7ioY1H36ffc5M1DJUyn4LbAu5rfitRONLhiBDAS92us&cid=CAASEuRo2oHJDfjVY6GykscxDsZN4g&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9130089f503b409bdc8eb98de051d9ba356723aed20feee9f637cca189d2b190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30731
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4982 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEuNDDPwaq6dZH_TF2jA7neHxjiXr_tdL7qKNnK8yM4T3VjBigUt1Xrd94xUUVNbgyu1faqyeng3uYTJTJ7g9fusAUYYq1Ob7ZWRyieJSzyuFStxE
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 4982 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
609
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:11:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4982 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:59 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:21:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 4982 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:06:52 GMT
l
www.google.com/ads/measurement/ Frame 4982 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-9vvcr-YJ99xzJIdNdjUcuSMV5qF6wt2rUn8Icn6maEa8ZHLc5A9YXPfM0ct030zstwc0-gZaW7Qa3TpoVAYnGdNIew
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 4982 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 22:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63480
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 22:43:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/ Frame 4982 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFANrLPBup4kr6H-hnTFK7V7bkre93xXXTSNs-w6DqU9HrcE_T5RI9StRtJEN8crCnO7dmx4pVTK3rHE3X6fZw5aKlo7AbDJ2-9yxjylxwkrYEZmSvu-afbhrvZrS0u7TmOcgxsAwKCLDC-tVnR65maAatQA&dbm_d=AKAmf-D9tdmgJ0bxZaZfLaojPUy-Oxlu0T46_F0rGLcZNfrThpHnaSwiK-2lL2DAIj0GXKWKrs1hZp1SgdeDMdRshtX0miN3LbS1drx7h5H0kkbjLdZ3l_Pg66WmIlXG_04sHKnfu8DRuet1X4Iqde8cfihrv1yEo5Mk9VUKIqCIEH64l6ktymYygZG_w_1ECZVv5cuhA5N7dnicn99WHkywr4rn9ygBXLpNfqbXeI3jXpEZFC_x0rTC7hXZX-I8RV83OkqNiywSNjpBCTmHV30FaqRt1aZSqHlQZ9_ch6-X89RKFELG8Y_AcQKPAy9pPH_KkeSuYpZtPLG5HnwLDBOwMIPpPBiikts_vfyl_UU-G1IxJuuaFRlJTzaOIY7KXqpXqUC0OwIAX3nRv2BsT9tjEEPTsf3o34ZcffeVvRenroEPsKre_R_7--RHOAguNbgQkQP-XAVV0Db-A3NeZW8QrlWZuzlSDjAqNWL_qa5hbMtEoclGmmp7O4OHy4NVJRWcgAneRdGXTN7qCmmuguszc0PYQEOpj13QQg6h6XFWhJ7OGZdj0K5ToFa5DaJlYbfKc4i2u2_xZdUhWXqqob8qiMDHGmFAW1MoNMUNEZwun7ZyInzeRrLsj52wtFqJjvlsEtd9l7J5L2qsgQ_kNmb8eo31rdmPXqVTg7LGX_c3cigG-eEZEdoKBFL1cHcUGnkF_02ypuCHmC1oHk9zepfS_FrYeypPgxf8NE-ds1OO8Zi0kzYkHF0mcEZ3I2aItVDIjOOXw2AKyInSELBLVBMiN3pT3NQRWIhjez_P4LhQYyAHMHj81X2otlesuhYcGa9FF5_CoTzFwBG5A7-tTYet8gwDq3jAqafw6rfvcJ71eJrQ8MCATfc_sgHmaCIeF7NpylU0LDxAKZ7yMtUQWTPqMyqdm5xqsRtZ3IEzJaVCjwz5Y9XOs2GH_J9qQednijMeP5ICaKqxjiZbLOsSo07Qkoe5ZoNkD-by8vS5IrufAnF_UEPja9BkhFoHxFHNGYsKhCvP1e_te0gEZ8joqpDqXlE1sjIhDDqQuMOSZQbPvGOpgYNFdzM9b-cgrOO-WqJq3SoWYqMjo2_uXsfdBuwGHXr_RSOzzchWiLlnOHjlafbRGieHiOda169ZL3Sc093PmDRRTxJiLY2PLmWxRoJsC3vL_QaUSoywrFz0tCw8N5UdiknZTN6wNuPdR8X3VOriuAQR6iBnY9_h0tbFrwC83mFrNehsaSy_DZE4vUCJD8_-WO5DCnLzdDXmBfv9Ph7dlPkA7W7ZEP40xmgjs50XakDPsg9BfRB0ITrsXC77L4X2MZinzk8tOAhki3iyy7g-_yCaKcCS9pIJR5f6sEu0kMg3SSsm6wWusfd78HyV96ZA6e2ZnHHzRoOY7jtk_Krpddc4w3VpfKkI96-bwPoAE8Y3fywgQlnAgXuoTMc--769HTz3-Yhp6MsvPiERgUOGz35cp5pVPTrqnUgjZIRxO8VvtC-YizWNDRGL2jbwL7FnRaSs7yun9gC_9Qyxb71rghFcN90xCjHzLpWWOZndaKOjAWQ1Rv_CARUlan7uFDLHt_JPWwK0cTbwTF1j-N6u0cHhmzIRsyuT67OYA1tQl0ubL_cq6tXM3kGzL5f95H6feXD1dxYHERJUBebfnxP2Yc5jV-Fqy168T8-tR34WehiMOdDWKpOwvRTH75_gOa4MpkYJoC_1ikbm6Qu09u5zXOqjN0z0-oCljc263B-5jZzd4xek3GvbcHXAaMGKfJDTb4gtphq40UoQ7rw6zC40F9PPXWVXiaZo2j7OjEVL_cPpDgn1GjWpkAoUhm1foKOsVZdd_IQEzyrzzC7j6seOy-MZTAoj05g5pkhJz7_YZmbA_0UBG8oyOUaBtCZPDL-zAT0PcHess1NKG5OiBO_QnnpF9qPqOBZwFjZbIg2FJKyRvbXdvoucyF-7pNsXJ_1rNYGCMgmhgqFULmxMzcB8eIXabuoKet9D79jG02-H_bmLjMel0MvrcclkvK820DbGzlC0CktZ8UkuD76xWEkA9DEgX57LHQPpnIoZpNvIAgGE9KdO28RnyTvZ2NVLIzJOus6srZ1c26ybIl_f55sMKkbbZ4rAB9GOKvv52dh6NkgS0wZYWowqaK6qyAJR_e2i_XE-WuWIwDcjD54mAOK3aP-MO4-bLEffnl__NaKuRgZG_PSQ9M41BZuJYDEqF5ySxz3bu1IAdmEOhKfT-q5yGejTOsdPfeTpJSV8X_uJIL9H3sUhcwnOlUgBbbWT7sN_lq9HUDMdJabWqldNTEbI7A12SEhs8ZlP_VdWV7iPNYvpoMe-DNfBYFWQd56fyRmNlgNL23z554xi-u6DNCQhRGsyZf1kFKEH1-reNxP88tHlgJCED0V4noX6HRHBAcWy2HmYjyI_A4ER3Vuy_USmJj7mNsdxvKqu8JRmeJeCUMNlKxiSIAoWtlXLhjQ88--bFGNV_1NSxCRAouOJR0Ir-uc1Tu0bDsXFY9iu3fUIL1JYYuDg-LLTFbjyinxfCjLqzPDBW4YapKCNqH8T6gAb3of3imQfg4OpPU6FU1sFgoCrQtIPG8IaoaH-gBmH2Q45XvYrpOkz83MI8PV9usBf1OJge08ItMr_tu0jp5BmwxPd_hmHz7E42cGaUnSaX5bBRKB2PAi4HeA3UnP5_7vhiAn3KMK6cyVkRSC6C046o72atZamvDQtgGcx9gDrDeh9EPL_JK1qSm69Py7UN8UwQ1l9j8Og3KeSQTVbzndZWt9phhOvkxTCKUOgVrhlZnsOI_WZxiMiiVDvh2UYWXh4NcPzP8fulS8vtB3R5CAc7siIkWdYcbnxgNmgXZsUX6pXKvuol2A-uh6qFYHk0hC7WgTpiWH6CdGK0P9ZjWnFlvv1kcKDW6stEsGr5226MBg3mdIedWmQ2lxtlXBsTHyClMlfJPvYRwZH8kqKih2N9cLY-ln44phE-sT1UTyZWPpq7nQ-NeH_lbQqJbV_aMuCXfHx1PYnDpx_wFCkxSfoEkYIjSWrc7ioY1H36ffc5M1DJUyn4LbAu5rfitRONLhiBDAS92us&cid=CAASEuRo2oHJDfjVY6GykscxDsZN4g&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:21:48 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 4982 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFANrLPBup4kr6H-hnTFK7V7bkre93xXXTSNs-w6DqU9HrcE_T5RI9StRtJEN8crCnO7dmx4pVTK3rHE3X6fZw5aKlo7AbDJ2-9yxjylxwkrYEZmSvu-afbhrvZrS0u7TmOcgxsAwKCLDC-tVnR65maAatQA&dbm_d=AKAmf-D9tdmgJ0bxZaZfLaojPUy-Oxlu0T46_F0rGLcZNfrThpHnaSwiK-2lL2DAIj0GXKWKrs1hZp1SgdeDMdRshtX0miN3LbS1drx7h5H0kkbjLdZ3l_Pg66WmIlXG_04sHKnfu8DRuet1X4Iqde8cfihrv1yEo5Mk9VUKIqCIEH64l6ktymYygZG_w_1ECZVv5cuhA5N7dnicn99WHkywr4rn9ygBXLpNfqbXeI3jXpEZFC_x0rTC7hXZX-I8RV83OkqNiywSNjpBCTmHV30FaqRt1aZSqHlQZ9_ch6-X89RKFELG8Y_AcQKPAy9pPH_KkeSuYpZtPLG5HnwLDBOwMIPpPBiikts_vfyl_UU-G1IxJuuaFRlJTzaOIY7KXqpXqUC0OwIAX3nRv2BsT9tjEEPTsf3o34ZcffeVvRenroEPsKre_R_7--RHOAguNbgQkQP-XAVV0Db-A3NeZW8QrlWZuzlSDjAqNWL_qa5hbMtEoclGmmp7O4OHy4NVJRWcgAneRdGXTN7qCmmuguszc0PYQEOpj13QQg6h6XFWhJ7OGZdj0K5ToFa5DaJlYbfKc4i2u2_xZdUhWXqqob8qiMDHGmFAW1MoNMUNEZwun7ZyInzeRrLsj52wtFqJjvlsEtd9l7J5L2qsgQ_kNmb8eo31rdmPXqVTg7LGX_c3cigG-eEZEdoKBFL1cHcUGnkF_02ypuCHmC1oHk9zepfS_FrYeypPgxf8NE-ds1OO8Zi0kzYkHF0mcEZ3I2aItVDIjOOXw2AKyInSELBLVBMiN3pT3NQRWIhjez_P4LhQYyAHMHj81X2otlesuhYcGa9FF5_CoTzFwBG5A7-tTYet8gwDq3jAqafw6rfvcJ71eJrQ8MCATfc_sgHmaCIeF7NpylU0LDxAKZ7yMtUQWTPqMyqdm5xqsRtZ3IEzJaVCjwz5Y9XOs2GH_J9qQednijMeP5ICaKqxjiZbLOsSo07Qkoe5ZoNkD-by8vS5IrufAnF_UEPja9BkhFoHxFHNGYsKhCvP1e_te0gEZ8joqpDqXlE1sjIhDDqQuMOSZQbPvGOpgYNFdzM9b-cgrOO-WqJq3SoWYqMjo2_uXsfdBuwGHXr_RSOzzchWiLlnOHjlafbRGieHiOda169ZL3Sc093PmDRRTxJiLY2PLmWxRoJsC3vL_QaUSoywrFz0tCw8N5UdiknZTN6wNuPdR8X3VOriuAQR6iBnY9_h0tbFrwC83mFrNehsaSy_DZE4vUCJD8_-WO5DCnLzdDXmBfv9Ph7dlPkA7W7ZEP40xmgjs50XakDPsg9BfRB0ITrsXC77L4X2MZinzk8tOAhki3iyy7g-_yCaKcCS9pIJR5f6sEu0kMg3SSsm6wWusfd78HyV96ZA6e2ZnHHzRoOY7jtk_Krpddc4w3VpfKkI96-bwPoAE8Y3fywgQlnAgXuoTMc--769HTz3-Yhp6MsvPiERgUOGz35cp5pVPTrqnUgjZIRxO8VvtC-YizWNDRGL2jbwL7FnRaSs7yun9gC_9Qyxb71rghFcN90xCjHzLpWWOZndaKOjAWQ1Rv_CARUlan7uFDLHt_JPWwK0cTbwTF1j-N6u0cHhmzIRsyuT67OYA1tQl0ubL_cq6tXM3kGzL5f95H6feXD1dxYHERJUBebfnxP2Yc5jV-Fqy168T8-tR34WehiMOdDWKpOwvRTH75_gOa4MpkYJoC_1ikbm6Qu09u5zXOqjN0z0-oCljc263B-5jZzd4xek3GvbcHXAaMGKfJDTb4gtphq40UoQ7rw6zC40F9PPXWVXiaZo2j7OjEVL_cPpDgn1GjWpkAoUhm1foKOsVZdd_IQEzyrzzC7j6seOy-MZTAoj05g5pkhJz7_YZmbA_0UBG8oyOUaBtCZPDL-zAT0PcHess1NKG5OiBO_QnnpF9qPqOBZwFjZbIg2FJKyRvbXdvoucyF-7pNsXJ_1rNYGCMgmhgqFULmxMzcB8eIXabuoKet9D79jG02-H_bmLjMel0MvrcclkvK820DbGzlC0CktZ8UkuD76xWEkA9DEgX57LHQPpnIoZpNvIAgGE9KdO28RnyTvZ2NVLIzJOus6srZ1c26ybIl_f55sMKkbbZ4rAB9GOKvv52dh6NkgS0wZYWowqaK6qyAJR_e2i_XE-WuWIwDcjD54mAOK3aP-MO4-bLEffnl__NaKuRgZG_PSQ9M41BZuJYDEqF5ySxz3bu1IAdmEOhKfT-q5yGejTOsdPfeTpJSV8X_uJIL9H3sUhcwnOlUgBbbWT7sN_lq9HUDMdJabWqldNTEbI7A12SEhs8ZlP_VdWV7iPNYvpoMe-DNfBYFWQd56fyRmNlgNL23z554xi-u6DNCQhRGsyZf1kFKEH1-reNxP88tHlgJCED0V4noX6HRHBAcWy2HmYjyI_A4ER3Vuy_USmJj7mNsdxvKqu8JRmeJeCUMNlKxiSIAoWtlXLhjQ88--bFGNV_1NSxCRAouOJR0Ir-uc1Tu0bDsXFY9iu3fUIL1JYYuDg-LLTFbjyinxfCjLqzPDBW4YapKCNqH8T6gAb3of3imQfg4OpPU6FU1sFgoCrQtIPG8IaoaH-gBmH2Q45XvYrpOkz83MI8PV9usBf1OJge08ItMr_tu0jp5BmwxPd_hmHz7E42cGaUnSaX5bBRKB2PAi4HeA3UnP5_7vhiAn3KMK6cyVkRSC6C046o72atZamvDQtgGcx9gDrDeh9EPL_JK1qSm69Py7UN8UwQ1l9j8Og3KeSQTVbzndZWt9phhOvkxTCKUOgVrhlZnsOI_WZxiMiiVDvh2UYWXh4NcPzP8fulS8vtB3R5CAc7siIkWdYcbnxgNmgXZsUX6pXKvuol2A-uh6qFYHk0hC7WgTpiWH6CdGK0P9ZjWnFlvv1kcKDW6stEsGr5226MBg3mdIedWmQ2lxtlXBsTHyClMlfJPvYRwZH8kqKih2N9cLY-ln44phE-sT1UTyZWPpq7nQ-NeH_lbQqJbV_aMuCXfHx1PYnDpx_wFCkxSfoEkYIjSWrc7ioY1H36ffc5M1DJUyn4LbAu5rfitRONLhiBDAS92us&cid=CAASEuRo2oHJDfjVY6GykscxDsZN4g&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
817
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9341
x-xss-protection
0
server
cafe
etag
177112232901409761
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:08:22 GMT
rum
dsum-sec.casalemedia.com/ Frame 87D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKaDdT8dkJ1I_Lk9l7xBMzc&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKaDdT8dkJ1I_Lk9l7xBMzc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNUO2CQvmdbbsN2VksF8nN6HHcbyQ3ArnsOJTPc0cIDNQVjxC8nUR7-WddgsrsWQ0nx7UHQbiri-0TbPr7iSG6k9V6XRo34SbARXUfjLvbStVRD2dzP3xWexahjWXy1b6rGU6yUSqa6A9HZeTdWCU-kLiMDMdBhNuy7y68NPb2xUal9j0BYsmpoY_A3IcYxm_k1a-kWqT7DXKd--snq6tAh1M9YzWg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 16:21:59 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKaDdT8dkJ1I_Lk9l7xBMzc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 87D6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSPLJzj1UnwtokG42wHQjQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKaDdT8dkJ1I_Lk9l7xBMzc&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKaDdT8dkJ1I_Lk9l7xBMzc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNUO2CQvmdbbsN2VksF8nN6HHcbyQ3ArnsOJTPc0cIDNQVjxC8nUR7-WddgsrsWQ0nx7UHQbiri-0TbPr7iSG6k9V6XRo34SbARXUfjLvbStVRD2dzP3xWexahjWXy1b6rGU6yUSqa6A9HZeTdWCU-kLiMDMdBhNuy7y68NPb2xUal9j0BYsmpoY_A3IcYxm_k1a-kWqT7DXKd--snq6tAh1M9YzWg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 16:21:59 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKaDdT8dkJ1I_Lk9l7xBMzc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 87D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOUno-r1X040W6QLrC90Umw&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOUno-r1X040W6QLrC90Umw%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOUno-r1X040W6QLrC90Umw%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNUO2CQvmdbbsN2VksF8nN6HHcbyQ3ArnsOJTPc0cIDNQVjxC8nUR7-WddgsrsWQ0nx7UHQbiri-0TbPr7iSG6k9V6XRo34SbARXUfjLvbStVRD2dzP3xWexahjWXy1b6rGU6yUSqa6A9HZeTdWCU-kLiMDMdBhNuy7y68NPb2xUal9j0BYsmpoY_A3IcYxm_k1a-kWqT7DXKd--snq6tAh1M9YzWg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c6508f8a-6457-4c2b-8e71-2b74b471d43e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5e2c0275-dc3c-41c2-86d7-38b5eae7cf8f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOUno-r1X040W6QLrC90Umw%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 87D6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM5ODI1MjQ1Njk4MzkzOTAwMQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM5ODI1MjQ1Njk4MzkzOTAwMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY5bq7ngEwAQ&v=APEucNUO2CQvmdbbsN2VksF8nN6HHcbyQ3ArnsOJTPc0cIDNQVjxC8nUR7-WddgsrsWQ0nx7UHQbiri-0TbPr7iSG6k9V6XRo34SbARXUfjLvbStVRD2dzP3xWexahjWXy1b6rGU6yUSqa6A9HZeTdWCU-kLiMDMdBhNuy7y68NPb2xUal9j0BYsmpoY_A3IcYxm_k1a-kWqT7DXKd--snq6tAh1M9YzWg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e5f5397f-1ee4-4df1-88eb-c5e67b1a0e7b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM5ODI1MjQ1Njk4MzkzOTAwMQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4982 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 07:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32419
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Aug 2022 07:21:40 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4527 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 23 Aug 2021 11:56:19 GMT
expires
Tue, 24 Aug 2021 11:56:19 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
15940
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4982 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7c2e37029cd63f54220acb65f1d3df2f8c8f4dc323280a8f5b52405f4c6b55f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8202 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 23 Aug 2021 07:21:40 GMT
expires
Tue, 23 Aug 2022 07:21:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
32419
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
be_NL_S-M_Prospecting_MC_728x90.html
s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/ Frame 4B6F 		2 KB
912 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9e1d1570937b4b0ab772f08da052b11767aa32fd810de373e16120f6468ae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
880
date
Mon, 23 Aug 2021 16:21:59 GMT
expires
Tue, 24 Aug 2021 16:21:59 GMT
cache-control
public, max-age=86400
last-modified
Fri, 12 Jun 2020 11:46:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 4982 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVxBf90xAJgIRtVUqszcomT0_-NpcyywL1GPPBsyuYv8k_FR1YGGXqZbeWi3e5S9q2J9isFUnZmAHx4PSLJvYd2ksC-IaqHBwA9m83yKc2YVTjLf2S7kstlnaplVpbeifBLaZspatdX0FP0SdIyjgno9JfrlERGRaD34uzDidRYqGcNAkVM3YzvefD3Q-kT4TnOn2c_Ajtrh5rR5NICp7tpfP3m9pkE-hM_B-xuwQ0-gnAyuNkp0yQFr6UWxtEkzWGUtq7hewQ0Cr1bnB-p8bGd7d_nKjcl7aFiDi7dnzFWyuChzApLCie-fnyBb5EE1jYarsUhdWi-ktcPzJf-I9zWKDwv9LLPbCy7Mdz9aOYQfB8I4JV_y3WrG1hklHOLFTBkBR66yVPMJ9_1mXjBJHLFK0NOyRNB4xT9uTCGoXSyiDVzxxE2BM5wOg4grJ4R3I6wlvpEBNdNWdG0Hd1MoVMEQqaVLsxLknRTjFuQAdaouRztJ0-iv3SOZ1ef0k4wNCD-a62ig7p9qJOP0CxAEbJhbtEUINKAroErqerZvu5zvBhVVJ9fzUdRbmfBez7TAGK9y3iyzxioNNTkkrjizyO8Xw1--ed-qOUzLc8Htxe0xmcnBeIPSb8okLGN_0vNWsUOy98vpkKjk5LcyfFtyBJHowaAGbcFLkHadqupd1lobxER0hpQQZEW6yP0dFk2zLer5xnrVW5aPJSmEJiYSW50Vn367QGTzxKnp82GSIsLrBfY6Pbeh4Z1upj1oky1i9Q-VM_5mYT5_CT4Ipaq2xLhUt6b4Dj7thEV7z7eaHwBBXCZkUuambCHEySKkMHdaIns1uf8IbadBArs_RqPs7duxKnQDWKq0IFjTHUQo6IQIkW6N6XMhYkH-h4MbyK7pJsiIppvmncnqA2ioAtH20669475cShvQbVLCpSai5l8LfukRB15s9Svze_cH5Drr0HJDoL8EYCCSLnMMrOSE2I4bkzH8w-9d1w4bG_piVQwM_JwfQdCsop93Fva1lINIlu9mmrWjP7KkztLorvdms_Co6MEr8VxZiOwyu3dM7QC6NctpCawxMWvfBZr7vZdV88WmGks4iJ5nvk0boAxI7I0egCUR_1IAaAgoHKxtgIIrI4in_CeOsq-es7pyWVJFjjCaqnSplakBqDHuxrZiqoKubsjIvPUVU3ZEgkTUc3JVEXsHnpwX_7RxKGR9I9-B2XxgWebXAM6w&sai=AMfl-YTmVd9s8EUdd83ECXTJ2FecdOLqJ1nLDG8S09QM8kU78PuBNZWTd5jP_MRNcRHBHPEN0tC3MKOLzoLOQmzlsPOnELoB7I-ZiSuD-eqEMm-uEg_ynkGQHZsNSErxFvRwrDWuP1eKGp5H8IWsiF-t50Kx__ESWw&sig=Cg0ArKJSzAU3fV_0GqTcEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=91&cbvp=1&cstd=87&cisv=r20210816.62916&adurl=
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 23 Aug 2021 16:21:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
opt.objectiveportal.com/ Frame 4982 		35 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://opt.objectiveportal.com/pixel.gif?customer=COO&brand=COO&domain=VL&process=banner&campaignid=22001357&placementid=297057715&che=3680459173&cmsiteid=4802677&adid=490168431&crid=108971488&gvalue=ct=DE&st=&city=0&dma=0&zp=&bw=4&keyvalue=0&line_item_id=55857874&creativeid=332324197&exchangeid=1&insertionorderid=22561967&sourceurl=https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/&universalsiteid=101267030471&auctionid=ABAjH0jPhimW9WHC1EZQTMxRN1HF&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.152.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.152.201.195.clients.your-server.de
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.objectiveportal.com objectiveportal.com
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
f592a638-c162-47ae-afa8-9d21f8ebdfdc
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors *.objectiveportal.com objectiveportal.com
strict-transport-security
max-age=63072000; includeSubdomains
content-length
35
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 4527
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEItbEdPdBztkR01gzLAAuhg&google_cver=1&google_push=AYg5qPL0P0W2ddp9wKRgtCd9wChgJR61SqrDA72fkNsp48IsDEc1PETL0SKlXn2td6oypj0kSTIhPuZFMEPoC56U...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL0P0W2ddp9wKRgtCd9wChgJR61SqrDA72fkNsp48IsDEc1PETL0SKlXn2td6oypj0kSTIhPuZFMEPoC56Uih57dSmrJOk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL0P0W2ddp9wKRgtCd9wChgJR61SqrDA72fkNsp48IsDEc1PETL0SKlXn2td6oypj0kSTIhPuZFMEPoC56Uih57dSmrJOk
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
MT3 3853 9552a83 master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL0P0W2ddp9wKRgtCd9wChgJR61SqrDA72fkNsp48IsDEc1PETL0SKlXn2td6oypj0kSTIhPuZFMEPoC56Uih57dSmrJOk
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Aug 2021 16:21:58 GMT
pixel
cm.g.doubleclick.net/ Frame 4527
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE7OenRKj-_tP1Grb47sIpE&google_cver=1&google_push=AYg5qPK-KvbEQfOmq6_PqjqOszwDZq_kQwew8rSaPSQVdKDiSV34F5j8q1I90e-syebfy3EJryNkzXoz6H4OQbtd6OIozUM...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK-KvbEQfOmq6_PqjqOszwDZq_kQwew8rSaPSQVdKDiSV34F5j8q1I90e-syebfy3EJryNkzXoz6H4OQbtd6OIozUMIRxY&google_hm=OTE5MDU2Mzc4MDgxOTgyMDQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK-KvbEQfOmq6_PqjqOszwDZq_kQwew8rSaPSQVdKDiSV34F5j8q1I90e-syebfy3EJryNkzXoz6H4OQbtd6OIozUMIRxY&google_hm=OTE5MDU2Mzc4MDgxOTgyMDQ3OA%3D%3D
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Aug 2021 16:21:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK-KvbEQfOmq6_PqjqOszwDZq_kQwew8rSaPSQVdKDiSV34F5j8q1I90e-syebfy3EJryNkzXoz6H4OQbtd6OIozUMIRxY&google_hm=OTE5MDU2Mzc4MDgxOTgyMDQ3OA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4527
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEB-rpovGb2FIY0ZjexqW-4I&google_cver=1&google_push=AYg5qPJu5iS-bSx0Iz8IYrXjqTyKqREkgvQxOo_6FNyq9L1mC9I38w4Xr_bBuUXa1_n2lcaJoBblhm6uDGIi4k9...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=CwQaXudlRwZqBwLSCg993lJmE4g&google_push=AYg5qPJu5iS-bSx0Iz8IYrXjqTyKqREkgvQxOo_6FNyq9L1mC9I38w4Xr_bBuUXa1_n2lcaJoBblhm6uDGIi4k...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=CwQaXudlRwZqBwLSCg993lJmE4g&google_push=AYg5qPJu5iS-bSx0Iz8IYrXjqTyKqREkgvQxOo_6FNyq9L1mC9I38w4Xr_bBuUXa1_n2lcaJoBblhm6uDGIi4k9zfSoeGJ-NKo0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=CwQaXudlRwZqBwLSCg993lJmE4g&google_push=AYg5qPJu5iS-bSx0Iz8IYrXjqTyKqREkgvQxOo_6FNyq9L1mC9I38w4Xr_bBuUXa1_n2lcaJoBblhm6uDGIi4k9zfSoeGJ-NKo0
Date
Mon, 23 Aug 2021 16:21:59 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 4527
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEIL1a4xFv5CJlKurzwGodY0&google_cver=1&google_push=AYg5qPJVsmoQKMQvpTZP1stAIg8D3-9QmN5oVDiPGDDvZtCZHHepM5G5Msu3hvuIeLViq_VXdKBtP6egLtFsakGtZgidojRvN98
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjcyNzM3MzE5MjEzODQwNTAwMFYxMA%3d%3d&mn_hm=MjcyNzM3MzE5MjEzODQwNTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJVsmoQKMQvpTZP1stAIg8D3-9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjcyNzM3MzE5MjEzODQwNTAwMFYxMA%3d%3d&mn_hm=MjcyNzM3MzE5MjEzODQwNTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJVsmoQKMQvpTZP1stAIg8D3-9QmN5oVDiPGDDvZtCZHHepM5G5Msu3hvuIeLViq_VXdKBtP6egLtFsakGtZgidojRvN98&gdpr=&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjcyNzM3MzE5MjEzODQwNTAwMFYxMA%3d%3d&mn_hm=MjcyNzM3MzE5MjEzODQwNTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJVsmoQKMQvpTZP1stAIg8D3-9QmN5oVDiPGDDvZtCZHHepM5G5Msu3hvuIeLViq_VXdKBtP6egLtFsakGtZgidojRvN98&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 23 Aug 2021 16:21:59 GMT
pixel
cm.g.doubleclick.net/ Frame 4527
Redirect Chain
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEGzvqMTiUc7H4msKMliJzaU&google_cver=1&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-k...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_ok...
0
0
/
cc.adingo.jp/adx/push/ Frame 4527 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEJfaDFz2UMFjxPmKJHATOgQ&google_cver=1&google_push=AYg5qPLWfIYEgSjyR5qQ3fi3QFaN8ShUR-3MeBMSIHZhBcV4nQe_RhIRqMtMn2Rp7KbJOvXOnJ2Qe8flhacnd7cEkwAKUw4PYP4
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.4.47 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-4-47.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:00 GMT
server
awselb/2.0
pixel
cm.g.doubleclick.net/ Frame 4527
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGzlpwHNxsAB4vVotDttBCk&google_cver=1&google_push=AYg5qPIkdt27Gdo9SxunCOStS9iN4iGlOw1VtxQk9IEoSHDV48Mm_u3AjkeZfT4IanXLq9M3Yb...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGzlpwHNxsAB4vVotDttBCk&google_cver=1&google_push=AYg5qPIkdt27Gdo9SxunCOStS9iN4iGlOw1VtxQk9IEoSHDV48Mm_u3AjkeZfT4IanXLq9M3Yb...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yQ1BXOFg1RTJ1RkRyNXNZYzlidlBnVHhzMVVfTlR5WH5B&google_push=AYg5qPIkdt27Gdo9SxunCOStS9iN4iGlOw1VtxQk9IEoSHDV48Mm_u3Aj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yQ1BXOFg1RTJ1RkRyNXNZYzlidlBnVHhzMVVfTlR5WH5B&google_push=AYg5qPIkdt27Gdo9SxunCOStS9iN4iGlOw1VtxQk9IEoSHDV48Mm_u3AjkeZfT4IanXLq9M3YbvpNdjMtn0g_wO1v9cF1ANAsOXt
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 23 Aug 2021 16:21:59 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yQ1BXOFg1RTJ1RkRyNXNZYzlidlBnVHhzMVVfTlR5WH5B&google_push=AYg5qPIkdt27Gdo9SxunCOStS9iN4iGlOw1VtxQk9IEoSHDV48Mm_u3AjkeZfT4IanXLq9M3YbvpNdjMtn0g_wO1v9cF1ANAsOXt
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4527 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IpidcvP0Tufz3hU1nPSua1IjT56eRdEJWyXExvnBA1ijVyAhHoiX7ZaBMHJpxiWEEf-aWpGw
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 8202 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 15:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
2541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 15:39:38 GMT
Enabler_01_242.js
s0.2mdn.net/879366/ Frame 4B6F 		107 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_242.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 01:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54042
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37452
x-xss-protection
0
last-modified
Thu, 06 Feb 2020 15:49:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 01:21:17 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/ Frame 4B6F 		114 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
418383
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
34868
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1c604"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JN2FtFHvX4btxL%2FO1wffiqRVCLJvyxTO9zItWQXrPfZ2SSoGyEwm2GwsHTlXARF0uSYaidhsstWN8Im8aJhtaVDQ%2BsgtDHKMjnTDOw85Q2KtyhCHJOqKjDAguG3xWRBJv4TbRF5Ng5pWtqrQy5Hoyry"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6835ad5689ff2c4a-FRA
expires
Sat, 13 Aug 2022 16:21:59 GMT
S-M.js
s0.2mdn.net/creatives/assets/3758120/ Frame 4B6F 		39 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3758120/S-M.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e42eb4dc61c96c40d59cee5896e8f484346f11007d056cea941d1cc90fd7f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6482
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 12:19:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:32:42 GMT
cbBdsV2.js
s0.2mdn.net/creatives/assets/3781309/ Frame 4B6F 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758120/S-M.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ce12c6a858d78dbc3b062ff1905ec4e84e23e72887f6c054f7687d19ee8aa0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4666
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 10:44:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:36 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4982 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVxBf90xAJgIRtVUqszcomT0_-NpcyywL1GPPBsyuYv8k_FR1YGGXqZbeWi3e5S9q2J9isFUnZmAHx4PSLJvYd2ksC-IaqHBwA9m83yKc2YVTjLf2S7kstlnaplVpbeifBLaZspatdX0FP0SdIyjgno9JfrlERGRaD34uzDidRYqGcNAkVM3YzvefD3Q-kT4TnOn2c_Ajtrh5rR5NICp7tpfP3m9pkE-hM_B-xuwQ0-gnAyuNkp0yQFr6UWxtEkzWGUtq7hewQ0Cr1bnB-p8bGd7d_nKjcl7aFiDi7dnzFWyuChzApLCie-fnyBb5EE1jYarsUhdWi-ktcPzJf-I9zWKDwv9LLPbCy7Mdz9aOYQfB8I4JV_y3WrG1hklHOLFTBkBR66yVPMJ9_1mXjBJHLFK0NOyRNB4xT9uTCGoXSyiDVzxxE2BM5wOg4grJ4R3I6wlvpEBNdNWdG0Hd1MoVMEQqaVLsxLknRTjFuQAdaouRztJ0-iv3SOZ1ef0k4wNCD-a62ig7p9qJOP0CxAEbJhbtEUINKAroErqerZvu5zvBhVVJ9fzUdRbmfBez7TAGK9y3iyzxioNNTkkrjizyO8Xw1--ed-qOUzLc8Htxe0xmcnBeIPSb8okLGN_0vNWsUOy98vpkKjk5LcyfFtyBJHowaAGbcFLkHadqupd1lobxER0hpQQZEW6yP0dFk2zLer5xnrVW5aPJSmEJiYSW50Vn367QGTzxKnp82GSIsLrBfY6Pbeh4Z1upj1oky1i9Q-VM_5mYT5_CT4Ipaq2xLhUt6b4Dj7thEV7z7eaHwBBXCZkUuambCHEySKkMHdaIns1uf8IbadBArs_RqPs7duxKnQDWKq0IFjTHUQo6IQIkW6N6XMhYkH-h4MbyK7pJsiIppvmncnqA2ioAtH20669475cShvQbVLCpSai5l8LfukRB15s9Svze_cH5Drr0HJDoL8EYCCSLnMMrOSE2I4bkzH8w-9d1w4bG_piVQwM_JwfQdCsop93Fva1lINIlu9mmrWjP7KkztLorvdms_Co6MEr8VxZiOwyu3dM7QC6NctpCawxMWvfBZr7vZdV88WmGks4iJ5nvk0boAxI7I0egCUR_1IAaAgoHKxtgIIrI4in_CeOsq-es7pyWVJFjjCaqnSplakBqDHuxrZiqoKubsjIvPUVU3ZEgkTUc3JVEXsHnpwX_7RxKGR9I9-B2XxgWebXAM6w&sai=AMfl-YTmVd9s8EUdd83ECXTJ2FecdOLqJ1nLDG8S09QM8kU78PuBNZWTd5jP_MRNcRHBHPEN0tC3MKOLzoLOQmzlsPOnELoB7I-ZiSuD-eqEMm-uEg_ynkGQHZsNSErxFvRwrDWuP1eKGp5H8IWsiF-t50Kx__ESWw&sig=Cg0ArKJSzAU3fV_0GqTcEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=214&vt=11&dtpt=123&dett=3&cstd=87&cisv=r20210816.62916&adurl=
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:21:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
cbstyle.css
s0.2mdn.net/creatives/assets/3758114/ Frame 4B6F 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
381a270a8837746d2393af408a52499565fe633d757dcf4bd775b77d48a70e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4142
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 09:23:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:29:41 GMT
cbLib.js
s0.2mdn.net/creatives/assets/3781309/ Frame 4B6F 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3781309/cbLib.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc590c10742490a00daef3a82ef8fe7ab4bc736122c79b27c4ac7dea80e3af1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9729
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 13:53:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:36 GMT
cbResourceList.js
s0.2mdn.net/creatives/assets/3781309// Frame 4B6F 		47 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3781309//cbResourceList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99d52606bf2e9b52a8a30569f553738909f7684432235bd53c39f95bde9d4ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6287
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 11:42:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:38 GMT
moduleList.js
s0.2mdn.net/creatives/assets/3781309/ Frame 4B6F 		5 KB
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3781309/moduleList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75ab967337aa8edae5bb0cf87c905b770b76b85be76de75eae74fa4c6041b060
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
802
x-xss-protection
0
last-modified
Wed, 09 Jun 2021 14:23:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:37 GMT
AssetsList.js
s0.2mdn.net/creatives/assets/3757766/ Frame 4B6F 		1 KB
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3757766/AssetsList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02159cd3570c28fb35026c7708464a7fa408568bd8c56c75c50152fc7e624214
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
last-modified
Mon, 04 Jan 2021 11:52:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:36 GMT
dobraslab-medium-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 4B6F 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/dobraslab-medium-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Oct 2019 14:21:22 GMT
server
sffe
age
479
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11356
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:29:00 GMT
dobraslab-book-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 4B6F 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/dobraslab-book-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:13:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Oct 2019 14:21:00 GMT
server
sffe
age
511
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28524
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:28:28 GMT
aebl____-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 4B6F 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/aebl____-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:13:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Oct 2019 14:21:37 GMT
server
sffe
age
511
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20060
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:28:28 GMT
OpenSans-Regular.ttf
s0.2mdn.net/creatives/assets/3512464/ Frame 4B6F 		95 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Regular.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59331
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:29:46 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:28:27 GMT
promotionManager.js
s0.2mdn.net/creatives/assets/4012510/ Frame 4B6F 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4012510/promotionManager.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
844b23a41ac030e589ee673e50ba1d0d5581b1cdebd48dd2d4fd1675bde66185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1289
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 16:40:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:34:38 GMT
productCard.js
s0.2mdn.net/creatives/assets/3782707/ Frame 4B6F 		86 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782707/productCard.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f3f6121ee9e9db4bb59cb15d5584d38625752b6a3d5a69988464177eb726092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
866
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10516
x-xss-protection
0
last-modified
Fri, 23 Jul 2021 13:01:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:22:33 GMT
carousel.js
s0.2mdn.net/creatives/assets/3782701/ Frame 4B6F 		61 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782701/carousel.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed99e90ee1e28944cb257b8a06d730a89f3cbf40dcb2f102b8414e80897dabda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9789
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 11:20:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:24:43 GMT
uspCtaV2.js
s0.2mdn.net/creatives/assets/3782491/ Frame 4B6F 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782491/uspCtaV2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9c57c81d47ce90d89f07b6fa259e7b6ab9e7d843ab8608950e3d2d9bad3da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1550
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 09:59:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:36:54 GMT
whiteBox.js
s0.2mdn.net/creatives/assets/3758108/ Frame 4B6F 		6 KB
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3758108/whiteBox.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5390fbeb6fcb4697d18f9e2603d96b82dc4fd3f5922806a83df0fb439747063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
939
x-xss-protection
0
last-modified
Sat, 10 Oct 2020 09:46:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:24:56 GMT
mainImage.js
s0.2mdn.net/creatives/assets/3773403/ Frame 4B6F 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3773403/mainImage.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd6ac5a1e0b62484abe064705a98e8d30694a1ff6345a35e5ae28295eca5f360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1763
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 13:26:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:24:37 GMT
S-M.css
s0.2mdn.net/creatives/assets/3758120/ Frame 4B6F 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3758120/S-M.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4d6559fa96f1a97ce556c90facd8504d53bc656d238d9d5fd89a63aab36525b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
810
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2769
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 10:20:29 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:23:29 GMT
BE_NL_DISPLAY_PROS_MC_S_M.js
s0.2mdn.net/creatives/assets/3782500/ Frame 4B6F 		19 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782500/BE_NL_DISPLAY_PROS_MC_S_M.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f5874208db31922418ad3337a1792c52bfbcc2942f3135ab4b87e20235a5bc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2310
x-xss-protection
0
last-modified
Fri, 22 Jan 2021 10:02:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:35:50 GMT
factSloganSplashV3.css
s0.2mdn.net/creatives/assets/3782803/ Frame 4B6F 		1 KB
399 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6179c4db6016209d3297febf8a9243c7356e99b52cb8b3c7e7b72c0bbc7dbaf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
363
x-xss-protection
0
last-modified
Wed, 30 Dec 2020 11:09:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:30 GMT
factSloganSplashV3.js
s0.2mdn.net/creatives/assets/3782803/ Frame 4B6F 		30 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d3315c2b2c849bdb5d2a94f08472eaadb8147502748cef585adc1d000e1a38b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4000
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 08:22:42 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:36:53 GMT
carousel.css
s0.2mdn.net/creatives/assets/3782701/ Frame 4B6F 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782701/carousel.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
237c7b47a1aa95b662e01c9628165f3731cda8f807109d86e2fed9a9b6ff7f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1679
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 15:40:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:43 GMT
whiteBox.css
s0.2mdn.net/creatives/assets/3758108/ Frame 4B6F 		49 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3758108/whiteBox.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00fc7b252d629bd7e3243ca99628088fc65717696bcaa98bd4a52c81237465e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5184
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 13:38:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:26:29 GMT
uspCtaV2.css
s0.2mdn.net/creatives/assets/3782491/ Frame 4B6F 		5 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782491/uspCtaV2.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a34f0ac0e0bae229e0913698c55cf65d12b30bb97c62e0bd6c8691dbbf2f9857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
758
x-xss-protection
0
last-modified
Tue, 08 Jun 2021 14:10:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:36:53 GMT
productCard.css
s0.2mdn.net/creatives/assets/3782707/ Frame 4B6F 		110 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782707/productCard.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dde55dc1c914a593fb92f692a3442e570eb8eb62b9ed631878e3789b6e562072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8655
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 14:03:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:36:21 GMT
mainImage.css
s0.2mdn.net/creatives/assets/3773403/ Frame 4B6F 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3773403/mainImage.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3db931fdc86bd4c3c5e5e68853da1d4754d95d9839e3aac0fcf06f757b764c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1076
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 10:27:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:36:20 GMT
CB-logo.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 4B6F 		5 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3782689/CB-logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbLib.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
845
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1492
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 07:30:57 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:22:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8202 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BN_FiJ8sjYbXWEIXz3wOHp464BAAAAAA4AeAEAg&bg=!sbKlsvbNAAZvV8FTb1c7ACkAdvg8Wj7odegVoFi_Nv99MyuK_YjWUiAs85mOw70ITI-KO6wiYzC25QIAAACkUgAAAA5oAQcKADq1gw4_10cX44ThZNjiOaC4Rg4vJIbE8V1bNXf1PWj--s8QMutZ5WhRviRSlSg_HCvw3MLBqNVU5Ae-mQK8kSltVStXtdwW06vVQeoaja3OvFwsWWbUycIlEuGPv2UITbz3AkVipaIhz3rTpZDOPxXPmQWUfyidcUJj14RThMpaVqhN1waQvKgy4dEJay8LnGtVPKmVSobheB2M86Sjtk-Og6knNu6gN7H0S1LUwM25yXWvXwXsbmOwroISw4aYdD_9yXQQoDS5v8hABlE_QLwoOL2nrP9ZEaSze_lwtC6IH_yK-W7jYAnLt8XUew9SJWY1HfcMYvZHwckxNn8HU-TVs_pCTsrhOY9l5BXhwpXrmKUpB2xsljNsyKdbUQeU04FIFgZGPWLekBNX4x9uW9H4g7KeDENYfT5_px_LdlCDpsi2dodpv354lACi-a0IXCKmKgDbEW3965bUGoQQIKOODgViwNO-nGnQkZLGrdthohG0_us2KOqA6PeELYET_nZr-gxRQ_N2Pal4WKAwmU4Ku8iIkgFxH2XUgIinsTnJ5-e-Wv353Gwp-_NF1r65GCqoRwGb_-XAjUlwxoVxe3zVdT8hGX4iyhWwKPYTouJ4tTuoCnBN3bgLId1iJqZs433StTsL1HdKbqn0B_ih3romqySoIuk8pECl2fi0I3_8cnTEQH03dlbiIVo4eROkzHXTMDm__9t6aiFU_0GubOSkp-c_zAKleRXOhI_TwOLMSssAuDBO4ZE2HBVOhKonbWBupaPFZiiOrSBThsT35_2PNevDrvzF5KC5W0K5Du7iMeMQXkVm3DSynTHrMx76g2CWCZFHJi5aSWMpouAy3YZsvVFAwzsXzW_SPNhb51lXG9tAfqYNT8ZmZCtwNAHio1ZW8bLjQm6n6owVjcbdvzpUZNjp0-b0kCh9MMy-38W99DzBxjsDyrjdWCNPvB58dCBuMYuGm5e7VzzmFbSS_D51eW4CZUsn3QgSIEBfBB20D8IYH4PUO71_qA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:21:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gradient728x90.png
s0.2mdn.net/creatives/assets/3681596/ Frame 4B6F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3681596/gradient728x90.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1f2ad19633051d6a096ada0b6a79b6bd31a4f7932b5221374bff41ea515e57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 28 Apr 2020 15:50:05 GMT
server
sffe
age
26
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2950
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:36:34 GMT
OriginalPNG-20062456.png_1629205323991_OriginalPNG-20062456.png
s0.2mdn.net/dynamic/2/10697456/coolblue.bynder.com/m/1cf8f884e16c9a7/ Frame 4B6F 		566 KB
566 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10697456/coolblue.bynder.com/m/1cf8f884e16c9a7/OriginalPNG-20062456.png_1629205323991_OriginalPNG-20062456.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7bd7eebe26ee3a45916df1024da6efa98901010fd32d7051e3933ef5f2301ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 22:01:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Aug 2021 13:03:02 GMT
server
sffe
age
66037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
579360
x-xss-protection
0
expires
Mon, 22 Aug 2022 22:01:23 GMT
Windows10_WintelIntelMicrosoft.png
s0.2mdn.net/creatives/assets/3782587/ Frame 4B6F 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3782587/Windows10_WintelIntelMicrosoft.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea09798cbbc33360fdbad1748500adc650867b736b5955f2ef1199802ba1426f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:11:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 07:11:03 GMT
server
sffe
age
613
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37834
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:26:47 GMT
Corei511egen.png
s0.2mdn.net/creatives/assets/3782587/ Frame 4B6F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3782587/Corei511egen.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c3c2553309f88ced7c7fd949101fe6bd99828858621f80513dc4c187ac6bd1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:11:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 07:38:12 GMT
server
sffe
age
614
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7110
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:26:46 GMT
OpenSans-Bold.ttf
s0.2mdn.net/creatives/assets/3512464/ Frame 4B6F 		102 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Bold.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:09:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62275
x-xss-protection
0
last-modified
Tue, 17 Dec 2019 08:35:20 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:24:18 GMT
army.gif
askleo.com/porpoiseant/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:00 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:58 UTC
activeview
pagead2.googlesyndication.com/pcs/ Frame 3071 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutx2SIEBXWgXms8vIcwFaDbfj7BhbQ8r20ADQVhMTJaODjCGPeVabF7HlluFXbQHdlXYMejWFnnhMDqRz4C5d2_hO56Hb9XLkg16FDRq2_1bER2zysUkZ8E6RNtw&sai=AMfl-YRlq9Olcgcqy4-zpltS9XbCTKmiRJtoyY-RqcjEcDIKlk1zqWTfoChploDm52yAVsA0e65l50_H0e4YEcnhTp4BX_mFwt4-Rg2q2DglYxrMWZOpJQhmXeuMMPY&sig=Cg0ArKJSzGdHh-pTebsTEAE&cid=CAASEuRoaDblaIBll7hOAIG57lvo0A&id=ampim&o=566,285&d=468,60&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=84&tls=1085&g=100&h=100&tt=1085&r=v&avms=ampa&adk=2713242136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.be/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		440 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=3649669420458630&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=1&prev_scp=a%3D%257C124%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D220%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D450%26reqt%3D1629735719268&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1629733050&dt=1629735720274&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=320&adys=1549&adks=3023815051&ucis=4&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
1256a19f3b1bc945333a9956ba28263b06ff1396c532ce41d78085fa06bf5e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
231
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		446 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=4316013269160817&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=1&prev_scp=a%3D%257C3%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D220%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D450%26reqt%3D1629735719269&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1629733050&dt=1629735720279&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=644&adys=1549&adks=3346484721&ucis=5&ifi=15&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
dca3671d6755bba09dc8903a2276febbd110b09a9a65725a37be84cbf1a41b87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		440 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=3697189402532822&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=1&prev_scp=a%3D%257C1%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D220%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D450%26reqt%3D1629735719270&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1629733050&dt=1629735720285&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=967&adys=1549&adks=3346484726&ucis=6&ifi=16&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
055000922d1766e8faddb9c173b5c4313b6adf76a6303be821a9971b2de61b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4982 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnkrD4KPw101cyDE9WJ0VPgFigOTEBqIu8BIfanNVzlL8Gm7yEZBTEvIoQeKr8AxjaRN8T2Yk3vj0foYidNUXEXB4O6WXP-DAisQzoR0G-cGd1L0hotQJ1W42YzA&sai=AMfl-YRM4pHpbIidsUgi7M2wjeDK0POF0HsKG-4zy6GGtXfZeZWuwu2qHr3lc9R841fTzKd5ZLVY7IZ3kyDYKGiwXRt-xmqHpnbaWIVfooRggPv8HfGNvR_1aAjeBZI&sig=Cg0ArKJSzKKA6AdP5CVBEAE&cid=CAASEuRo2oHJDfjVY6GykscxDsZN4g&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210820&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3444788124&rs=4&met=ce&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
greenoaks.gif
askleo.com/detroitchicago/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjU2MTYwIn0seyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjMifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX3B4IiwidmFsIjoiMzYzOTMwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiI2In0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6InZpZXdwb3J0X3NpemUiLCJ2YWwiOiIxNjAweDEyMDAifSx7Im5hbWUiOiJ2aWV3cG9ydF9weCIsInZhbCI6IjE5MjAwMDAifSx7Im5hbWUiOiJkb2NfcHgiLCJ2YWwiOiI0MDAzODQwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIyNTAyNCJ9XX1d
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjU2MTYwIn0seyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjMifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX3B4IiwidmFsIjoiMzYzOTMwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiI2In0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6InZpZXdwb3J0X3NpemUiLCJ2YWwiOiIxNjAweDEyMDAifSx7Im5hbWUiOiJ2aWV3cG9ydF9weCIsInZhbCI6IjE5MjAwMDAifSx7Im5hbWUiOiJkb2NfcHgiLCJ2YWwiOiI0MDAzODQwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIyNTAyNCJ9XX1d
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:00 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:58 UTC
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils0NjgsNjBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3NTgwNjA4ODUyOTM1NDU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3NTgwNjA4ODUyOTM1NDU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiI3MSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU4MDYwODg1MjkzNTQ1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tYm94LTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils0NjgsNjBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3NTgwNjA4ODUyOTM1NDU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3NTgwNjA4ODUyOTM1NDU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiI3MSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma
no-cache
cookie
__gads=ID=3595768ec9a85227:T=1629735720:S=ALNI_MaAjejEcNUUEP2BI_Sy9hELpWIdvA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:00 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:58 UTC
army.gif
askleo.com/porpoiseant/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ4MjIsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ4MjIsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma
no-cache
cookie
__gads=ID=34458b185b518fd0:T=1629735720:S=ALNI_Mbj7pPhyFbCLbP4RBXN0ynRsYGysA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:00 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:22:00 UTC
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ4MjIsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils3MjgsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NjYwMzQ2MzMwOTU1NjU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDgyMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NjYwMzQ2MzMwOTU1NjU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDgyMiwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxOTMifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjY2MDM0NjMzMDk1NTY1NyIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ4MjIsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils3MjgsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NjYwMzQ2MzMwOTU1NjU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDgyMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NjYwMzQ2MzMwOTU1NjU3IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDgyMiwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxOTMifV0sImlzX29yaWciOmZhbHNlfV0=
pragma
no-cache
cookie
__gads=ID=f2190ce4a563e4be:T=1629735720:S=ALNI_MbyLRhJx64W1nsAK37_Sc1tkC7Ffw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:00 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:59 UTC
integrator.js
adservice.google.be/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		347 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=3789308605463029&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=2&prev_scp=a%3D%257C124%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D140%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%2C20%2C17%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D220%26reqt%3D1629735720785&eri=1&cookie=ID%3Df2190ce4a563e4be%3AT%3D1629735720%3AS%3DALNI_MbyLRhJx64W1nsAK37_Sc1tkC7Ffw&bc=31&abxe=1&lmt=1629733050&dt=1629735720790&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=320&adys=1549&adks=3023815051&ucis=4&ifi=17&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
cdc5d5292ae0a49cfa86919b0d6de59460aa0f089d49da01ffed462e7e9b032f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
152
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		347 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=3590058581830088&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=2&prev_scp=a%3D%257C3%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D140%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%2C20%2C17%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D220%26reqt%3D1629735720792%26hb_bidder%3Dix%26hb_adid%3D129ec1cdd7863528%26hb_format%3Dbanner%26hb_ssid%3D10082%26hb_opt%3D0.02&eri=1&cookie=ID%3Df2190ce4a563e4be%3AT%3D1629735720%3AS%3DALNI_MbyLRhJx64W1nsAK37_Sc1tkC7Ffw&bc=31&abxe=1&lmt=1629733050&dt=1629735720795&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=644&adys=1549&adks=3346484721&ucis=5&ifi=18&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9e02a4cb2f3303d88488009d7a4385d1a369dd925789ad85ee3f279b7177ca3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
152
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		347 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=2081136105443065&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=2&prev_scp=a%3D%257C1%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D140%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%2C20%2C17%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D220%26reqt%3D1629735720801&eri=1&cookie=ID%3Df2190ce4a563e4be%3AT%3D1629735720%3AS%3DALNI_MbyLRhJx64W1nsAK37_Sc1tkC7Ffw&bc=31&abxe=1&lmt=1629733050&dt=1629735720805&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=967&adys=1549&adks=3346484726&ucis=6&ifi=19&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=9&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
5230f33198b804ac5be09c7b178100587533dd1ddc527a875f0f1f184a7f5eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
151
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.be/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		457 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=3449185436373340&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=3&prev_scp=a%3D%257C124%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D70%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D140%26reqt%3D1629735721301&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1629733050&dt=1629735722307&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=320&adys=1549&adks=3023815051&ucis=4&ifi=20&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
794c0c828bde7f4181c1d5a2fa65a3cfb4a431b2528b9e450fd7d3bb7943115c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		457 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=2514371240950523&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=3&prev_scp=a%3D%257C3%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D70%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D140%26reqt%3D1629735721303%26hb_bidder%3Dix%26hb_adid%3D129ec1cdd7863528%26hb_format%3Dbanner%26hb_ssid%3D10082%26hb_opt%3D0.02&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1629733050&dt=1629735722312&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=644&adys=1549&adks=3346484721&ucis=5&ifi=21&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
3acbf2ba8364869e954172e3541fee82f3e618cb5a450bf855d9a42b2d3c4656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
243
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=2837833563139305&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=3&prev_scp=a%3D%257C1%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D70%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D140%26reqt%3D1629735721318&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1629733050&dt=1629735722323&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=967&adys=1549&adks=3346484726&ucis=6&ifi=22&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=12&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
290f819a036b8ff8ff68de92f2de1fde20137d11fe1dafe274e6f01a0e6e3c8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9908
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
arrow-white.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 4B6F 		659 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3782689/arrow-white.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ee73a11f7deaf542b5417e0fa5adac6d92212515da73813d552157337d25cfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60928292/20200612044652202/be_NL_S-M_Prospecting_MC_728x90.html?e=69&leftOffset=0&topOffset=0&c=RD3QrAaccJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
455
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 07:26:14 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:09 GMT
457.json
id5-sync.com/g/v2/ 		213 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/457.json
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.155 , France, ASN16276 (OVH, FR),
Reverse DNS
p05.id5-sync.com
Software
/
Resource Hash
6589baa864490881d75f462b4d5da4fdc458d5305d21fdd34bf3ba49209a6583
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://askleo.com
Date
Mon, 23 Aug 2021 16:22:02 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame 64D6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://askleo.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Aug 2021 16:22:02 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame E6E0 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1629735719164
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1629735719164
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://askleo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame 0924 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2030%2C251%2C175%2C132%2C233%2C178%2C2028%2C157%2C3017%2C2027%2C236%2C214%2C159%2C2025%2C238%2C97%2C99%2C55%2C77%2C56%2C3010%2C182%2C262%2C141%2C222%2C3007%2C223%2C201%2C4%2C203%2C148%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ca42d0bcff0c988669252b205c214fda66994f866dc2474059d826f07e4f96dd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2030%2C251%2C175%2C132%2C233%2C178%2C2028%2C157%2C3017%2C2027%2C236%2C214%2C159%2C2025%2C238%2C97%2C99%2C55%2C77%2C56%2C3010%2C182%2C262%2C141%2C222%2C3007%2C223%2C201%2C4%2C203%2C148%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://askleo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Thu, 24 Feb 2022 16:22:02 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Wed, 25 Aug 2021 16:22:02 GMT
date
Mon, 23 Aug 2021 16:22:02 GMT
content-length
8136
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 05B2 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=156983
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://askleo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=21229
expires
Mon, 23 Aug 2021 22:15:51 GMT
date
Mon, 23 Aug 2021 16:22:02 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame A970 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://askleo.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 23 Aug 2021 16:22:02 GMT
Connection
keep-alive
usync.js
eus.rubiconproject.com/ Frame 64D6 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9b91464c3d89d306c5ee7f7926fcba0ee368374c16420de5d1d1bc42e9dabbdb

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 16:22:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Aug 2021 20:14:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46974
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9358
Expires
Tue, 24 Aug 2021 05:24:56 GMT
khaos.jpg
token.rubiconproject.com/ Frame 64D6 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/jpg
container.html
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9916 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://askleo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 23 Aug 2021 16:21:52 GMT
expires
Tue, 23 Aug 2022 16:21:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
10
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
army.gif
askleo.com/porpoiseant/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzIiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiNTI3ZTUyYzEwNjM1YWM4MTM2YTRjODQwOTRlZTQ5YTgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTBfMiIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDcsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA3LCJiaWRfZmxvb3JfcHJldiI6MC4wMDE0LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0NTkxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzIiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzIiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiNTI3ZTUyYzEwNjM1YWM4MTM2YTRjODQwOTRlZTQ5YTgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTBfMiIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDcsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA3LCJiaWRfZmxvb3JfcHJldiI6MC4wMDE0LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0NTkxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzIiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma
no-cache
cookie
id5id.1st=%7B%22created_at%22%3A%222021-08-23T16%3A22%3A02.456922Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Mon%2C%2023%20Aug%202021%2016%3A22%3A02%20GMT; __gads=ID=46e75b5ba7a874e1-2254f7deacc80088:T=1629735722:S=ALNI_MYyMfo1xsmdXKYmgaxycfguTw59-g; ezouspvv=70; ezouspva=1; ezouspvh=70
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:22:02 UTC
28687274
g.ezoic.net/dac/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/dac/28687274
Requested by
Host: askleo.com
URL: https://askleo.com/porpoiseant/banger.js?cb=195-2&bv=60&v=51&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 23 Aug 2021 16:22:02 GMT
cache-control
max-age=3600, public
server
nginx
content-length
0
vary
Accept-Encoding
content-type
text/plain
army.gif
askleo.com/porpoiseant/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDgtMjMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDgtMjMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
pragma
no-cache
cookie
id5id.1st=%7B%22created_at%22%3A%222021-08-23T16%3A22%3A02.456922Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Mon%2C%2023%20Aug%202021%2016%3A22%3A02%20GMT; __gads=ID=46e75b5ba7a874e1-2254f7deacc80088:T=1629735722:S=ALNI_MYyMfo1xsmdXKYmgaxycfguTw59-g; ezouspvv=70; ezouspva=1; ezouspvh=70
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:22:01 UTC
army.gif
askleo.com/porpoiseant/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYXVjdGlvbl9lcG9jaCI6MTYyOTczNTcyMywiYWRfcG9zaXRpb24iOjExMDEsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NDUwLCJiaWRfZmxvb3JfcHJldiI6MTQwLCJiaWRfZmxvb3JfZmlsbGVkIjo3MCwiYXVjdGlvbl9jb3VudCI6NCwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MzU1LCJtdWx0aV9hZF91bml0IjoyLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYXVjdGlvbl9lcG9jaCI6MTYyOTczNTcyMywiYWRfcG9zaXRpb24iOjExMDEsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NDUwLCJiaWRfZmxvb3JfcHJldiI6MTQwLCJiaWRfZmxvb3JfZmlsbGVkIjo3MCwiYXVjdGlvbl9jb3VudCI6NCwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MzU1LCJtdWx0aV9hZF91bml0IjoyLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
pragma
no-cache
cookie
id5id.1st=%7B%22created_at%22%3A%222021-08-23T16%3A22%3A02.456922Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Mon%2C%2023%20Aug%202021%2016%3A22%3A02%20GMT; __gads=ID=46e75b5ba7a874e1-2254f7deacc80088:T=1629735722:S=ALNI_MYyMfo1xsmdXKYmgaxycfguTw59-g; ezouspvv=70; ezouspva=1; ezouspvh=70
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:22:00 UTC
PugMaster
image6.pubmatic.com/AdServer/ Frame 05B2 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83087197&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
18eb8f465dbec9c97b0f1315990493aeb2fea391094e6c562868a9221ac4c2d2

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:01 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 26EB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c707359c4e07add0ce75011f1d1d079f54243816a20953bb3bcc45e644f4962f

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1132; CMPRO=1107; CMST=YSPLKmEjyyoA; CMRUM3=2d6123cb2a2760; CMID=YSPLKvk92JEDIiCukCrexwAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|46|88|195|90|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1832
Expires
Mon, 23 Aug 2021 16:22:03 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:03 GMT
Connection
keep-alive
Set-Cookie
CMID=YSPLKvk92JEDIiCukCrexwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Aug 2022 16:22:03 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Nov 2021 16:22:03 GMT CMPRO=1107;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Nov 2021 16:22:03 GMT CMRUM3=5a6123cb2b05a0&276123cb2b0b40&f16123cb2b05a0&586123cb2b05a0&c36123cb2b05a00&2d6123cb2a2760&e66123cb2b2760&696123cb2b05a0&2e6123cb2b05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Aug 2022 16:22:03 GMT CMST=YSPLKmEjyysA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 24 Aug 2021 16:22:03 GMT

Redirect headers

Server
Apache
Content-Length
333
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 23 Aug 2021 16:22:02 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:02 GMT
Connection
keep-alive
Set-Cookie
CMID=YSPLKvk92JEDIiCukCrexwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Aug 2022 16:22:02 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Nov 2021 16:22:02 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DE8B 		624 B
581 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQxbjnARjmscGjATAB&v=APEucNV-Aq-d82poHZe6ndlrOwf4iop8vFYT44HIXhjH4kkm5ITuR37v_j_IBKnX2fk2XEhiNSFrDRt478s1U5TI7wKTCNeUt9CJwM7-COI0GOADrPaWb_pMKKm2OxgP4M3C6wefTcsbsqSqYcFic4LHtejCOB92YQQGer_DmNUK11cWtKqC8AcxpI2KCkMwdF36AlLOPb1T6qCftVtsA-hPLc-T0w7F0A
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNzg5AEQxbjnARjmscGjATAB&v=APEucNV-Aq-d82poHZe6ndlrOwf4iop8vFYT44HIXhjH4kkm5ITuR37v_j_IBKnX2fk2XEhiNSFrDRt478s1U5TI7wKTCNeUt9CJwM7-COI0GOADrPaWb_pMKKm2OxgP4M3C6wefTcsbsqSqYcFic4LHtejCOB92YQQGer_DmNUK11cWtKqC8AcxpI2KCkMwdF36AlLOPb1T6qCftVtsA-hPLc-T0w7F0A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 23 Aug 2021 16:22:02 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkwT-wJPjTMY8-GTM776FkyA_fXr3qLalywsFfcAmNm92OcMCi48DtdACh0; expires=Sat, 17-Sep-2022 16:22:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 16:22:02 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9916 		11 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdsiqDaK_QpmWiCD-MuhWl0QtDf2vanlkWINBFmU8OJruRW4cKfoQmSVoJPipajxdNvwpMdTO6YNstue3A5a-8GksgKeQ0ebS15yHdQCoaY8iEGm9N9I4LhKF4JrR5EoN4JhhvokXZu8usu13Q2OyvLwM1kQ&dbm_d=AKAmf-BybUcmnj72Y9Z4xJ_OUNnjsu9F9-VRBpvmfaPheoGKhIEzOiBrtRi47zNfYkf0Bol8RBEO4Ras-WQVsuEJTxyPehMPC3_A3TM_56Gud4KhlwFokXtKjsnF7NmLsvrGV4zU44qkuvD41YdwfdT5jaoS4OoK6-FLeM-ooSs4h3nE4duF97wH3yqnxT62C5toNRU-QIgVKNPTelEw9HaMkvSjB6taJrQfnKnOxaO1DYHPAT-Y3natyOrW71ECYX6x4weNqWYLXR4wlz9l0CjnbMt-eN70JCEH7XjIhhamOqykwq-6nOekAp7umnmP8F8faojHefOMpZ_AFn-n3WGpfLf0Ko5sRzbrmsuYa3K1s9JWSgwOxDI4n3D3LzlHNbw1dMsUlnmJyrpf0SYOHibUVZseX784j3suuX780VsHjhoioyZL4hH3dBwsVjwygl1nUfPa6A81AxfznMzkYDoHEqr9VC-mte0xP8TO4UEwhnmnLGD7My6EmQj39iGtFrF1V40qKJcmsGNC96IDuAjGq3xCFOjTplcoYq9UULP2oW58X6JOf31OzH_Dyu4fYt_64KCGop5ramz53wIh-7qtC1DDXqVeeQdAu2jHZYzJVPYmbKF1REMaZfQFarKEZMc-tyxI-x0grtX4TyKc2IoUw4bewZ0jhjtQCQQeyIw0rM-vrADBD2gIXtkHfxhTr_1mX252DRPRKEUvGft8zTR5zTxyA0lfyB28w5cSpX2JQhSrRbtslk-qqSwXVE0oTO7qGQMjkH5Uiw9-8h4pCxrHSxoSPwB7nd7vJtqqYBWC62oRxxXkJS5xKcp3efklWSuGpmlSaib1pU79XEAWf5QhYCaKdzTHGIcvdH8sdhGDbLZc5yCvABbGLGAifzqYXMZoQS2BxYu-qWBvjixqcQgK3ddUI4B_DhbCx7dzGrfs9NiDrYHX2u5J1J1AVHDosaVNkRoXIn9TE9u23YsgyOqsCMKbATZCWzS9dkbbzglyaCtoKf6Dezh5m0gxF5Y0j2eUgFWlgyym2fTrktqYtCXkmnnlqorMFKN-9r3j55EZdyNA8C-rtZdgFbZ1IUoV752f4BqeMoCjsINcgHnZrw98xRpuWl5Lvfghi-YpX53uBLAZ8R-7SKpxEUTQvY2byqpOISJIA6p7uf8wtMwvg-gBpprRpvji9FC7PZSLGe_I5XzEg8Yp_kDCDoNCjDlIPj8YPM5CQvd_lvHEB9H5ywaFDG2c92mf7ksPxvfEU_n_lXYo56z9fNc8g5sE_o6GtTZNXLmQOY4YhtlIvA5umK7QaAgVpQx98hokqOmb601AzJIN55ZXxTsXO1WS_4o_AJx2Lg3Y06kkrIegAaBWaxnU8mNlBqjCmhFTcbHNnP4ivyKNwxuVh_5TwH1Vzc-2aEtGZBUp6BQYHZwz1tPSp1g_nvfPDYBoPi6omxfUD2T50M3ksFgDmCNj4JvCmy-YeDX2Rtt9A-ncJsI9DUQqZrCWcV1DzPlK2xeZrbCz1J0hzHVLI8NMpnzO0C2D7ZFX-a4XWMz73Z8k1fJ74V-p7C22SjYan8EHNsYx7xCXbj_sYAi4HkvKFkVY8Tp1fsixKplWhURdXmO9O-TKtsWAwczEQtARl38o3VcC5B5k65NJ2wzwy8YhhON_aFUXyEmJ1Xnh-YwoA5LHP-sU4Fwxy87q0huGWN-KTEdX-RLhMaX-x5K1ak-mHEWYqpSjP1K83hHkzF_FPpv0q8IQwAToJNeJ7WmF3np8zP01im1DyuS2_GPE9PZKbJ1Cg2IpfZgPMfcWbjUtyTA3CjBLYRGaA7IXCGqXmIbg4LqRjiDA16ENjnd2hecwjN7S1SthUN5qTutPNRkqvLVAbCQHndI30W4GASsxGfUTrEneBZSmLoPxSi_K5rCEBpKH5jymdioiQQZSqp7rQU3STuwxjQj2N_t8fd4lVDeWuUSX8jMRgDTaN6XGf8Q3tvOzVkbHEto2VNdQwMcWEhUD7_kX8O3aTu12l8uDCAEMu5Hk2sGjhdPxlPwr9sCgKr3w6o-b1fgxjuVnZJtjxZQhzPTOoMDGJZPVK0Ubgho5MQhjmPwWmHgWlajKJkseL93oliocon-TDX1V9cGiHjqCRQbtGKrj8FCXBEoijxsVKMS3sxLnPe5R0d_KxWJsMOmwQ4z7T5Jjb4tDWBRsUHkc9h6I-ORgNhkqOry4vYSnC0w_bS3gAPHZ5eSvUH_6i-_mGBjsrE4ag9KPPw0At-cgelR6bUtJG0xy_LTQjCm-2ctHrscx2TpOXtZ6UhbyWYRj2WyWXXs3PNNwCO1Q5ZNxBy3SsJVVg3ko6gKi_qE8Lmis1rNufQcn5DWmHDIlzGB7JOvwT66HjmtClgMb7HrYhBntIDrvRHOVkJmgT2qspFyXCdlnHtUlORn6kVnbpenVPLUSCOFAM9sT-6EC33bO2IKLBGwdYIEJqosY2_nCd_U2aGLsaNK2y_Y9r7giUQ18M4xUxNqCyd-GLigo5DLQli3kjbMA1bXz076CgJtZWQe0Y0MtO9LodUQEsPq9SjdFQiQKi7gF1UdmSluL9xfG9izY70D0k7ZtS2tLbq4QN71bMosckFMKUKU52Eg_YBUvOEF2QTL3JsqWdhO7bFIlCU3Bs9F7hk8D5mPMWyFVVodj6owyQlTP-I8rNofg17mdYaQASkZqy3PJHulWoIy7oUcNzBy5GaGoLWZjvxskM3P4aE1SevZ8xpeO1SYY0HI9Xamnel-K2i6V_OElOB2v&cid=CAASFeRorY-KNMlzO14xAl2LB_XlLTSTXg&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cffd6ebd54f05c54184ddeded1add555dfe800378d2fe121ef3f10202bfada60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8639
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9916 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJzMuwyOS4-FPXPgsCewRfr6asuJpsGfN7kzYmNvFI5GppaEgJzsy9cfYv1EQyV0QyTuT6i-NHk95hjsqglUh6EI_z9JouBB8HBREvjZJjtwdwJYg
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/564357/54904813/xbbe/creative/ Frame 9916 		233 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/564357/54904813/xbbe/creative/adj?p=APEucNWCLq93jJridOGtuvINwi1SYqVW5wYW94wMkk13A9Yi9NIpMb0&d=CnkAoCZ_4FTw9hpVrOvuqyEjgAXSlc7Nfe5KCO27Pz53jCQKG62lb5yS80wLB6cogA09Lzdb2mDkOf7uH9lk0vTsII7LKZRGya1QkdLFOg0thbXVUjbxAYHxciEwjgH-IR25KhITiojzsZduHKQGOleIPAQHOkvCgNXNEqkTAKAmf-CsqwUUlTDaEIsZia5_iczUGjUkJiwOQ1_1ipubX_EAlm1Od6MVcFq3RW3z6ke9eNV0Nt3fPoSaiid3ug4X3Rw8QiFNV-linMwnflpoBrWH-Q_nEXp-JoUrjZqiojJT-GoS5GONhFGUhhneBErfzofmc5WJYS4oTEi8Km6Z__j0jCPOgfUq0BeqmufiK3tRrmxZBbEz5ndDexTttZz7R0uHBXeRQaikng46B9yPIZf70EgNe9L4DG4Lnkt8Jm-7FZTjr5R9-FHPYNxx8NxEzGrLkxd8sKDojRXhlhWRItd0PmDjn6YvDTQnlmXsMu-SWDzIJQ_an1t2a_2qqJ0qFvhd_FNK-nrdkuStqkkST2p1QIbzMItSg3dObzyeYVMOdFoDej2iy3Wj8WnxL3yeQGDd1PtoHljatTXklhcrKQty0kaLoBLBHvHH_JnV-2tZj3Kd17bbyPKl-3QfsRi9c7LxBkibri8Pkn3sard_oGhf4hJT5CZSiRSSGZzxbN9yUJbV6XFrJCB45w5goAg52pqMtB3v1vf4tNBOk-KNoPGlXBUgUR2ta4d4zddpi_pzuoNJzMWi5SirW5mMwgrJZOJNKdPxN37rt4Eqm9_DwqIBgA_mVm7aVt0BjSK7ltvDFuaIGYfiF52GoFZCJ9dCClbabmMLzGQGCDpM11dR5YlNsw_hy4iy1K5J8lHzWzO26AwysSh7_OtCuwubnKYCitVwveoze3-ny2g_IBaFja1xK57p4syxuTUlTsWmBlgmtb4of2d1aQeN8XQEBeobDgmSM_v3BbCabTaWgToZFlJHGrC8cr0r7fpEsXwEoA-1gixAExjgphJCNSJiOxhXo5wEqwCa7QhedrrlKGE23lszbiywlnnWDbUur-_aF7wsy12aWGoXnROuGoIzOfArgTSPz8yyhU4JmHHCY0s9pGn5RzkGXT_T6w3r43LkPKYgjmXEZv9hjIZN0mWDsO1nJz-vWvAD5TuvIr9zGOEcdB1XajE7Ks4p7WAMhN9nVc8Nt3LE0TReMzAlKuUZ5ibJc_1f6V_M-Dko5glTgjXnthX5RdTzXQnxn4nEObxYUfTfmlquW2G7fMJJOFWU_soigV1V_Hi8hgp6N6pQvsy_IXvT15nFpN6b_9TdhezekgucFkdT5xGfMIoGgvWrBIaI3Y1yw7vHjUiZNK3PF9zZAkX9-qiCCEO5QinlzSw5xN2g8tuffch7qZ9k6pt7DBYMx1-ltLs-QEU2sjgdMnZM2lveOA_c5134DglegLjA-HlNdfMEnPIYlGoz4Dq3cCEGsRTlIjyICcy6DzZ9vG97LXtcsaJjzSmMp0x0UKsvI7-f5TNx0LtSwre9Virau3gBUeh2lMCjKvdLBl9ekAUEAY1OiD3XlZsMyXRGSQAq_0_ry0-4FCN6hH6i1i-N1NmA3RFIDP0fFEqPJEvpW-tMKTPWEalyBZmMwnPNnWfrLVeyJWZeS0ah5Luof0uis5EEIEAfNvoE3YwLQ2amnkrdcnurRwIyS8j6Pd1N67AnQolFlEJIBd4SjEASuudcC_WRfRdtoJy31MftIzNSvX6mMKhffa0WYAuhzLcJupazFRdK8y_GNnHVc809_M65W6MDlYMqg6RD9JPZM9Zi_gFwd2BAA0vaPoC4ykGqgV-JU6UX-SQjZWxdGJmvOzgodbi0A8PFQjGkIqH3Aoj4NVO4VinmFIMuMszACPRxtnDOPRT_ZFfyjsnyU2ehLx_A-ub_NvAJIyAPSh6BYiI0Q-RCs2FPoK1AdcPQUIMbNCFQ221Cu0t0g1h-M4sM7LLOXrq3msT3kMDoaFuZiDH1H5AO8-1OEa5uT75SAouJo5P8p1WyBrZSzIegTRVBWjw1JY1sxink5zgEvm0TB1iBDU-a6ALLTxUb9vu7bQUW7M3_jiqMzSeW9YTp6oksrPCyPY0AWs3ITS7AmwNHDpVtuQVZiP3u9pZHE3Y_LoYpUnONjWVJiNwuYhJvPzibUil960pN4Ga07Z579chaOEntgvev6gdVqADS9EdqVLk_ZENT8EpfXEam5YfPnmEF7SqhVKXecpLHiXD3-JPKXQMo-DYF598qutj9_urnFQ_nQfK3vHPKYJBxYqaXYpNDh7h9odn63aIrDys8WrYeA99aY4F0ti7GiwCZ5gid_-iJF6Oy9qF7DmdajXJTEPbQWHoMaUg9zQPrQwMd7IxH7ZtDU6mOS4rqyFAuv_0btAK2-ngnTYsWPaaz2JmxOrF1rhTLVJEIn-6tuOFTbApWpe_tQiGgj1YwmBCInKScxCPk2Fc_GZe15EQD_hJxOlmppzOLDyCLzLQOkUn14jwsvEXb6k1eikwH8WN6j8THGBgWsImJ3kn-5WEn8s6g1V4WVv_WoF7_LmCh551kK7D38yQ5zqNoJcV2iqI4mLKtbPYmXNnpB-C46K-rf2j5Gxv0WgzZqvOjKnrAxgNwSFkiIMU6VUUbo9CD9dP4Dc6_BYD4JSwWtmCKNiN9BUeJ6pzEgcGlye7-wduSEw9Re35bQyj1SGGDSf5U4l_AC4qCl634R1OmrzQfHczohdRbpSWKL1yYpsqINZVgfU4NuaJzGi1wtHmY9UntaL9Ahsq2tBh-RRB-lwYtOdp0NI-XTJsKPAljHNb423rFUjOUyTE5l9VumURlfIGxVNXDJ3ybrfnnu4l3v9JGD6j3phP5_ywjcWOr9kxGnLuIkvB0mhOPtVvTL5Puqr4WNO_GN-5Dqi9UBUplu48pmgNFaPBwdLDBeRc1LjCSJBJfrH-VGhLBFcmS63erQrXpyGMr8RbRVVmiBpSA9VaiAS4tczZzpL1L0dW5IWeGP1U1fjMZz8ni1eeG9mRUZrVPmfo7S4xxX2_RNyTGGtt7i6jHuj0sA2Hcc9s8kE7DM0Kcu_zeCtCQfYHA_YGSeGrU40QzIawp1zx1qzY245vzknr0dGRmgzl46YXwsvIVqYchQNb9snv9NjABZOpE_LNZXOByQQrd2CRfmHELK6nDp5V2LPJf4Sx8WYR8RY-1jVDe2FSiqYt27L3utRIwuzqLC4AXlEBNBlHZZSsgds-ExzeioZzb4mglm0SZcHey4sKvXBLWtL-EqUyJ7BrdKKn0Fe1BVDzgZ1i45yRbnS303gsB-5B2Lpp-iVjkNoVWIL8e8AnfUC4cmGav0nWSqAAUotnsDhjUmcZmiBAoO7kKBSLw20MMgo_FXgwj11tPUTEhZQldHjt-RCPqk_2D4H1TOBKyVx_u5HRNFvY5fLvEQbOsLT3rA02pXaZGayYTUJzgR9jvmBoZCAASFeRorY-KNMlzO14xAl2LB_XlLTSTXmAB
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.206.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-206-82.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
45d9c255bfee6158a900a122f900f26781e9775a3410bb05fd15ca5290ac5915

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
content-encoding
gzip
x-server-name
app04.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 9916 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
612
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:11:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9916 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:22:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 9916 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:21:54 GMT
match
c1.adform.net/serving/cookie/ Frame 384F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 23 Aug 2021 16:22:02 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1746367930742412619; expires=Fri, 22 Oct 2021 16:22:02 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 23 Aug 2021 16:22:02 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Thu, 23 Sep 2021 16:22:02 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 20AE
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=70520607689726777
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=70520607689726777
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=70520607689726777
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=B2E15B6A-E272-4B03-93F3-CCF55AD73A61; chkChromeAb67Sec=1; DPSync3=1629763200%3A174%7C1630886400%3A197_219_201; SyncRTB3=1630540800%3A63%7C1632268800%3A203%7C1630886400%3A166_204_176_22_81_99_220_13_230_222_231_71_234_165_21_7_3_8_161_56_54_55_88_189%7C1630281600%3A223_15_2%7C1630972800%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 23 Aug 2021 16:22:02 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-70520607689726777; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 22-Sep-2021 16:22:02 GMT; path=/ PugT=1629735722; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 22-Sep-2021 16:22:02 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 21-Nov-2021 16:22:02 GMT; path=/
x-lat
lhrpug018:0:377
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=70520607689726777
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 8A4C 		43 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Mon, 23 Aug 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1114
date
Mon, 23 Aug 2021 16:22:01 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 1398
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6999661627142699150
42 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6999661627142699150
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6999661627142699150
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=B2E15B6A-E272-4B03-93F3-CCF55AD73A61; chkChromeAb67Sec=1; DPSync3=1629763200%3A174%7C1630886400%3A197_219_201; SyncRTB3=1630540800%3A63%7C1632268800%3A203%7C1630886400%3A166_204_176_22_81_99_220_13_230_222_231_71_234_165_21_7_3_8_161_56_54_55_88_189%7C1630281600%3A223_15_2%7C1630972800%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 23 Aug 2021 16:22:02 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6999661627142699150; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 22-Sep-2021 16:22:02 GMT; path=/ PugT=1629735722; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 22-Sep-2021 16:22:02 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 21-Nov-2021 16:22:02 GMT; path=/
x-lat
lhrpug017:0:469
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 23 Aug 2021 16:22:02 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6999661627142699150; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6999661627142699150
adx
match.prod.bidr.io/cookie-sync/ Frame 3BC2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZXBrN0NSNVlBQUJ3RzJIdnBYdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.92.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-92-119.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Mon, 23 Aug 2021 16:22:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Mon, 23 Aug 2021 16:22:03 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
csync.loopme.me/ Frame 5171 		85 B
152 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.6.212 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.6.55.162.clients.your-server.de
Software
_ /
Resource Hash
e482a48fef03d183029fa2edf995fc8e9ce023f18649fd1d9149958e977068a1

Request headers

:method
GET
:authority
csync.loopme.me
:scheme
https
:path
/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
85
content-type
text/plain
date
Mon, 23 Aug 2021 16:22:06 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 11CA
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2595441748
  • https://sync.1rx.io/usersync/tradedesk/0101956b-f6a7-40ac-bb70-3dcdc9b2d605
  • https://sync.targeting.unrulymedia.com/csync/RX-eca51a94-bb51-45b4-8601-0f89066720b4-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-eca51a94-bb51-45b4-8601-0f89066720b4-003
42 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-eca51a94-bb51-45b4-8601-0f89066720b4-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-eca51a94-bb51-45b4-8601-0f89066720b4-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 23 Aug 2021 16:22:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-eca51a94-bb51-45b4-8601-0f89066720b4-003&KRTB&17107-RX-eca51a94-bb51-45b4-8601-0f89066720b4-003; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 21-Nov-2021 16:22:03 GMT; path=/ PugT=1629735723; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 22-Sep-2021 16:22:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 21-Nov-2021 16:22:03 GMT; path=/
x-lat
lhrpug002:0:426
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Mon, 23 Aug 2021 16:22:03 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-eca51a94-bb51-45b4-8601-0f89066720b4-003%22%7D; path=/; expires=Tue, 23 Aug 2022 16:22:03 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-eca51a94-bb51-45b4-8601-0f89066720b4-003
etag
RXeca51a94bb5145b486010f89066720b4003
Pug
image2.pubmatic.com/AdServer/ Frame 74CE
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=maZd4vDLp0sSIhS0jJpEXXFW
42 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=maZd4vDLp0sSIhS0jJpEXXFW
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=maZd4vDLp0sSIhS0jJpEXXFW
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=B2E15B6A-E272-4B03-93F3-CCF55AD73A61; chkChromeAb67Sec=1; DPSync3=1629763200%3A174%7C1630886400%3A197_219_201; SyncRTB3=1630540800%3A63%7C1632268800%3A203%7C1630886400%3A166_204_176_22_81_99_220_13_230_222_231_71_234_165_21_7_3_8_161_56_54_55_88_189%7C1630281600%3A223_15_2%7C1630972800%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 23 Aug 2021 16:22:02 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-maZd4vDLp0sSIhS0jJpEXXFW; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 22-Sep-2021 16:22:02 GMT; path=/ PugT=1629735722; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 22-Sep-2021 16:22:02 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 21-Nov-2021 16:22:02 GMT; path=/
x-lat
lhrpug019:0:461
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Mon, 23 Aug 2021 16:22:02 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=maZd4vDLp0sSIhS0jJpEXXFW; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=maZd4vDLp0sSIhS0jJpEXXFW
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 5EE4 		42 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7b12
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6835ad6b59b2d6b5-FRA
bridge
cm.adgrx.com/ Frame 7F26 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Mon, 23 Aug 2021 16:22:02 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-5
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame CE47
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=asnoeUxZduBnRApTpqh6XoLiTFcQtP5mafvUfADjH
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a7ns6EwyEojpuMNpbIUyCG9NZbhuoichFREptPcjUCCZcVBCUWbrIS0fskHBjO6Ina3BdS3SJXFvtEQEe2D9B9; path=/; domain=.tribalfusion.com; expires=Sun, 21-Nov-2021 16:21:58 GMT; SameSite=None; Secure; ANON_ID_old=a7ns6EwyEojpuMNpbIUyCG9NZbhuoichFREptPcjUCCZcVBCUWbrIS0fskHBjO6Ina3BdS3SJXFvtEQEe2D9B9; path=/; domain=.tribalfusion.com; expires=Sun, 21-Nov-2021 16:21:58 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6835ad6cddf54eeb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Mon, 23 Aug 2021 16:22:02 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
41
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=asnoeUxZduBnRApTpqh6XoLiTFcQtP5mafvUfADjH; path=/; domain=.tribalfusion.com; expires=Sun, 21-Nov-2021 16:21:58 GMT; SameSite=None; Secure; ANON_ID_old=asnoeUxZduBnRApTpqh6XoLiTFcQtP5mafvUfADjH; path=/; domain=.tribalfusion.com; expires=Sun, 21-Nov-2021 16:21:58 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6835ad6b59a04eeb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 64EA
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a1cf4c46-b564-47b4-a1b6-e19c48538723-tuct81d50aa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a1cf4c46-b564-47b4-a1b6-e19c48538723-tuct81d50aa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a1cf4c46-b564-47b4-a1b6-e19c48538723-tuct81d50aa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=a1cf4c46-b564-47b4-a1b6-e19c48538723-tuct81d50aa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 23 Aug 2021 16:22:02 GMT
via
1.1 varnish
x-served-by
cache-fra19149-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1629735723.923929,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=a1cf4c46-b564-47b4-a1b6-e19c48538723-tuct81d50aa;Version=1;Path=/;Domain=.taboola.com;Expires=Tue, 23-Aug-2022 16:22:02 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a1cf4c46-b564-47b4-a1b6-e19c48538723-tuct81d50aa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Mon, 23 Aug 2021 16:22:02 GMT
via
1.1 varnish
x-served-by
cache-fra19145-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1629735723.778564,VS0,VE9
x-vcl-time-ms
9
content-length
0
141
match.deepintent.com/usersync/ Frame DFCF 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Mon, 23 Aug 2021 16:22:02 GMT
server
b
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 05B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=suFbauJySwOT88z1Wtc6YQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=21229
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Mon, 23 Aug 2021 22:15:51 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6d256123-cb2a-4b00-83c7-b3f406e81358
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6d256123-cb2a-4b00-83c7-b3f406e81358
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 23 Aug 2021 16:22:02 GMT
Server
MT3 3853 9552a83 master zrh-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6d256123-cb2a-4b00-83c7-b3f406e81358
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Aug 2021 16:22:01 GMT
/
pixel.onaudience.com/ Frame 05B2
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B2E15B6A-E272-4B03-93F3-CCF55AD73A61
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=492c03657dcafb1c10556f9d0adc53f5
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=492c03657dcafb1c10556f9d0adc53f5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.222.80.231 , Canada, ASN16276 (OVH, FR),
Reverse DNS
pikafka-4.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Mon, 23 Aug 2021 16:22:03 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=492c03657dcafb1c10556f9d0adc53f5
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjJFMTVCNkEtRTI3Mi00QjAzLTkzRjMtQ0NGNTVBRDczQTYx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:695
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWxnoPC54AitRT1Xe9952E&google_cver=1
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWxnoPC54AitRT1Xe9952E&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:488
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWxnoPC54AitRT1Xe9952E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 05B2 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 22 Aug 2021 16:22:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1746367930742412619
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1746367930742412619
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:345
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1746367930742412619
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:76ea6123-cb2a-4800-a6cf-9334228b653a&gdpr=0&gdpr_consent=
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:76ea6123-cb2a-4800-a6cf-9334228b653a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:414
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 23 Aug 2021 16:22:02 GMT
Server
MT3 3853 9552a83 master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:76ea6123-cb2a-4800-a6cf-9334228b653a&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Aug 2021 16:22:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0101956b-f6a7-40ac-bb70-3dcdc9b2d605
42 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0101956b-f6a7-40ac-bb70-3dcdc9b2d605
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:732
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0101956b-f6a7-40ac-bb70-3dcdc9b2d605
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2999335290144883454&gdpr=0&gdpr_consent=
42 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2999335290144883454&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:412
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:02 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5e348bf8-ff2d-4f59-9f8c-fb3d4e1b55ba
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2999335290144883454&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58292/ Frame 05B2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61&redir=true&gdpr=0&gdpr_consent=&verify=true
0
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61&redir=true&gdpr=0&gdpr_consent=&verify=true
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 16:22:03 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Mon, 23 Aug 2021 16:22:02 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61&redir=true&gdpr=0&gdpr_consent=&verify=true
Connection
keep-alive
Content-Length
0
B2E15B6A-E272-4B03-93F3-CCF55AD73A61
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 05B2 		43 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B2E15B6A-E272-4B03-93F3-CCF55AD73A61?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Xk16ywseeplFGXiZXEVlmw1FKp1FGHnOWB4PJZCc
42 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Xk16ywseeplFGXiZXEVlmw1FKp1FGHnOWB4PJZCc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:02 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:544
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Xk16ywseeplFGXiZXEVlmw1FKp1FGHnOWB4PJZCc
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=673d857a-805c-4f9c-971e-7db56a45334c
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=673d857a-805c-4f9c-971e-7db56a45334c
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a8fe9540-e6c3-4996-a785-5f13baef83bc&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=673d857a-805c-4f9c-971e-7db56a45334c&gdpr=&gdpr_consent=&gdpr_pd=
1 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=673d857a-805c-4f9c-971e-7db56a45334c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:383
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=673d857a-805c-4f9c-971e-7db56a45334c&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YSPLKwAEB7_ViAA4&gdpr=0&gdpr_consent=&_test=YSPLKwAEB7_ViAA4
1 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YSPLKwAEB7_ViAA4&gdpr=0&gdpr_consent=&_test=YSPLKwAEB7_ViAA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:655
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1629735723.283051,VS0,VE0
x-served-by
cache-fra19178-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YSPLKwAEB7_ViAA4&gdpr=0&gdpr_consent=&_test=YSPLKwAEB7_ViAA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4011348884065977945&gdpr=0&gdpr_consent=&us_privacy=
1 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4011348884065977945&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:724
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4011348884065977945&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 05B2 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B2E15B6A-E272-4B03-93F3-CCF55AD73A61&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:132aa32b-b9a4-4dc5-a4c4-7f2d75d92b28&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:132aa32b-b9a4-4dc5-a4c4-7f2d75d92b28&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:383
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:132aa32b-b9a4-4dc5-a4c4-7f2d75d92b28&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 23 Aug 2021 16:22:03 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:553
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1260761893480028416
42 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1260761893480028416
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:547
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:03 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
defa0a79-30ab-4808-8ab1-b5610697eff5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1260761893480028416
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 05B2
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_25ce9fb6-f991-44d4-ab5d-bd7077e00501
42 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_25ce9fb6-f991-44d4-ab5d-bd7077e00501
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:407
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_25ce9fb6-f991-44d4-ab5d-bd7077e00501
date
Mon, 23 Aug 2021 16:22:03 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
rum
dsum-sec.casalemedia.com/ Frame DE8B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBN2k6Nqh34zh6JBdJaz-Us&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBN2k6Nqh34zh6JBdJaz-Us&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQxbjnARjmscGjATAB&v=APEucNV-Aq-d82poHZe6ndlrOwf4iop8vFYT44HIXhjH4kkm5ITuR37v_j_IBKnX2fk2XEhiNSFrDRt478s1U5TI7wKTCNeUt9CJwM7-COI0GOADrPaWb_pMKKm2OxgP4M3C6wefTcsbsqSqYcFic4LHtejCOB92YQQGer_DmNUK11cWtKqC8AcxpI2KCkMwdF36AlLOPb1T6qCftVtsA-hPLc-T0w7F0A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 16:22:02 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBN2k6Nqh34zh6JBdJaz-Us&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DE8B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSPLKsP9bhXaNvrTn0FPQAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBN2k6Nqh34zh6JBdJaz-Us&google_cver=1
43 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBN2k6Nqh34zh6JBdJaz-Us&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQxbjnARjmscGjATAB&v=APEucNV-Aq-d82poHZe6ndlrOwf4iop8vFYT44HIXhjH4kkm5ITuR37v_j_IBKnX2fk2XEhiNSFrDRt478s1U5TI7wKTCNeUt9CJwM7-COI0GOADrPaWb_pMKKm2OxgP4M3C6wefTcsbsqSqYcFic4LHtejCOB92YQQGer_DmNUK11cWtKqC8AcxpI2KCkMwdF36AlLOPb1T6qCftVtsA-hPLc-T0w7F0A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 16:22:03 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBN2k6Nqh34zh6JBdJaz-Us&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DE8B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENd72-0HH9vTB9x_OtaoSGQ&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENd72-0HH9vTB9x_OtaoSGQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQxbjnARjmscGjATAB&v=APEucNV-Aq-d82poHZe6ndlrOwf4iop8vFYT44HIXhjH4kkm5ITuR37v_j_IBKnX2fk2XEhiNSFrDRt478s1U5TI7wKTCNeUt9CJwM7-COI0GOADrPaWb_pMKKm2OxgP4M3C6wefTcsbsqSqYcFic4LHtejCOB92YQQGer_DmNUK11cWtKqC8AcxpI2KCkMwdF36AlLOPb1T6qCftVtsA-hPLc-T0w7F0A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:02 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
79346547-7595-43c8-bcf8-5fc4c17a2d87
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENd72-0HH9vTB9x_OtaoSGQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DE8B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk5OTMzNTI5MDE0NDg4MzQ1NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk5OTMzNTI5MDE0NDg4MzQ1NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQxbjnARjmscGjATAB&v=APEucNV-Aq-d82poHZe6ndlrOwf4iop8vFYT44HIXhjH4kkm5ITuR37v_j_IBKnX2fk2XEhiNSFrDRt478s1U5TI7wKTCNeUt9CJwM7-COI0GOADrPaWb_pMKKm2OxgP4M3C6wefTcsbsqSqYcFic4LHtejCOB92YQQGer_DmNUK11cWtKqC8AcxpI2KCkMwdF36AlLOPb1T6qCftVtsA-hPLc-T0w7F0A
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:02 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
bf5d63f6-de58-48c4-ac36-667daf644bc5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk5OTMzNTI5MDE0NDg4MzQ1NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9916 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdsiqDaK_QpmWiCD-MuhWl0QtDf2vanlkWINBFmU8OJruRW4cKfoQmSVoJPipajxdNvwpMdTO6YNstue3A5a-8GksgKeQ0ebS15yHdQCoaY8iEGm9N9I4LhKF4JrR5EoN4JhhvokXZu8usu13Q2OyvLwM1kQ&dbm_d=AKAmf-BybUcmnj72Y9Z4xJ_OUNnjsu9F9-VRBpvmfaPheoGKhIEzOiBrtRi47zNfYkf0Bol8RBEO4Ras-WQVsuEJTxyPehMPC3_A3TM_56Gud4KhlwFokXtKjsnF7NmLsvrGV4zU44qkuvD41YdwfdT5jaoS4OoK6-FLeM-ooSs4h3nE4duF97wH3yqnxT62C5toNRU-QIgVKNPTelEw9HaMkvSjB6taJrQfnKnOxaO1DYHPAT-Y3natyOrW71ECYX6x4weNqWYLXR4wlz9l0CjnbMt-eN70JCEH7XjIhhamOqykwq-6nOekAp7umnmP8F8faojHefOMpZ_AFn-n3WGpfLf0Ko5sRzbrmsuYa3K1s9JWSgwOxDI4n3D3LzlHNbw1dMsUlnmJyrpf0SYOHibUVZseX784j3suuX780VsHjhoioyZL4hH3dBwsVjwygl1nUfPa6A81AxfznMzkYDoHEqr9VC-mte0xP8TO4UEwhnmnLGD7My6EmQj39iGtFrF1V40qKJcmsGNC96IDuAjGq3xCFOjTplcoYq9UULP2oW58X6JOf31OzH_Dyu4fYt_64KCGop5ramz53wIh-7qtC1DDXqVeeQdAu2jHZYzJVPYmbKF1REMaZfQFarKEZMc-tyxI-x0grtX4TyKc2IoUw4bewZ0jhjtQCQQeyIw0rM-vrADBD2gIXtkHfxhTr_1mX252DRPRKEUvGft8zTR5zTxyA0lfyB28w5cSpX2JQhSrRbtslk-qqSwXVE0oTO7qGQMjkH5Uiw9-8h4pCxrHSxoSPwB7nd7vJtqqYBWC62oRxxXkJS5xKcp3efklWSuGpmlSaib1pU79XEAWf5QhYCaKdzTHGIcvdH8sdhGDbLZc5yCvABbGLGAifzqYXMZoQS2BxYu-qWBvjixqcQgK3ddUI4B_DhbCx7dzGrfs9NiDrYHX2u5J1J1AVHDosaVNkRoXIn9TE9u23YsgyOqsCMKbATZCWzS9dkbbzglyaCtoKf6Dezh5m0gxF5Y0j2eUgFWlgyym2fTrktqYtCXkmnnlqorMFKN-9r3j55EZdyNA8C-rtZdgFbZ1IUoV752f4BqeMoCjsINcgHnZrw98xRpuWl5Lvfghi-YpX53uBLAZ8R-7SKpxEUTQvY2byqpOISJIA6p7uf8wtMwvg-gBpprRpvji9FC7PZSLGe_I5XzEg8Yp_kDCDoNCjDlIPj8YPM5CQvd_lvHEB9H5ywaFDG2c92mf7ksPxvfEU_n_lXYo56z9fNc8g5sE_o6GtTZNXLmQOY4YhtlIvA5umK7QaAgVpQx98hokqOmb601AzJIN55ZXxTsXO1WS_4o_AJx2Lg3Y06kkrIegAaBWaxnU8mNlBqjCmhFTcbHNnP4ivyKNwxuVh_5TwH1Vzc-2aEtGZBUp6BQYHZwz1tPSp1g_nvfPDYBoPi6omxfUD2T50M3ksFgDmCNj4JvCmy-YeDX2Rtt9A-ncJsI9DUQqZrCWcV1DzPlK2xeZrbCz1J0hzHVLI8NMpnzO0C2D7ZFX-a4XWMz73Z8k1fJ74V-p7C22SjYan8EHNsYx7xCXbj_sYAi4HkvKFkVY8Tp1fsixKplWhURdXmO9O-TKtsWAwczEQtARl38o3VcC5B5k65NJ2wzwy8YhhON_aFUXyEmJ1Xnh-YwoA5LHP-sU4Fwxy87q0huGWN-KTEdX-RLhMaX-x5K1ak-mHEWYqpSjP1K83hHkzF_FPpv0q8IQwAToJNeJ7WmF3np8zP01im1DyuS2_GPE9PZKbJ1Cg2IpfZgPMfcWbjUtyTA3CjBLYRGaA7IXCGqXmIbg4LqRjiDA16ENjnd2hecwjN7S1SthUN5qTutPNRkqvLVAbCQHndI30W4GASsxGfUTrEneBZSmLoPxSi_K5rCEBpKH5jymdioiQQZSqp7rQU3STuwxjQj2N_t8fd4lVDeWuUSX8jMRgDTaN6XGf8Q3tvOzVkbHEto2VNdQwMcWEhUD7_kX8O3aTu12l8uDCAEMu5Hk2sGjhdPxlPwr9sCgKr3w6o-b1fgxjuVnZJtjxZQhzPTOoMDGJZPVK0Ubgho5MQhjmPwWmHgWlajKJkseL93oliocon-TDX1V9cGiHjqCRQbtGKrj8FCXBEoijxsVKMS3sxLnPe5R0d_KxWJsMOmwQ4z7T5Jjb4tDWBRsUHkc9h6I-ORgNhkqOry4vYSnC0w_bS3gAPHZ5eSvUH_6i-_mGBjsrE4ag9KPPw0At-cgelR6bUtJG0xy_LTQjCm-2ctHrscx2TpOXtZ6UhbyWYRj2WyWXXs3PNNwCO1Q5ZNxBy3SsJVVg3ko6gKi_qE8Lmis1rNufQcn5DWmHDIlzGB7JOvwT66HjmtClgMb7HrYhBntIDrvRHOVkJmgT2qspFyXCdlnHtUlORn6kVnbpenVPLUSCOFAM9sT-6EC33bO2IKLBGwdYIEJqosY2_nCd_U2aGLsaNK2y_Y9r7giUQ18M4xUxNqCyd-GLigo5DLQli3kjbMA1bXz076CgJtZWQe0Y0MtO9LodUQEsPq9SjdFQiQKi7gF1UdmSluL9xfG9izY70D0k7ZtS2tLbq4QN71bMosckFMKUKU52Eg_YBUvOEF2QTL3JsqWdhO7bFIlCU3Bs9F7hk8D5mPMWyFVVodj6owyQlTP-I8rNofg17mdYaQASkZqy3PJHulWoIy7oUcNzBy5GaGoLWZjvxskM3P4aE1SevZ8xpeO1SYY0HI9Xamnel-K2i6V_OElOB2v&cid=CAASFeRorY-KNMlzO14xAl2LB_XlLTSTXg&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 07:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32422
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Aug 2022 07:21:40 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2EDA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 23 Aug 2021 07:21:40 GMT
expires
Tue, 23 Aug 2022 07:21:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
32422
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 2EDA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 15:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
2544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 15:39:38 GMT
integrator.js
adservice.google.be/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=askleo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=2434866178805926&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=4&prev_scp=a%3D%257C124%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3Dbf9a045b836005b6c23b7b0749249612%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D26%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%2C20%2C17%2C20%2C17%2C19%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D70%26reqt%3D1629735722820&eri=1&cookie=ID%3D46e75b5ba7a874e1-2254f7deacc80088%3AT%3D1629735722%3AS%3DALNI_MYyMfo1xsmdXKYmgaxycfguTw59-g&bc=31&abxe=1&lmt=1629733050&dt=1629735722828&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=320&adys=1549&adks=3023815051&ucis=4&ifi=23&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=13&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e480344cbb81a7947492b631619d33659eef13770b3cded1056254aa5d0421c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8745
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3969800989600765&correlator=1762018406857327&output=ldjh&impl=fifs&eid=31062338%2C21068031%2C31062154%2C20211866%2C31062297%2C31062312&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=1254144%3A1057873%2Caskleo_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=4&prev_scp=a%3D%257C3%257C%26iid1%3D6983282138981408%26eid%3D6983282138981408%26t%3D134%26d%3D173078%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod85%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Daskleo_com-medrectangle-3-6983282138981408%26eb_br%3Dbf9a045b836005b6c23b7b0749249612%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C10063%2C11304%2C11307%26bv%3D16%26bvm%3D0%26bvr%3D6%26shp%3D3%26ftsn%3D3%26br1%3D26%26br2%3D220%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D77%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C783%2C20%2C17%2C20%2C17%2C19%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D70%26reqt%3D1629735722832%26hb_bidder%3Dix%26hb_adid%3D129ec1cdd7863528%26hb_format%3Dbanner%26hb_ssid%3D10082%26hb_opt%3D0.02&eri=1&cookie=ID%3D46e75b5ba7a874e1-2254f7deacc80088%3AT%3D1629735722%3AS%3DALNI_MYyMfo1xsmdXKYmgaxycfguTw59-g&bc=31&abxe=1&lmt=1629733050&dt=1629735722836&dlt=1629735712452&idt=436&frm=20&biw=1600&bih=1200&oid=2&adxs=644&adys=1549&adks=3346484721&ucis=5&ifi=24&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Faskleo.com%2Fwill_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1344918702.1629735713&ga_sid=1629735713&ga_hid=192975842&ga_fc=false&fws=0&ohw=0&btvi=14&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
df5c679dc6733cb9a2c3e545b9426f9b01ef302d6f8d638cf1b975bc295b53ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9242
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://askleo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 9916
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/564357/54904813/xbbe/creative/adj?p=APEucNWCLq93jJridOGtuvINwi1SYqVW5wYW94wMkk13A9Yi9NIpMb0&d=CnkAoCZ_4FTw9hpVrOvuqyEjgAXSlc7Nfe5KCO27Pz53jCQKG62lb5yS80wLB6co...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWCLq93jJridOGtuvINwi1SYqVW5wYW94wMkk13A9Yi9NIpMb0&d=CnkAoCZ_4FTw9hpVrOvuqyEjgAXSlc7Nfe5KCO27Pz53jCQKG62lb5yS80wLB6cogA09Lzdb2mDkOf7uH9lk0vTsI...
56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWCLq93jJridOGtuvINwi1SYqVW5wYW94wMkk13A9Yi9NIpMb0&d=CnkAoCZ_4FTw9hpVrOvuqyEjgAXSlc7Nfe5KCO27Pz53jCQKG62lb5yS80wLB6cogA09Lzdb2mDkOf7uH9lk0vTsII7LKZRGya1QkdLFOg0thbXVUjbxAYHxciEwjgH-IR25KhITiojzsZduHKQGOleIPAQHOkvCgNXNEqkTAKAmf-CsqwUUlTDaEIsZia5_iczUGjUkJiwOQ1_1ipubX_EAlm1Od6MVcFq3RW3z6ke9eNV0Nt3fPoSaiid3ug4X3Rw8QiFNV-linMwnflpoBrWH-Q_nEXp-JoUrjZqiojJT-GoS5GONhFGUhhneBErfzofmc5WJYS4oTEi8Km6Z__j0jCPOgfUq0BeqmufiK3tRrmxZBbEz5ndDexTttZz7R0uHBXeRQaikng46B9yPIZf70EgNe9L4DG4Lnkt8Jm-7FZTjr5R9-FHPYNxx8NxEzGrLkxd8sKDojRXhlhWRItd0PmDjn6YvDTQnlmXsMu-SWDzIJQ_an1t2a_2qqJ0qFvhd_FNK-nrdkuStqkkST2p1QIbzMItSg3dObzyeYVMOdFoDej2iy3Wj8WnxL3yeQGDd1PtoHljatTXklhcrKQty0kaLoBLBHvHH_JnV-2tZj3Kd17bbyPKl-3QfsRi9c7LxBkibri8Pkn3sard_oGhf4hJT5CZSiRSSGZzxbN9yUJbV6XFrJCB45w5goAg52pqMtB3v1vf4tNBOk-KNoPGlXBUgUR2ta4d4zddpi_pzuoNJzMWi5SirW5mMwgrJZOJNKdPxN37rt4Eqm9_DwqIBgA_mVm7aVt0BjSK7ltvDFuaIGYfiF52GoFZCJ9dCClbabmMLzGQGCDpM11dR5YlNsw_hy4iy1K5J8lHzWzO26AwysSh7_OtCuwubnKYCitVwveoze3-ny2g_IBaFja1xK57p4syxuTUlTsWmBlgmtb4of2d1aQeN8XQEBeobDgmSM_v3BbCabTaWgToZFlJHGrC8cr0r7fpEsXwEoA-1gixAExjgphJCNSJiOxhXo5wEqwCa7QhedrrlKGE23lszbiywlnnWDbUur-_aF7wsy12aWGoXnROuGoIzOfArgTSPz8yyhU4JmHHCY0s9pGn5RzkGXT_T6w3r43LkPKYgjmXEZv9hjIZN0mWDsO1nJz-vWvAD5TuvIr9zGOEcdB1XajE7Ks4p7WAMhN9nVc8Nt3LE0TReMzAlKuUZ5ibJc_1f6V_M-Dko5glTgjXnthX5RdTzXQnxn4nEObxYUfTfmlquW2G7fMJJOFWU_soigV1V_Hi8hgp6N6pQvsy_IXvT15nFpN6b_9TdhezekgucFkdT5xGfMIoGgvWrBIaI3Y1yw7vHjUiZNK3PF9zZAkX9-qiCCEO5QinlzSw5xN2g8tuffch7qZ9k6pt7DBYMx1-ltLs-QEU2sjgdMnZM2lveOA_c5134DglegLjA-HlNdfMEnPIYlGoz4Dq3cCEGsRTlIjyICcy6DzZ9vG97LXtcsaJjzSmMp0x0UKsvI7-f5TNx0LtSwre9Virau3gBUeh2lMCjKvdLBl9ekAUEAY1OiD3XlZsMyXRGSQAq_0_ry0-4FCN6hH6i1i-N1NmA3RFIDP0fFEqPJEvpW-tMKTPWEalyBZmMwnPNnWfrLVeyJWZeS0ah5Luof0uis5EEIEAfNvoE3YwLQ2amnkrdcnurRwIyS8j6Pd1N67AnQolFlEJIBd4SjEASuudcC_WRfRdtoJy31MftIzNSvX6mMKhffa0WYAuhzLcJupazFRdK8y_GNnHVc809_M65W6MDlYMqg6RD9JPZM9Zi_gFwd2BAA0vaPoC4ykGqgV-JU6UX-SQjZWxdGJmvOzgodbi0A8PFQjGkIqH3Aoj4NVO4VinmFIMuMszACPRxtnDOPRT_ZFfyjsnyU2ehLx_A-ub_NvAJIyAPSh6BYiI0Q-RCs2FPoK1AdcPQUIMbNCFQ221Cu0t0g1h-M4sM7LLOXrq3msT3kMDoaFuZiDH1H5AO8-1OEa5uT75SAouJo5P8p1WyBrZSzIegTRVBWjw1JY1sxink5zgEvm0TB1iBDU-a6ALLTxUb9vu7bQUW7M3_jiqMzSeW9YTp6oksrPCyPY0AWs3ITS7AmwNHDpVtuQVZiP3u9pZHE3Y_LoYpUnONjWVJiNwuYhJvPzibUil960pN4Ga07Z579chaOEntgvev6gdVqADS9EdqVLk_ZENT8EpfXEam5YfPnmEF7SqhVKXecpLHiXD3-JPKXQMo-DYF598qutj9_urnFQ_nQfK3vHPKYJBxYqaXYpNDh7h9odn63aIrDys8WrYeA99aY4F0ti7GiwCZ5gid_-iJF6Oy9qF7DmdajXJTEPbQWHoMaUg9zQPrQwMd7IxH7ZtDU6mOS4rqyFAuv_0btAK2-ngnTYsWPaaz2JmxOrF1rhTLVJEIn-6tuOFTbApWpe_tQiGgj1YwmBCInKScxCPk2Fc_GZe15EQD_hJxOlmppzOLDyCLzLQOkUn14jwsvEXb6k1eikwH8WN6j8THGBgWsImJ3kn-5WEn8s6g1V4WVv_WoF7_LmCh551kK7D38yQ5zqNoJcV2iqI4mLKtbPYmXNnpB-C46K-rf2j5Gxv0WgzZqvOjKnrAxgNwSFkiIMU6VUUbo9CD9dP4Dc6_BYD4JSwWtmCKNiN9BUeJ6pzEgcGlye7-wduSEw9Re35bQyj1SGGDSf5U4l_AC4qCl634R1OmrzQfHczohdRbpSWKL1yYpsqINZVgfU4NuaJzGi1wtHmY9UntaL9Ahsq2tBh-RRB-lwYtOdp0NI-XTJsKPAljHNb423rFUjOUyTE5l9VumURlfIGxVNXDJ3ybrfnnu4l3v9JGD6j3phP5_ywjcWOr9kxGnLuIkvB0mhOPtVvTL5Puqr4WNO_GN-5Dqi9UBUplu48pmgNFaPBwdLDBeRc1LjCSJBJfrH-VGhLBFcmS63erQrXpyGMr8RbRVVmiBpSA9VaiAS4tczZzpL1L0dW5IWeGP1U1fjMZz8ni1eeG9mRUZrVPmfo7S4xxX2_RNyTGGtt7i6jHuj0sA2Hcc9s8kE7DM0Kcu_zeCtCQfYHA_YGSeGrU40QzIawp1zx1qzY245vzknr0dGRmgzl46YXwsvIVqYchQNb9snv9NjABZOpE_LNZXOByQQrd2CRfmHELK6nDp5V2LPJf4Sx8WYR8RY-1jVDe2FSiqYt27L3utRIwuzqLC4AXlEBNBlHZZSsgds-ExzeioZzb4mglm0SZcHey4sKvXBLWtL-EqUyJ7BrdKKn0Fe1BVDzgZ1i45yRbnS303gsB-5B2Lpp-iVjkNoVWIL8e8AnfUC4cmGav0nWSqAAUotnsDhjUmcZmiBAoO7kKBSLw20MMgo_FXgwj11tPUTEhZQldHjt-RCPqk_2D4H1TOBKyVx_u5HRNFvY5fLvEQbOsLT3rA02pXaZGayYTUJzgR9jvmBoZCAASFeRorY-KNMlzO14xAl2LB_XlLTSTXmAB
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
cafe /
Resource Hash
e0b1384ca6c3c1df835b8ae6710ebb72bd98ea1876336576cc24ae4a2dc1c0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18912
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
x-server-name
app22.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWCLq93jJridOGtuvINwi1SYqVW5wYW94wMkk13A9Yi9NIpMb0&d=CnkAoCZ_4FTw9hpVrOvuqyEjgAXSlc7Nfe5KCO27Pz53jCQKG62lb5yS80wLB6cogA09Lzdb2mDkOf7uH9lk0vTsII7LKZRGya1QkdLFOg0thbXVUjbxAYHxciEwjgH-IR25KhITiojzsZduHKQGOleIPAQHOkvCgNXNEqkTAKAmf-CsqwUUlTDaEIsZia5_iczUGjUkJiwOQ1_1ipubX_EAlm1Od6MVcFq3RW3z6ke9eNV0Nt3fPoSaiid3ug4X3Rw8QiFNV-linMwnflpoBrWH-Q_nEXp-JoUrjZqiojJT-GoS5GONhFGUhhneBErfzofmc5WJYS4oTEi8Km6Z__j0jCPOgfUq0BeqmufiK3tRrmxZBbEz5ndDexTttZz7R0uHBXeRQaikng46B9yPIZf70EgNe9L4DG4Lnkt8Jm-7FZTjr5R9-FHPYNxx8NxEzGrLkxd8sKDojRXhlhWRItd0PmDjn6YvDTQnlmXsMu-SWDzIJQ_an1t2a_2qqJ0qFvhd_FNK-nrdkuStqkkST2p1QIbzMItSg3dObzyeYVMOdFoDej2iy3Wj8WnxL3yeQGDd1PtoHljatTXklhcrKQty0kaLoBLBHvHH_JnV-2tZj3Kd17bbyPKl-3QfsRi9c7LxBkibri8Pkn3sard_oGhf4hJT5CZSiRSSGZzxbN9yUJbV6XFrJCB45w5goAg52pqMtB3v1vf4tNBOk-KNoPGlXBUgUR2ta4d4zddpi_pzuoNJzMWi5SirW5mMwgrJZOJNKdPxN37rt4Eqm9_DwqIBgA_mVm7aVt0BjSK7ltvDFuaIGYfiF52GoFZCJ9dCClbabmMLzGQGCDpM11dR5YlNsw_hy4iy1K5J8lHzWzO26AwysSh7_OtCuwubnKYCitVwveoze3-ny2g_IBaFja1xK57p4syxuTUlTsWmBlgmtb4of2d1aQeN8XQEBeobDgmSM_v3BbCabTaWgToZFlJHGrC8cr0r7fpEsXwEoA-1gixAExjgphJCNSJiOxhXo5wEqwCa7QhedrrlKGE23lszbiywlnnWDbUur-_aF7wsy12aWGoXnROuGoIzOfArgTSPz8yyhU4JmHHCY0s9pGn5RzkGXT_T6w3r43LkPKYgjmXEZv9hjIZN0mWDsO1nJz-vWvAD5TuvIr9zGOEcdB1XajE7Ks4p7WAMhN9nVc8Nt3LE0TReMzAlKuUZ5ibJc_1f6V_M-Dko5glTgjXnthX5RdTzXQnxn4nEObxYUfTfmlquW2G7fMJJOFWU_soigV1V_Hi8hgp6N6pQvsy_IXvT15nFpN6b_9TdhezekgucFkdT5xGfMIoGgvWrBIaI3Y1yw7vHjUiZNK3PF9zZAkX9-qiCCEO5QinlzSw5xN2g8tuffch7qZ9k6pt7DBYMx1-ltLs-QEU2sjgdMnZM2lveOA_c5134DglegLjA-HlNdfMEnPIYlGoz4Dq3cCEGsRTlIjyICcy6DzZ9vG97LXtcsaJjzSmMp0x0UKsvI7-f5TNx0LtSwre9Virau3gBUeh2lMCjKvdLBl9ekAUEAY1OiD3XlZsMyXRGSQAq_0_ry0-4FCN6hH6i1i-N1NmA3RFIDP0fFEqPJEvpW-tMKTPWEalyBZmMwnPNnWfrLVeyJWZeS0ah5Luof0uis5EEIEAfNvoE3YwLQ2amnkrdcnurRwIyS8j6Pd1N67AnQolFlEJIBd4SjEASuudcC_WRfRdtoJy31MftIzNSvX6mMKhffa0WYAuhzLcJupazFRdK8y_GNnHVc809_M65W6MDlYMqg6RD9JPZM9Zi_gFwd2BAA0vaPoC4ykGqgV-JU6UX-SQjZWxdGJmvOzgodbi0A8PFQjGkIqH3Aoj4NVO4VinmFIMuMszACPRxtnDOPRT_ZFfyjsnyU2ehLx_A-ub_NvAJIyAPSh6BYiI0Q-RCs2FPoK1AdcPQUIMbNCFQ221Cu0t0g1h-M4sM7LLOXrq3msT3kMDoaFuZiDH1H5AO8-1OEa5uT75SAouJo5P8p1WyBrZSzIegTRVBWjw1JY1sxink5zgEvm0TB1iBDU-a6ALLTxUb9vu7bQUW7M3_jiqMzSeW9YTp6oksrPCyPY0AWs3ITS7AmwNHDpVtuQVZiP3u9pZHE3Y_LoYpUnONjWVJiNwuYhJvPzibUil960pN4Ga07Z579chaOEntgvev6gdVqADS9EdqVLk_ZENT8EpfXEam5YfPnmEF7SqhVKXecpLHiXD3-JPKXQMo-DYF598qutj9_urnFQ_nQfK3vHPKYJBxYqaXYpNDh7h9odn63aIrDys8WrYeA99aY4F0ti7GiwCZ5gid_-iJF6Oy9qF7DmdajXJTEPbQWHoMaUg9zQPrQwMd7IxH7ZtDU6mOS4rqyFAuv_0btAK2-ngnTYsWPaaz2JmxOrF1rhTLVJEIn-6tuOFTbApWpe_tQiGgj1YwmBCInKScxCPk2Fc_GZe15EQD_hJxOlmppzOLDyCLzLQOkUn14jwsvEXb6k1eikwH8WN6j8THGBgWsImJ3kn-5WEn8s6g1V4WVv_WoF7_LmCh551kK7D38yQ5zqNoJcV2iqI4mLKtbPYmXNnpB-C46K-rf2j5Gxv0WgzZqvOjKnrAxgNwSFkiIMU6VUUbo9CD9dP4Dc6_BYD4JSwWtmCKNiN9BUeJ6pzEgcGlye7-wduSEw9Re35bQyj1SGGDSf5U4l_AC4qCl634R1OmrzQfHczohdRbpSWKL1yYpsqINZVgfU4NuaJzGi1wtHmY9UntaL9Ahsq2tBh-RRB-lwYtOdp0NI-XTJsKPAljHNb423rFUjOUyTE5l9VumURlfIGxVNXDJ3ybrfnnu4l3v9JGD6j3phP5_ywjcWOr9kxGnLuIkvB0mhOPtVvTL5Puqr4WNO_GN-5Dqi9UBUplu48pmgNFaPBwdLDBeRc1LjCSJBJfrH-VGhLBFcmS63erQrXpyGMr8RbRVVmiBpSA9VaiAS4tczZzpL1L0dW5IWeGP1U1fjMZz8ni1eeG9mRUZrVPmfo7S4xxX2_RNyTGGtt7i6jHuj0sA2Hcc9s8kE7DM0Kcu_zeCtCQfYHA_YGSeGrU40QzIawp1zx1qzY245vzknr0dGRmgzl46YXwsvIVqYchQNb9snv9NjABZOpE_LNZXOByQQrd2CRfmHELK6nDp5V2LPJf4Sx8WYR8RY-1jVDe2FSiqYt27L3utRIwuzqLC4AXlEBNBlHZZSsgds-ExzeioZzb4mglm0SZcHey4sKvXBLWtL-EqUyJ7BrdKKn0Fe1BVDzgZ1i45yRbnS303gsB-5B2Lpp-iVjkNoVWIL8e8AnfUC4cmGav0nWSqAAUotnsDhjUmcZmiBAoO7kKBSLw20MMgo_FXgwj11tPUTEhZQldHjt-RCPqk_2D4H1TOBKyVx_u5HRNFvY5fLvEQbOsLT3rA02pXaZGayYTUJzgR9jvmBoZCAASFeRorY-KNMlzO14xAl2LB_XlLTSTXmAB
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 5395 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
nginx/1.16.1
etag
W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
container.html
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 66B0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://askleo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 23 Aug 2021 16:21:52 GMT
expires
Tue, 23 Aug 2022 16:21:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 20BB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://askleo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://askleo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 23 Aug 2021 16:21:52 GMT
expires
Tue, 23 Aug 2022 16:21:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dt
dt.adsafeprotected.com/ Frame 9916 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=564357&asId=bd1176b3-2550-3690-9cf4-7babc2d4115f&tv=%7Bc:m8tkvm,pingTime:-2,time:380,type:a,im:%7BpBlk:127,sf:0,pom:1,prf:%7BbeA:269,beZ:271,mfA:273,cmA:330,inA:331,inZ:336,prA:336,prZ:369,si:376,poA:378,bl:396,poZ:396,cmZ:396,mfZ:396,loA:569,loZ:571,ltA:649,ltZ:649%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:300,h:250,t:105%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:380,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:105,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B316~1%5D,as:%5B316~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sGVD0ry+11%7C12%7C131%7C132%7C133%7C14%7C15%7C161%7C162%7C163%7C164%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1a6%7C1a7%7C1a8%7C1a9%7C1aa%7C1ab%7C1ac%7C1ad%7C1b1%7C1c*.564357-54904813%7C1c1%7C1c21,idMap:1c*,rmeas:1,rend:0,renddet:IMG.us,sinceFw:270,readyFired:false%7D&br=u
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.49.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-49-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:04 GMT
x-server-name
dt37.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJiZjlhMDQ1YjgzNjAwNWI2YzIzYjdiMDc0OTI0OTYxMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDI2LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMjYsImJpZF9mbG9vcl9wcmV2IjowLjAwMDcsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0NTg4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJiZjlhMDQ1YjgzNjAwNWI2YzIzYjdiMDc0OTI0OTYxMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDI2LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMjYsImJpZF9mbG9vcl9wcmV2IjowLjAwMDcsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0NTg4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
pragma
no-cache
cookie
__gads=ID=46e75b5ba7a874e1:T=1629735722:S=ALNI_Mb7I1GsHqct32winK6fFLA6bvJa7g; ezouspvv=26; ezouspva=1; ezouspvh=26
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:22:02 UTC
28687274
g.ezoic.net/dac/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/dac/28687274
Requested by
Host: askleo.com
URL: https://askleo.com/porpoiseant/banger.js?cb=195-2&bv=60&v=51&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
max-age=3600, public
server
nginx
content-length
0
vary
Accept-Encoding
content-type
text/plain
army.gif
askleo.com/porpoiseant/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA4LTIzIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTgifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA4LTIzIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTgifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma
no-cache
cookie
__gads=ID=46e75b5ba7a874e1:T=1629735722:S=ALNI_Mb7I1GsHqct32winK6fFLA6bvJa7g; ezouspvv=26; ezouspva=1; ezouspvh=26
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:22:03 UTC
army.gif
askleo.com/porpoiseant/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImF1Y3Rpb25fZXBvY2giOjE2Mjk3MzU3MjMsImFkX3Bvc2l0aW9uIjoxMTAxLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiYmlkX2Zsb29yX2luaXRpYWwiOjQ1MCwiYmlkX2Zsb29yX3ByZXYiOjcwLCJiaWRfZmxvb3JfZmlsbGVkIjoyNiwiYXVjdGlvbl9jb3VudCI6NSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDQwLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImF1Y3Rpb25fZXBvY2giOjE2Mjk3MzU3MjMsImFkX3Bvc2l0aW9uIjoxMTAxLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiYmlkX2Zsb29yX2luaXRpYWwiOjQ1MCwiYmlkX2Zsb29yX3ByZXYiOjcwLCJiaWRfZmxvb3JfZmlsbGVkIjoyNiwiYXVjdGlvbl9jb3VudCI6NSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDQwLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
pragma
no-cache
cookie
__gads=ID=46e75b5ba7a874e1:T=1629735722:S=ALNI_Mb7I1GsHqct32winK6fFLA6bvJa7g; ezouspvv=26; ezouspva=1; ezouspvh=26
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:22:12 UTC
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8xIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI1In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzEiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiYmY5YTA0NWI4MzYwMDViNmMyM2I3YjA3NDkyNDk2MTIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTBfMSIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDI2LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMjYsImJpZF9mbG9vcl9wcmV2IjowLjAwMDcsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzEiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM1NDcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTBfMSIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8xIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI1In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzEiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiYmY5YTA0NWI4MzYwMDViNmMyM2I3YjA3NDkyNDk2MTIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTBfMSIsInRfZXBvY2giOjE2Mjk3MzU3MTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDI2LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMjYsImJpZF9mbG9vcl9wcmV2IjowLjAwMDcsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzEiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM1NDcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTBfMSIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
pragma
no-cache
cookie
__gads=ID=46e75b5ba7a874e1:T=1629735722:S=ALNI_Mb7I1GsHqct32winK6fFLA6bvJa7g; ezouspvh=26; ezouspvv=52; ezouspva=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:22:01 UTC
28687274
g.ezoic.net/dac/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/dac/28687274
Requested by
Host: askleo.com
URL: https://askleo.com/porpoiseant/banger.js?cb=195-2&bv=60&v=51&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://askleo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
max-age=3600, public
server
nginx
content-length
0
vary
Accept-Encoding
content-type
text/plain
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8xIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDgtMjMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8xIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDgtMjMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
pragma
no-cache
cookie
__gads=ID=46e75b5ba7a874e1:T=1629735722:S=ALNI_Mb7I1GsHqct32winK6fFLA6bvJa7g; ezouspvh=26; ezouspvv=52; ezouspva=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:22:03 UTC
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8xIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYXVjdGlvbl9lcG9jaCI6MTYyOTczNTcyMywiYWRfcG9zaXRpb24iOjExMDEsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NDUwLCJiaWRfZmxvb3JfcHJldiI6NzAsImJpZF9mbG9vcl9maWxsZWQiOjI2LCJhdWN0aW9uX2NvdW50Ijo1LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo0NzgsIm11bHRpX2FkX3VuaXQiOjEsIm11bHRpX2FkX2NvdW50IjozLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8xIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYXVjdGlvbl9lcG9jaCI6MTYyOTczNTcyMywiYWRfcG9zaXRpb24iOjExMDEsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NDUwLCJiaWRfZmxvb3JfcHJldiI6NzAsImJpZF9mbG9vcl9maWxsZWQiOjI2LCJhdWN0aW9uX2NvdW50Ijo1LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo0NzgsIm11bHRpX2FkX3VuaXQiOjEsIm11bHRpX2FkX2NvdW50IjozLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
pragma
no-cache
cookie
__gads=ID=46e75b5ba7a874e1:T=1629735722:S=ALNI_Mb7I1GsHqct32winK6fFLA6bvJa7g; ezouspvh=26; ezouspvv=52; ezouspva=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:22:12 UTC
dcm
s.amazon-adsystem.com/ Frame 26EB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPLKvk92JEDIiCukCrexwAABFMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPLKvk92JEDIiCukCrexwAABFMAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPLKvk92JEDIiCukCrexwAABFMAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2ZQ2K8RV74BGAS6SHDQ0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9AWDX7B6BCPTF66YQQ82
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPLKvk92JEDIiCukCrexwAABFMAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 26EB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSPLKvk92JEDIiCukCrexwAABFMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMHy7mGc9GX8GMM6FR2eHjs&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMHy7mGc9GX8GMM6FR2eHjs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 23 Aug 2021 16:22:03 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMHy7mGc9GX8GMM6FR2eHjs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 26EB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YSPLKvk92JEDIiCukCrexwAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
secure.adnxs.com/ Frame 26EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 26EB 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1629735723.428878,VS0,VE88
x-served-by
cache-fra19178-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 26EB
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4d657920-e713-416c-8be5-8b2bb45081ac
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4d657920-e713-416c-8be5-8b2bb45081ac&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4d657920-e713-416c-8be5-8b2bb45081ac&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 16:22:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4d657920-e713-416c-8be5-8b2bb45081ac&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
304
Expires
Mon, 23 Aug 2021 16:22:04 GMT
no_match_opted_out
um.simpli.fi/ Frame 26EB
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 23 Aug 2021 16:22:03 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Mon, 23 Aug 2021 16:22:03 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 22 Aug 2021 16:22:03 GMT
crum
dsum-sec.casalemedia.com/ Frame 26EB
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 16:22:03 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 23 Aug 2021 16:22:03 GMT
server
nginx/1.20.0
content-length
76
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 26EB 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YSPLKvk92JEDIiCukCrexwAA%261107
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://askleo.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 16:22:03 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1325
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 16:44:08 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5743 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoYl4O8sQEwAQ&v=APEucNXGGUk_777IztCfaJ3hdjVDVValmoBbt4Uk8iyfHcKJ0JWRmex-MOsyNROJHQjMWji9eoDMcCfnnDpH_jUSZ6hzEJpfSwytTxMO_E7KSoYSUfG34Ics5iKJJRWYvEqMv46yv4kd05YwMtjQx5LEH5v-_3NYPcv8SGrhOc-ckC0r2lVVxYEgyMTU7mBowYZ0iKbmOlyUn15B51xreJXoncfnJUapRA
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNDdGRDcgxoYl4O8sQEwAQ&v=APEucNXGGUk_777IztCfaJ3hdjVDVValmoBbt4Uk8iyfHcKJ0JWRmex-MOsyNROJHQjMWji9eoDMcCfnnDpH_jUSZ6hzEJpfSwytTxMO_E7KSoYSUfG34Ics5iKJJRWYvEqMv46yv4kd05YwMtjQx5LEH5v-_3NYPcv8SGrhOc-ckC0r2lVVxYEgyMTU7mBowYZ0iKbmOlyUn15B51xreJXoncfnJUapRA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnmg8lCP22jgybhCo7vWy47c-JP_xYnNX-UwlR6III9n3oLEfrXkhHPy3rt; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 23 Aug 2021 16:22:03 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 16:22:03 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 66B0 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQ3k9UmrBGvogx4TllvsiQXE-j0PYOz5wrTB1mnVUfG6ye6owCbA3cSGtRH2qmNSBmBcUhSmHOFs7zBb9FJjwc-lu6Ngz-Zn4gTT0NonqFXfB_1Wn_-FddvvvvbDTQfteJGyBbG9eoP6KhxO7hnOZypooMcQ&dbm_d=AKAmf-BE4V4t1JgNmhZeG8YVnLP8zTbKN8ehgo7O3BTFeXYbXuyviLe3Ji72uUCnwf0REKGPPL0505CYsJZJZ6IkkfQCi43zVDhkm3WKfVd0KOH-5CXPtPSn1Lz_S1-abWcr2vdOMjRrceE80o-0vkCDozOq6og2vUNk-W-PPI7ayBug9IMmFH4_1oaBJyTc_0y98li_ugXQUmO2stRK9yKahpDq0_6cKNNQz6Azi7ib-RWde37t89MXTc9P2JP2mgKYXM0KK_7TkDtmEQ_V-mtUF1lLcmgtO859RpGANng8R4S3fBH4AEX98E6SppBNNKf0Kymzg1ppzXJK8nsFDf5hPX9WSYAGXMS5_AvRItVwaJzOTkyCaTwaHvobStRtRmdFh4HeL2v_8_HSh1d7AC-cMu23Wyo6RddcUM72B4DTQvkln-ehBhKV89uNqGjm89ITSuOp8vXoCAZ4TYX4QHAR52LuHORV8nQAmYwCgeXuoW4R_ry37yArD4teDtzgrgkmeGDphf4kv-gsnxIG5CyzsaxROrDepJSIuUa_8Oit5Ihs7oJ54QemPDEtdILUhZ9n18XGTp1EBEf0pSwKNkD44kFEFQJn4eJc92IYCGONLxbGc5pgF5a3-v_wDGis7yBZUkh_gpEa7qEVpJ-Yay3wE8PrVpjaVI6AC3PPCGHUSWHZC3SCuY6WYnw39fb8vMluWmGhIE8wAzXroN6IVXVlgpEfK6vNc_YqvgmdJaw-eQsz-MsYH3fo06XoauR9T2yWk7fM6fsxwHO_Mrtcrd1keOIM3cxDmEAwFVxmZxj65E6G0UFWlN45cVgt33fk6rUr7cTZFlRDtOAtUNFgUYEgik-BxJ_fIP4g7Fmqc6ATO3mYiPYdjSoqz6WU0zJIR3PnZZhPQiEUfyMMLONAze2lmnGZOwc9jwnZlrA9cGXkTtEofFpq8u9aBVIMCiiKSDgm3tnMi1ZFHQUkhzXbeJVTZCUvdYwKopqnzlBO1R7El9OBDjfJlRwXnw-AvHyWNM2Ba77X8PD1hYOQj3vq6kqe_ueHK0jRPdY_dtIlpCuMGUWJryfsErLT4tic_qJKqfpKUuhl9iGdNS_9ohUaYAeuaILzGQC5gnsRolCZnBdjINz-7u81rGdVIShlXJ9yO6NTCf5vKJ_5eapXr-buA8XeROawLQJBSbYmRISO_5kkxv62fwrJaP0r5ndDlEUliePlYlluYFfeqIHuF1AnVauEJrS2WeP0pC8qr9Pk8IJcC0HwIMocwwAHHPmDMGcN9y6FGpcZyQs4MjgoX8RYJK6T69ATCl_I2VGNtcZx5qVUsA8wkEaco73u78j-4alFNaluOFlToh1cVtGZJkztNPzdCdSkhI-4F1JMaV8NlN5ZMDIzXd2zeZABNsY1JZW5VVYU_xiHLPidTvp6HKNkgV5ic11Ez-tMF5tcp0Hoo5H3y-g8I-6i9dAT3EPuEuCBFGSBd9d7svjqvHAUHXpp-CMalPoBD1GnLSm1Rc14hd9yforUnY6a3XCKw5I0zMlRx2FvkShrbX_yO1Gs0Qzt552CWk76RoJQF16xgCW82Qf9mEeBRjvReJGb52ScWAXZU2_9vGWzTEq3ycNWwc87HwxlIlPaN2BHiYWg6u7YMoTrqi-_OuGGnO-Z6Vei_sJt_ABz7i27EPiTXfr9zDhGk4r6kb1S480QJhjcm7y8BqfPCei8CgcV4ByHIQNERAHFyZGr4SffMGjQSCi2JB74P4nQIc2bAMcAHdcyx4GW7oa9e_-OwIDKIlxMWVj-_jlu3nYn08oPKnBQ3FVHEfhHogfhJigM_FlXaXgtIaMoCm2iSQyqW5gtIvqYXB2pxJNjjNadF26ZfQIAHYiVbf9hiwa-xOdS_hvK5OuzyVG3deG5hVC5woNijTFaX4TYzv5V6JbiRauFh3xHFDda6vTm-sJTnIaj6KiwhJLQIYBhjGU4JGuSMDVeAb7IjCnwoRJxqpfxPZOOJFplYMUM3fVNAsoHPTmdQYNAbgUzLgNPEJOQd6EdlyhAMK7LvWBfFPm1eJHm_xQGhDF3I9r6XYaSc-4-hqKq8eOE7h74PYko_MwNgthBFqKdNn-sOpWDDQ8Vuub_YQIgd7_7iJBTfvgyTTKKE8VId8H07FK-GhA5fxieNIxll7q4qc0I9wgEh6nyIPi3j8XNGFynuA_k4VA6J11BLgmXBawZpgbI6F6QomWeAMyUHspDLFwL6hbknNboyyyt9aPeIj54bL6hj5t1dWiT16weD9YVAZTVuNtUIuSZT6o77Zu6FFoJmDOyD5r7jHlS5l9lEfx58UBr1ayjUU2MnCic6KpF159_Ps4uhND12uPfm7TivH2vU_p62wP3qDP3rippnbSojO6Ve_sRMdvhxiW-KrKT8EZM2taB5bRYHn_3XYXRgtfKjgJgFDJqIKOsyuS8cN0YfBXI6miJ2kBkaikRjsilRvv3nHrPu2ZeApZeo6xfIu2V2n5KbksSBitrIC4ObQkz5vkY4Tw8oQ1pOvD05FKEqxyuTmguRkx-C-0HDQnRHzk0RzMpIwV-Zdt8T8m6eBMD3eLvwBShBEZc6K-exemcounppnb3h-ppmlyCUdIjJbXOnS7_ZbPPGMPlwKVB0nuHsJX9qiGA5zwf1JY4-9ZsBVc0-6rr6lPalbYLYOmE5nJPF1_R6zAeVlAODNVFH0Csgh9xOIzvAB5kOSfiIiOKaGcHFcQ7tGVXAoNjRvofl0CDInKrqRVXOymlVTWVRl8wtiX9r50aDTryzUferxHz4Jjs2hHUfXcPJujKQCOGqgkjcrlxd_8RcztZymIjK_hK00bjnyR-t0FpVuK8CdlBgVEQxveLMrC0KnVVHMemhO9W7G8eOsKQLJ28qZL1qs5jVPCAVcfwfaBT_MSL3Wn0hdqIMCuigboJsrACPpSvGcIqdTAxTfY-r-3_uZgziYE4j8_1L2WPVhA_-VnifoOj3LdJc2FfXv-t01O7cqdeWGARuvFl-UQl15FC7ncAz3eFOvPKMPASrNQdx_ee3QRYwYtJvXGHpYF7Afhh3dm7QsEtq8_OX3M6BC1_I16xudtg&cid=CAASEuRou7EVA_aBylym4oT2zTl9kA&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99db61ecfd0688ee0ce50bf3389181e2034c69724776541b27f169a68bf79a47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29649
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 66B0 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ce3Phq48ds-3QD2TpZtppKnGZvLYQE4qFfZOUoR06bE0_UDtzeWco8ENm72LRIJJAjHPKtkHszSDIAANS5fGKc_kYg1-2cVc-qqMQxYf3VuzFCalQ
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 66B0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
613
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:11:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 66B0 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:22:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 66B0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:21:54 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B380 		640 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSAfhC3w8UCGMXH_qkBMAE&v=APEucNWIUC3m6iQXZL_g-t7K5rxbXv36oZBYST2jWZG_FTb45G7w2mEyDR5KSTvHoBRtFAE7cDDbCuuiH5pEe3fDnH7HE1fH3xbPBMcWqgulsXZzVWTPympoaxZ5GcTKivLftd8CV8l29MKgv6cdKWYQGpfz7-QeMHolbxUMy4V6YUh59_WbtHvSo-EbxgZbTgKmXUsH61CNmLs3PX0vbvAqdxEq6xt9hw
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLSAfhC3w8UCGMXH_qkBMAE&v=APEucNWIUC3m6iQXZL_g-t7K5rxbXv36oZBYST2jWZG_FTb45G7w2mEyDR5KSTvHoBRtFAE7cDDbCuuiH5pEe3fDnH7HE1fH3xbPBMcWqgulsXZzVWTPympoaxZ5GcTKivLftd8CV8l29MKgv6cdKWYQGpfz7-QeMHolbxUMy4V6YUh59_WbtHvSo-EbxgZbTgKmXUsH61CNmLs3PX0vbvAqdxEq6xt9hw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnmg8lCP22jgybhCo7vWy47c-JP_xYnNX-UwlR6III9n3oLEfrXkhHPy3rt; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 23 Aug 2021 16:22:03 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 16:22:03 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 20BB 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmcE88eCBqGARXxIFrbtD9XzSgnu97RVqg0oqd3w9AJvtj-9z5CwpW5RiHQLbUHMFjepcInK8sCralpvBnPZz_e9FONpohkES2cwsPIO2wwlUworxcVAb85EoUBJhDYD6fx4mW63swHZooB5re7F2sqxFI7Q&dbm_d=AKAmf-AiuslDLYNrzQq6t-w8ZLljnnAZFgMLuQ_KUE_59P_1YSWyzwdeGajp9soL9x3xCgJTqJN99Zvh_jjyaV9BS9HvXLDsiJ8PH9wJaozwFhEdyZa5qtedK2UveIuomrZXeU6VPLWVOMHsIEG-3wHqlVv9CjEeg5IdNwvHRHPH812ACBpDcvVk4CPEnt96qY5CRtcTX17vXojEkLh5KSNhJHd3Q0b0EbzN_GZQgvjAHemeBSLaYSpNePP9v_7FOy91TEzXl1IPds-8icxPdPTvmnUJji6WtUWaDhJe_obHQGdnyHufp_CH09KtO_JVWRHA5J5hutw4jdSW28oEa5yxb_zdDcAxFRDAsdDPUBVoTuB-Yk7lYO6WOacsM7zC-Ixvsxa82K_ndvQiqHd8V3n3qT_aUl_9sFJAYOjaXGZzCf322iwI6WXaNCzqn6VjUqyXkFmFLgbyhHmUqr1W2vuHxV-5DiZXmq0dhDiS0w6KhBO5uHjS8mpbT8pyenJdpYNbQSlqx3iBQap8-1sWnAznMZZG7BjEdpVHlUGHyVjR9KuK-6e8Jm65-LpMbbHtydT1HyjoVwAPctH8RlPyu__naO1okq55syc3MIO6he8m0LDpKdVsJIBOrzU-m2S2If8lupCFOYqTU-mCuMF7HqdCkDkKkAOaGiTCck2PY7Z3z9VBJQa6kAH3ueWnAMk1v7V4jYIpbDjbUFUYzjSajZu70St2Wg5eDMwmDOVfV84M3xTpb78i-QmkISy6qnkrGytU4TXnzJviIHaCWjAI285s1pC0TRhKdpfOpQB9LFBPenvL9KOM8-Ue2VnYVBE14oMMyVcJQn6284_3o2Et5hlJRUscQKy41_cC6HoqqbtQ81SVqvPYuPNLA0i80L8P5tVONChanpS0PuiIHfCLLXwqv1q2qYBVg-efl59uPs-meE1gSS3pqQyr0FmlFBleDTF8bHi2KwZLg7qTDpgTQdCzINw9mvwytLD_7F8FgY1OgdCYCk6xMpGPgQKtNoJ8n5y_ZklXSLknfMC1RpakitzxOVgR1PlwK6RH1Wg-AA2lc9ZobTCFrxRDv9OcU_GI0KtSHZiZW8vpQAzxVmx6lh-hCJ2ZYUH3c42Tbhu_yGUdWpEkn1vg8beBcSq5Z2ZWoMvrGmh4y84cEJJgwmVjLlBgmz_-vzIFF7O86kXixvWvZ7CHQ1oXA1iMJQBjMKnp4HKT24-oEs_M6368x_XVsUOVsJU2Xn01VM6yX5izw0jM_dFsMYtSTY0nb4icJdKihQK17a4P5GOiyRpOVsqRX_oYE4pPTS6XEzBUmj4L-1DFy5CTX-8toliooRHu7BNL3-gw7f-X5PRlp9v3bngKeihZnPFPv6Su_sKpo4YHjZ-b8xqDNpXpIWWXlp0xCDDZNl8KSj1e7QmzRCESiA1y76inJ7PB6MG7imXuk8wWET7BO2nsbc-03IfQmux1wrBjClh2g-fIjpzuijUPriC1mbwdmmbARj7Oe5US4bypQK3L0uXFcFLy6mDk7DLOZ_got6TWzW3AldYqe4__jA3XXvZAOCagN64m2TqsTfoCcP9DjYutlsVrubbGV-FXrwLp4Pr8iSCx9tb2lpi19pePqEiHsMkk1WVBiwWdDc3ENEzSxH3LU7qIZUTodYjfdGCjQGBxUE7mZ4G11IYA0t36m_xefU-92hLIX6Gb_KPRL-iaT8WimzLRVDdKRSV5EKVNipJ4aNbwkSbQ0DWhxYjo4lbbSsTo9kRnUXFrkP__cHNmSTN3MX5blrh-ggfR_qBZVy677f32STVq9Pum9IbnudN8LIJwt00yvRLkQH8XhIaFlPfTnQv1yCPTiZ-K7CGKAGoYU29Iq49QpvTj6NfvuWPDVWv5s9_sCIIvFOEts2NSkdh9ApF-DLawkddRhYS4Liq2HOXZrv5QBQjNCVooO4O26rASpVYCxFrpY__UuHUTjXo8XhlVp3KrlSE5r8LAphvMb1UPx0qmpNj9W_UPUbk8sHrvPjmPBPLcbiSrhPU0wckW2EEst---5JsKNOwtZxLFOWLkoSwrKseXYULXXEKhM2k3bjmukrC-OeFj_BdHenvw-nKvdn2kpN6YmSwL_A-vbTVldzAWOd0HKwc3gHeu9yDzeXMCT9roFtUzVvvH3zCfm_7frHoQUiQyjSuncVMDLml6FdnqhneTzpqKhVVGTzUTl9R2MKI8oXmGbOsNOQITDPGGUIIS1vUcDCKo5acFqUyX3N7RgJ0HEMsKJ0Ct_HnfgWIsEeqzCW5TZMldEdNSznr_VNZu0dAZlkuHE7LHh1oyUHrN1XZNtrkBsbe-AfwXuXHgdqtFuaWgm2mQmJ7Leq4AL4yovM6H0ipsHP89PpDrkz3LbNCVUHjo16LvsLL73EK2xRHreZAx_fyBOsHiSsUmRyQCoZgsessK2324PrzmzxF8tdfFZUnVo37dEu_C-shyYsdfP78WSkMe7DJDNdYFgMz55K3hAw6z0fCzwh_AAMJWovYIDMMR0_DrcsgyE0nbLd-ze18ZyNeQsWwNCbjfqv0Y-VfRClnL7WGeHmXxov_SYu--2LUuPQwqp6ZKmZY2OgGhDJBqpnIHnEPYwyW3dcHvdpfulyl-cC1XtRVNMAthIQGtEqw02tKQGcYotWLMVenFB6j-fxVli4jccp8zsOSxUil9yZxhucp-g_DbIn2U1511lr5qat5HZkt0i2ZTk9nFbpGuveJuy9Q7WzdeF4d2e8g2PZnbGQSjYFbT1hH05tMjAHU_oZ88EGDkQ5qDRUi7dz5judrDfCsxp3jorlRgDDAB4dt96Ekhb7RpwW_WFyY9HCLABvFOO864Oi15eSmM75Qy-ueBFEWNoG5eLnpMQ53qy6HTjfLKU314WLdR_wt5zL7LgAkY1-fiJxfH6eNF5DWBDOK36_d6XMumaR640FstGEBfFTU8KECOqMxpdY9Ufh6FDcvEm_ebksh4ajhs5Vw3dyInmr5pcfxvzvk6iOtl95Uh4HEbbnV011d_P3soHGNSKeb_KWjQgc7WUDu_DXSRMT16jpdeJl29C_Y&cid=CAASEuRoH5ur0gSfmOhgG0empr8erA&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81dbd7856135d55d3709211fdba8d86bc2b299f6b48170c1dd4e590a984131be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29616
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 20BB 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CGP3gNuvTwP_G4WlKcODclWMBsAmsWKWKBrkJO-sMzUBoyJmBzaS-RZaLNXkCUY93fG9KntJGt8fVBg9M0Oow2o1dDvjKQ06J9AZOc_492DjiysdA
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 20BB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
613
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:11:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 20BB 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:22:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 20BB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
911
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:06:52 GMT
l
www.google.com/ads/measurement/ Frame 20BB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4QfOhoWxRUNcmz20xMFEfAAMg-RupIpsehM7gD8AxP67oF9vSYNwa2CJSTjbLp-hPr3Fi3_gZWjLbDGF2FeMgEuvrWQ
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 5743
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEED8ZrP2GhQvaBxZe5yaWIw&google_cver=1
43 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEED8ZrP2GhQvaBxZe5yaWIw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoYl4O8sQEwAQ&v=APEucNXGGUk_777IztCfaJ3hdjVDVValmoBbt4Uk8iyfHcKJ0JWRmex-MOsyNROJHQjMWji9eoDMcCfnnDpH_jUSZ6hzEJpfSwytTxMO_E7KSoYSUfG34Ics5iKJJRWYvEqMv46yv4kd05YwMtjQx5LEH5v-_3NYPcv8SGrhOc-ckC0r2lVVxYEgyMTU7mBowYZ0iKbmOlyUn15B51xreJXoncfnJUapRA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 16:22:03 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEED8ZrP2GhQvaBxZe5yaWIw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5743
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSPLKvk92JEDIiCukCrexwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEED8ZrP2GhQvaBxZe5yaWIw&google_cver=1
43 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEED8ZrP2GhQvaBxZe5yaWIw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoYl4O8sQEwAQ&v=APEucNXGGUk_777IztCfaJ3hdjVDVValmoBbt4Uk8iyfHcKJ0JWRmex-MOsyNROJHQjMWji9eoDMcCfnnDpH_jUSZ6hzEJpfSwytTxMO_E7KSoYSUfG34Ics5iKJJRWYvEqMv46yv4kd05YwMtjQx5LEH5v-_3NYPcv8SGrhOc-ckC0r2lVVxYEgyMTU7mBowYZ0iKbmOlyUn15B51xreJXoncfnJUapRA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 16:22:03 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEED8ZrP2GhQvaBxZe5yaWIw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5743
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEYRHN0M20BUdKSE5blrStE&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEYRHN0M20BUdKSE5blrStE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoYl4O8sQEwAQ&v=APEucNXGGUk_777IztCfaJ3hdjVDVValmoBbt4Uk8iyfHcKJ0JWRmex-MOsyNROJHQjMWji9eoDMcCfnnDpH_jUSZ6hzEJpfSwytTxMO_E7KSoYSUfG34Ics5iKJJRWYvEqMv46yv4kd05YwMtjQx5LEH5v-_3NYPcv8SGrhOc-ckC0r2lVVxYEgyMTU7mBowYZ0iKbmOlyUn15B51xreJXoncfnJUapRA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:03 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b17ec785-58ce-4175-be52-a2afda456edc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEYRHN0M20BUdKSE5blrStE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5743
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2MDc2MTg5MzQ4MDAyODQxNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2MDc2MTg5MzQ4MDAyODQxNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoYl4O8sQEwAQ&v=APEucNXGGUk_777IztCfaJ3hdjVDVValmoBbt4Uk8iyfHcKJ0JWRmex-MOsyNROJHQjMWji9eoDMcCfnnDpH_jUSZ6hzEJpfSwytTxMO_E7KSoYSUfG34Ics5iKJJRWYvEqMv46yv4kd05YwMtjQx5LEH5v-_3NYPcv8SGrhOc-ckC0r2lVVxYEgyMTU7mBowYZ0iKbmOlyUn15B51xreJXoncfnJUapRA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:03 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
da99cdf8-736c-4552-a7d1-97ee82a10cb4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2MDc2MTg5MzQ4MDAyODQxNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B380
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDdCx97WiL1ESmiWlUrDDiQ&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDdCx97WiL1ESmiWlUrDDiQ&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDdCx97WiL1ESmiWlUrDDiQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSAfhC3w8UCGMXH_qkBMAE&v=APEucNWIUC3m6iQXZL_g-t7K5rxbXv36oZBYST2jWZG_FTb45G7w2mEyDR5KSTvHoBRtFAE7cDDbCuuiH5pEe3fDnH7HE1fH3xbPBMcWqgulsXZzVWTPympoaxZ5GcTKivLftd8CV8l29MKgv6cdKWYQGpfz7-QeMHolbxUMy4V6YUh59_WbtHvSo-EbxgZbTgKmXUsH61CNmLs3PX0vbvAqdxEq6xt9hw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDdCx97WiL1ESmiWlUrDDiQ&google_cver=1
date
Mon, 23 Aug 2021 16:22:03 GMT
via
1.1 google
server
OXGW/16.214.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame B380
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWRlN2I5YTQtMDQxMi0yN2JkLWMxNTEtZDA1MGQ2OWUwZjc3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWRlN2I5YTQtMDQxMi0yN2JkLWMxNTEtZDA1MGQ2OWUwZjc3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSAfhC3w8UCGMXH_qkBMAE&v=APEucNWIUC3m6iQXZL_g-t7K5rxbXv36oZBYST2jWZG_FTb45G7w2mEyDR5KSTvHoBRtFAE7cDDbCuuiH5pEe3fDnH7HE1fH3xbPBMcWqgulsXZzVWTPympoaxZ5GcTKivLftd8CV8l29MKgv6cdKWYQGpfz7-QeMHolbxUMy4V6YUh59_WbtHvSo-EbxgZbTgKmXUsH61CNmLs3PX0vbvAqdxEq6xt9hw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Aug 2021 16:22:03 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWRlN2I5YTQtMDQxMi0yN2JkLWMxNTEtZDA1MGQ2OWUwZjc3
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame B380
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBTH0jeW0pf9w6OCjk-Rllk&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBTH0jeW0pf9w6OCjk-Rllk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSAfhC3w8UCGMXH_qkBMAE&v=APEucNWIUC3m6iQXZL_g-t7K5rxbXv36oZBYST2jWZG_FTb45G7w2mEyDR5KSTvHoBRtFAE7cDDbCuuiH5pEe3fDnH7HE1fH3xbPBMcWqgulsXZzVWTPympoaxZ5GcTKivLftd8CV8l29MKgv6cdKWYQGpfz7-QeMHolbxUMy4V6YUh59_WbtHvSo-EbxgZbTgKmXUsH61CNmLs3PX0vbvAqdxEq6xt9hw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 23 Aug 2021 16:22:03 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEBTH0jeW0pf9w6OCjk-Rllk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame B380 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSAfhC3w8UCGMXH_qkBMAE&v=APEucNWIUC3m6iQXZL_g-t7K5rxbXv36oZBYST2jWZG_FTb45G7w2mEyDR5KSTvHoBRtFAE7cDDbCuuiH5pEe3fDnH7HE1fH3xbPBMcWqgulsXZzVWTPympoaxZ5GcTKivLftd8CV8l29MKgv6cdKWYQGpfz7-QeMHolbxUMy4V6YUh59_WbtHvSo-EbxgZbTgKmXUsH61CNmLs3PX0vbvAqdxEq6xt9hw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 23 Aug 2021 16:22:03 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 66B0 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 22:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 22:43:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/ Frame 66B0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQ3k9UmrBGvogx4TllvsiQXE-j0PYOz5wrTB1mnVUfG6ye6owCbA3cSGtRH2qmNSBmBcUhSmHOFs7zBb9FJjwc-lu6Ngz-Zn4gTT0NonqFXfB_1Wn_-FddvvvvbDTQfteJGyBbG9eoP6KhxO7hnOZypooMcQ&dbm_d=AKAmf-BE4V4t1JgNmhZeG8YVnLP8zTbKN8ehgo7O3BTFeXYbXuyviLe3Ji72uUCnwf0REKGPPL0505CYsJZJZ6IkkfQCi43zVDhkm3WKfVd0KOH-5CXPtPSn1Lz_S1-abWcr2vdOMjRrceE80o-0vkCDozOq6og2vUNk-W-PPI7ayBug9IMmFH4_1oaBJyTc_0y98li_ugXQUmO2stRK9yKahpDq0_6cKNNQz6Azi7ib-RWde37t89MXTc9P2JP2mgKYXM0KK_7TkDtmEQ_V-mtUF1lLcmgtO859RpGANng8R4S3fBH4AEX98E6SppBNNKf0Kymzg1ppzXJK8nsFDf5hPX9WSYAGXMS5_AvRItVwaJzOTkyCaTwaHvobStRtRmdFh4HeL2v_8_HSh1d7AC-cMu23Wyo6RddcUM72B4DTQvkln-ehBhKV89uNqGjm89ITSuOp8vXoCAZ4TYX4QHAR52LuHORV8nQAmYwCgeXuoW4R_ry37yArD4teDtzgrgkmeGDphf4kv-gsnxIG5CyzsaxROrDepJSIuUa_8Oit5Ihs7oJ54QemPDEtdILUhZ9n18XGTp1EBEf0pSwKNkD44kFEFQJn4eJc92IYCGONLxbGc5pgF5a3-v_wDGis7yBZUkh_gpEa7qEVpJ-Yay3wE8PrVpjaVI6AC3PPCGHUSWHZC3SCuY6WYnw39fb8vMluWmGhIE8wAzXroN6IVXVlgpEfK6vNc_YqvgmdJaw-eQsz-MsYH3fo06XoauR9T2yWk7fM6fsxwHO_Mrtcrd1keOIM3cxDmEAwFVxmZxj65E6G0UFWlN45cVgt33fk6rUr7cTZFlRDtOAtUNFgUYEgik-BxJ_fIP4g7Fmqc6ATO3mYiPYdjSoqz6WU0zJIR3PnZZhPQiEUfyMMLONAze2lmnGZOwc9jwnZlrA9cGXkTtEofFpq8u9aBVIMCiiKSDgm3tnMi1ZFHQUkhzXbeJVTZCUvdYwKopqnzlBO1R7El9OBDjfJlRwXnw-AvHyWNM2Ba77X8PD1hYOQj3vq6kqe_ueHK0jRPdY_dtIlpCuMGUWJryfsErLT4tic_qJKqfpKUuhl9iGdNS_9ohUaYAeuaILzGQC5gnsRolCZnBdjINz-7u81rGdVIShlXJ9yO6NTCf5vKJ_5eapXr-buA8XeROawLQJBSbYmRISO_5kkxv62fwrJaP0r5ndDlEUliePlYlluYFfeqIHuF1AnVauEJrS2WeP0pC8qr9Pk8IJcC0HwIMocwwAHHPmDMGcN9y6FGpcZyQs4MjgoX8RYJK6T69ATCl_I2VGNtcZx5qVUsA8wkEaco73u78j-4alFNaluOFlToh1cVtGZJkztNPzdCdSkhI-4F1JMaV8NlN5ZMDIzXd2zeZABNsY1JZW5VVYU_xiHLPidTvp6HKNkgV5ic11Ez-tMF5tcp0Hoo5H3y-g8I-6i9dAT3EPuEuCBFGSBd9d7svjqvHAUHXpp-CMalPoBD1GnLSm1Rc14hd9yforUnY6a3XCKw5I0zMlRx2FvkShrbX_yO1Gs0Qzt552CWk76RoJQF16xgCW82Qf9mEeBRjvReJGb52ScWAXZU2_9vGWzTEq3ycNWwc87HwxlIlPaN2BHiYWg6u7YMoTrqi-_OuGGnO-Z6Vei_sJt_ABz7i27EPiTXfr9zDhGk4r6kb1S480QJhjcm7y8BqfPCei8CgcV4ByHIQNERAHFyZGr4SffMGjQSCi2JB74P4nQIc2bAMcAHdcyx4GW7oa9e_-OwIDKIlxMWVj-_jlu3nYn08oPKnBQ3FVHEfhHogfhJigM_FlXaXgtIaMoCm2iSQyqW5gtIvqYXB2pxJNjjNadF26ZfQIAHYiVbf9hiwa-xOdS_hvK5OuzyVG3deG5hVC5woNijTFaX4TYzv5V6JbiRauFh3xHFDda6vTm-sJTnIaj6KiwhJLQIYBhjGU4JGuSMDVeAb7IjCnwoRJxqpfxPZOOJFplYMUM3fVNAsoHPTmdQYNAbgUzLgNPEJOQd6EdlyhAMK7LvWBfFPm1eJHm_xQGhDF3I9r6XYaSc-4-hqKq8eOE7h74PYko_MwNgthBFqKdNn-sOpWDDQ8Vuub_YQIgd7_7iJBTfvgyTTKKE8VId8H07FK-GhA5fxieNIxll7q4qc0I9wgEh6nyIPi3j8XNGFynuA_k4VA6J11BLgmXBawZpgbI6F6QomWeAMyUHspDLFwL6hbknNboyyyt9aPeIj54bL6hj5t1dWiT16weD9YVAZTVuNtUIuSZT6o77Zu6FFoJmDOyD5r7jHlS5l9lEfx58UBr1ayjUU2MnCic6KpF159_Ps4uhND12uPfm7TivH2vU_p62wP3qDP3rippnbSojO6Ve_sRMdvhxiW-KrKT8EZM2taB5bRYHn_3XYXRgtfKjgJgFDJqIKOsyuS8cN0YfBXI6miJ2kBkaikRjsilRvv3nHrPu2ZeApZeo6xfIu2V2n5KbksSBitrIC4ObQkz5vkY4Tw8oQ1pOvD05FKEqxyuTmguRkx-C-0HDQnRHzk0RzMpIwV-Zdt8T8m6eBMD3eLvwBShBEZc6K-exemcounppnb3h-ppmlyCUdIjJbXOnS7_ZbPPGMPlwKVB0nuHsJX9qiGA5zwf1JY4-9ZsBVc0-6rr6lPalbYLYOmE5nJPF1_R6zAeVlAODNVFH0Csgh9xOIzvAB5kOSfiIiOKaGcHFcQ7tGVXAoNjRvofl0CDInKrqRVXOymlVTWVRl8wtiX9r50aDTryzUferxHz4Jjs2hHUfXcPJujKQCOGqgkjcrlxd_8RcztZymIjK_hK00bjnyR-t0FpVuK8CdlBgVEQxveLMrC0KnVVHMemhO9W7G8eOsKQLJ28qZL1qs5jVPCAVcfwfaBT_MSL3Wn0hdqIMCuigboJsrACPpSvGcIqdTAxTfY-r-3_uZgziYE4j8_1L2WPVhA_-VnifoOj3LdJc2FfXv-t01O7cqdeWGARuvFl-UQl15FC7ncAz3eFOvPKMPASrNQdx_ee3QRYwYtJvXGHpYF7Afhh3dm7QsEtq8_OX3M6BC1_I16xudtg&cid=CAASEuRou7EVA_aBylym4oT2zTl9kA&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:21:48 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 66B0 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQ3k9UmrBGvogx4TllvsiQXE-j0PYOz5wrTB1mnVUfG6ye6owCbA3cSGtRH2qmNSBmBcUhSmHOFs7zBb9FJjwc-lu6Ngz-Zn4gTT0NonqFXfB_1Wn_-FddvvvvbDTQfteJGyBbG9eoP6KhxO7hnOZypooMcQ&dbm_d=AKAmf-BE4V4t1JgNmhZeG8YVnLP8zTbKN8ehgo7O3BTFeXYbXuyviLe3Ji72uUCnwf0REKGPPL0505CYsJZJZ6IkkfQCi43zVDhkm3WKfVd0KOH-5CXPtPSn1Lz_S1-abWcr2vdOMjRrceE80o-0vkCDozOq6og2vUNk-W-PPI7ayBug9IMmFH4_1oaBJyTc_0y98li_ugXQUmO2stRK9yKahpDq0_6cKNNQz6Azi7ib-RWde37t89MXTc9P2JP2mgKYXM0KK_7TkDtmEQ_V-mtUF1lLcmgtO859RpGANng8R4S3fBH4AEX98E6SppBNNKf0Kymzg1ppzXJK8nsFDf5hPX9WSYAGXMS5_AvRItVwaJzOTkyCaTwaHvobStRtRmdFh4HeL2v_8_HSh1d7AC-cMu23Wyo6RddcUM72B4DTQvkln-ehBhKV89uNqGjm89ITSuOp8vXoCAZ4TYX4QHAR52LuHORV8nQAmYwCgeXuoW4R_ry37yArD4teDtzgrgkmeGDphf4kv-gsnxIG5CyzsaxROrDepJSIuUa_8Oit5Ihs7oJ54QemPDEtdILUhZ9n18XGTp1EBEf0pSwKNkD44kFEFQJn4eJc92IYCGONLxbGc5pgF5a3-v_wDGis7yBZUkh_gpEa7qEVpJ-Yay3wE8PrVpjaVI6AC3PPCGHUSWHZC3SCuY6WYnw39fb8vMluWmGhIE8wAzXroN6IVXVlgpEfK6vNc_YqvgmdJaw-eQsz-MsYH3fo06XoauR9T2yWk7fM6fsxwHO_Mrtcrd1keOIM3cxDmEAwFVxmZxj65E6G0UFWlN45cVgt33fk6rUr7cTZFlRDtOAtUNFgUYEgik-BxJ_fIP4g7Fmqc6ATO3mYiPYdjSoqz6WU0zJIR3PnZZhPQiEUfyMMLONAze2lmnGZOwc9jwnZlrA9cGXkTtEofFpq8u9aBVIMCiiKSDgm3tnMi1ZFHQUkhzXbeJVTZCUvdYwKopqnzlBO1R7El9OBDjfJlRwXnw-AvHyWNM2Ba77X8PD1hYOQj3vq6kqe_ueHK0jRPdY_dtIlpCuMGUWJryfsErLT4tic_qJKqfpKUuhl9iGdNS_9ohUaYAeuaILzGQC5gnsRolCZnBdjINz-7u81rGdVIShlXJ9yO6NTCf5vKJ_5eapXr-buA8XeROawLQJBSbYmRISO_5kkxv62fwrJaP0r5ndDlEUliePlYlluYFfeqIHuF1AnVauEJrS2WeP0pC8qr9Pk8IJcC0HwIMocwwAHHPmDMGcN9y6FGpcZyQs4MjgoX8RYJK6T69ATCl_I2VGNtcZx5qVUsA8wkEaco73u78j-4alFNaluOFlToh1cVtGZJkztNPzdCdSkhI-4F1JMaV8NlN5ZMDIzXd2zeZABNsY1JZW5VVYU_xiHLPidTvp6HKNkgV5ic11Ez-tMF5tcp0Hoo5H3y-g8I-6i9dAT3EPuEuCBFGSBd9d7svjqvHAUHXpp-CMalPoBD1GnLSm1Rc14hd9yforUnY6a3XCKw5I0zMlRx2FvkShrbX_yO1Gs0Qzt552CWk76RoJQF16xgCW82Qf9mEeBRjvReJGb52ScWAXZU2_9vGWzTEq3ycNWwc87HwxlIlPaN2BHiYWg6u7YMoTrqi-_OuGGnO-Z6Vei_sJt_ABz7i27EPiTXfr9zDhGk4r6kb1S480QJhjcm7y8BqfPCei8CgcV4ByHIQNERAHFyZGr4SffMGjQSCi2JB74P4nQIc2bAMcAHdcyx4GW7oa9e_-OwIDKIlxMWVj-_jlu3nYn08oPKnBQ3FVHEfhHogfhJigM_FlXaXgtIaMoCm2iSQyqW5gtIvqYXB2pxJNjjNadF26ZfQIAHYiVbf9hiwa-xOdS_hvK5OuzyVG3deG5hVC5woNijTFaX4TYzv5V6JbiRauFh3xHFDda6vTm-sJTnIaj6KiwhJLQIYBhjGU4JGuSMDVeAb7IjCnwoRJxqpfxPZOOJFplYMUM3fVNAsoHPTmdQYNAbgUzLgNPEJOQd6EdlyhAMK7LvWBfFPm1eJHm_xQGhDF3I9r6XYaSc-4-hqKq8eOE7h74PYko_MwNgthBFqKdNn-sOpWDDQ8Vuub_YQIgd7_7iJBTfvgyTTKKE8VId8H07FK-GhA5fxieNIxll7q4qc0I9wgEh6nyIPi3j8XNGFynuA_k4VA6J11BLgmXBawZpgbI6F6QomWeAMyUHspDLFwL6hbknNboyyyt9aPeIj54bL6hj5t1dWiT16weD9YVAZTVuNtUIuSZT6o77Zu6FFoJmDOyD5r7jHlS5l9lEfx58UBr1ayjUU2MnCic6KpF159_Ps4uhND12uPfm7TivH2vU_p62wP3qDP3rippnbSojO6Ve_sRMdvhxiW-KrKT8EZM2taB5bRYHn_3XYXRgtfKjgJgFDJqIKOsyuS8cN0YfBXI6miJ2kBkaikRjsilRvv3nHrPu2ZeApZeo6xfIu2V2n5KbksSBitrIC4ObQkz5vkY4Tw8oQ1pOvD05FKEqxyuTmguRkx-C-0HDQnRHzk0RzMpIwV-Zdt8T8m6eBMD3eLvwBShBEZc6K-exemcounppnb3h-ppmlyCUdIjJbXOnS7_ZbPPGMPlwKVB0nuHsJX9qiGA5zwf1JY4-9ZsBVc0-6rr6lPalbYLYOmE5nJPF1_R6zAeVlAODNVFH0Csgh9xOIzvAB5kOSfiIiOKaGcHFcQ7tGVXAoNjRvofl0CDInKrqRVXOymlVTWVRl8wtiX9r50aDTryzUferxHz4Jjs2hHUfXcPJujKQCOGqgkjcrlxd_8RcztZymIjK_hK00bjnyR-t0FpVuK8CdlBgVEQxveLMrC0KnVVHMemhO9W7G8eOsKQLJ28qZL1qs5jVPCAVcfwfaBT_MSL3Wn0hdqIMCuigboJsrACPpSvGcIqdTAxTfY-r-3_uZgziYE4j8_1L2WPVhA_-VnifoOj3LdJc2FfXv-t01O7cqdeWGARuvFl-UQl15FC7ncAz3eFOvPKMPASrNQdx_ee3QRYwYtJvXGHpYF7Afhh3dm7QsEtq8_OX3M6BC1_I16xudtg&cid=CAASEuRou7EVA_aBylym4oT2zTl9kA&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
821
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9341
x-xss-protection
0
server
cafe
etag
177112232901409761
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:08:22 GMT
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 20BB 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 22:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 22:43:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/ Frame 20BB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmcE88eCBqGARXxIFrbtD9XzSgnu97RVqg0oqd3w9AJvtj-9z5CwpW5RiHQLbUHMFjepcInK8sCralpvBnPZz_e9FONpohkES2cwsPIO2wwlUworxcVAb85EoUBJhDYD6fx4mW63swHZooB5re7F2sqxFI7Q&dbm_d=AKAmf-AiuslDLYNrzQq6t-w8ZLljnnAZFgMLuQ_KUE_59P_1YSWyzwdeGajp9soL9x3xCgJTqJN99Zvh_jjyaV9BS9HvXLDsiJ8PH9wJaozwFhEdyZa5qtedK2UveIuomrZXeU6VPLWVOMHsIEG-3wHqlVv9CjEeg5IdNwvHRHPH812ACBpDcvVk4CPEnt96qY5CRtcTX17vXojEkLh5KSNhJHd3Q0b0EbzN_GZQgvjAHemeBSLaYSpNePP9v_7FOy91TEzXl1IPds-8icxPdPTvmnUJji6WtUWaDhJe_obHQGdnyHufp_CH09KtO_JVWRHA5J5hutw4jdSW28oEa5yxb_zdDcAxFRDAsdDPUBVoTuB-Yk7lYO6WOacsM7zC-Ixvsxa82K_ndvQiqHd8V3n3qT_aUl_9sFJAYOjaXGZzCf322iwI6WXaNCzqn6VjUqyXkFmFLgbyhHmUqr1W2vuHxV-5DiZXmq0dhDiS0w6KhBO5uHjS8mpbT8pyenJdpYNbQSlqx3iBQap8-1sWnAznMZZG7BjEdpVHlUGHyVjR9KuK-6e8Jm65-LpMbbHtydT1HyjoVwAPctH8RlPyu__naO1okq55syc3MIO6he8m0LDpKdVsJIBOrzU-m2S2If8lupCFOYqTU-mCuMF7HqdCkDkKkAOaGiTCck2PY7Z3z9VBJQa6kAH3ueWnAMk1v7V4jYIpbDjbUFUYzjSajZu70St2Wg5eDMwmDOVfV84M3xTpb78i-QmkISy6qnkrGytU4TXnzJviIHaCWjAI285s1pC0TRhKdpfOpQB9LFBPenvL9KOM8-Ue2VnYVBE14oMMyVcJQn6284_3o2Et5hlJRUscQKy41_cC6HoqqbtQ81SVqvPYuPNLA0i80L8P5tVONChanpS0PuiIHfCLLXwqv1q2qYBVg-efl59uPs-meE1gSS3pqQyr0FmlFBleDTF8bHi2KwZLg7qTDpgTQdCzINw9mvwytLD_7F8FgY1OgdCYCk6xMpGPgQKtNoJ8n5y_ZklXSLknfMC1RpakitzxOVgR1PlwK6RH1Wg-AA2lc9ZobTCFrxRDv9OcU_GI0KtSHZiZW8vpQAzxVmx6lh-hCJ2ZYUH3c42Tbhu_yGUdWpEkn1vg8beBcSq5Z2ZWoMvrGmh4y84cEJJgwmVjLlBgmz_-vzIFF7O86kXixvWvZ7CHQ1oXA1iMJQBjMKnp4HKT24-oEs_M6368x_XVsUOVsJU2Xn01VM6yX5izw0jM_dFsMYtSTY0nb4icJdKihQK17a4P5GOiyRpOVsqRX_oYE4pPTS6XEzBUmj4L-1DFy5CTX-8toliooRHu7BNL3-gw7f-X5PRlp9v3bngKeihZnPFPv6Su_sKpo4YHjZ-b8xqDNpXpIWWXlp0xCDDZNl8KSj1e7QmzRCESiA1y76inJ7PB6MG7imXuk8wWET7BO2nsbc-03IfQmux1wrBjClh2g-fIjpzuijUPriC1mbwdmmbARj7Oe5US4bypQK3L0uXFcFLy6mDk7DLOZ_got6TWzW3AldYqe4__jA3XXvZAOCagN64m2TqsTfoCcP9DjYutlsVrubbGV-FXrwLp4Pr8iSCx9tb2lpi19pePqEiHsMkk1WVBiwWdDc3ENEzSxH3LU7qIZUTodYjfdGCjQGBxUE7mZ4G11IYA0t36m_xefU-92hLIX6Gb_KPRL-iaT8WimzLRVDdKRSV5EKVNipJ4aNbwkSbQ0DWhxYjo4lbbSsTo9kRnUXFrkP__cHNmSTN3MX5blrh-ggfR_qBZVy677f32STVq9Pum9IbnudN8LIJwt00yvRLkQH8XhIaFlPfTnQv1yCPTiZ-K7CGKAGoYU29Iq49QpvTj6NfvuWPDVWv5s9_sCIIvFOEts2NSkdh9ApF-DLawkddRhYS4Liq2HOXZrv5QBQjNCVooO4O26rASpVYCxFrpY__UuHUTjXo8XhlVp3KrlSE5r8LAphvMb1UPx0qmpNj9W_UPUbk8sHrvPjmPBPLcbiSrhPU0wckW2EEst---5JsKNOwtZxLFOWLkoSwrKseXYULXXEKhM2k3bjmukrC-OeFj_BdHenvw-nKvdn2kpN6YmSwL_A-vbTVldzAWOd0HKwc3gHeu9yDzeXMCT9roFtUzVvvH3zCfm_7frHoQUiQyjSuncVMDLml6FdnqhneTzpqKhVVGTzUTl9R2MKI8oXmGbOsNOQITDPGGUIIS1vUcDCKo5acFqUyX3N7RgJ0HEMsKJ0Ct_HnfgWIsEeqzCW5TZMldEdNSznr_VNZu0dAZlkuHE7LHh1oyUHrN1XZNtrkBsbe-AfwXuXHgdqtFuaWgm2mQmJ7Leq4AL4yovM6H0ipsHP89PpDrkz3LbNCVUHjo16LvsLL73EK2xRHreZAx_fyBOsHiSsUmRyQCoZgsessK2324PrzmzxF8tdfFZUnVo37dEu_C-shyYsdfP78WSkMe7DJDNdYFgMz55K3hAw6z0fCzwh_AAMJWovYIDMMR0_DrcsgyE0nbLd-ze18ZyNeQsWwNCbjfqv0Y-VfRClnL7WGeHmXxov_SYu--2LUuPQwqp6ZKmZY2OgGhDJBqpnIHnEPYwyW3dcHvdpfulyl-cC1XtRVNMAthIQGtEqw02tKQGcYotWLMVenFB6j-fxVli4jccp8zsOSxUil9yZxhucp-g_DbIn2U1511lr5qat5HZkt0i2ZTk9nFbpGuveJuy9Q7WzdeF4d2e8g2PZnbGQSjYFbT1hH05tMjAHU_oZ88EGDkQ5qDRUi7dz5judrDfCsxp3jorlRgDDAB4dt96Ekhb7RpwW_WFyY9HCLABvFOO864Oi15eSmM75Qy-ueBFEWNoG5eLnpMQ53qy6HTjfLKU314WLdR_wt5zL7LgAkY1-fiJxfH6eNF5DWBDOK36_d6XMumaR640FstGEBfFTU8KECOqMxpdY9Ufh6FDcvEm_ebksh4ajhs5Vw3dyInmr5pcfxvzvk6iOtl95Uh4HEbbnV011d_P3soHGNSKeb_KWjQgc7WUDu_DXSRMT16jpdeJl29C_Y&cid=CAASEuRoH5ur0gSfmOhgG0empr8erA&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:21:48 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 20BB 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmcE88eCBqGARXxIFrbtD9XzSgnu97RVqg0oqd3w9AJvtj-9z5CwpW5RiHQLbUHMFjepcInK8sCralpvBnPZz_e9FONpohkES2cwsPIO2wwlUworxcVAb85EoUBJhDYD6fx4mW63swHZooB5re7F2sqxFI7Q&dbm_d=AKAmf-AiuslDLYNrzQq6t-w8ZLljnnAZFgMLuQ_KUE_59P_1YSWyzwdeGajp9soL9x3xCgJTqJN99Zvh_jjyaV9BS9HvXLDsiJ8PH9wJaozwFhEdyZa5qtedK2UveIuomrZXeU6VPLWVOMHsIEG-3wHqlVv9CjEeg5IdNwvHRHPH812ACBpDcvVk4CPEnt96qY5CRtcTX17vXojEkLh5KSNhJHd3Q0b0EbzN_GZQgvjAHemeBSLaYSpNePP9v_7FOy91TEzXl1IPds-8icxPdPTvmnUJji6WtUWaDhJe_obHQGdnyHufp_CH09KtO_JVWRHA5J5hutw4jdSW28oEa5yxb_zdDcAxFRDAsdDPUBVoTuB-Yk7lYO6WOacsM7zC-Ixvsxa82K_ndvQiqHd8V3n3qT_aUl_9sFJAYOjaXGZzCf322iwI6WXaNCzqn6VjUqyXkFmFLgbyhHmUqr1W2vuHxV-5DiZXmq0dhDiS0w6KhBO5uHjS8mpbT8pyenJdpYNbQSlqx3iBQap8-1sWnAznMZZG7BjEdpVHlUGHyVjR9KuK-6e8Jm65-LpMbbHtydT1HyjoVwAPctH8RlPyu__naO1okq55syc3MIO6he8m0LDpKdVsJIBOrzU-m2S2If8lupCFOYqTU-mCuMF7HqdCkDkKkAOaGiTCck2PY7Z3z9VBJQa6kAH3ueWnAMk1v7V4jYIpbDjbUFUYzjSajZu70St2Wg5eDMwmDOVfV84M3xTpb78i-QmkISy6qnkrGytU4TXnzJviIHaCWjAI285s1pC0TRhKdpfOpQB9LFBPenvL9KOM8-Ue2VnYVBE14oMMyVcJQn6284_3o2Et5hlJRUscQKy41_cC6HoqqbtQ81SVqvPYuPNLA0i80L8P5tVONChanpS0PuiIHfCLLXwqv1q2qYBVg-efl59uPs-meE1gSS3pqQyr0FmlFBleDTF8bHi2KwZLg7qTDpgTQdCzINw9mvwytLD_7F8FgY1OgdCYCk6xMpGPgQKtNoJ8n5y_ZklXSLknfMC1RpakitzxOVgR1PlwK6RH1Wg-AA2lc9ZobTCFrxRDv9OcU_GI0KtSHZiZW8vpQAzxVmx6lh-hCJ2ZYUH3c42Tbhu_yGUdWpEkn1vg8beBcSq5Z2ZWoMvrGmh4y84cEJJgwmVjLlBgmz_-vzIFF7O86kXixvWvZ7CHQ1oXA1iMJQBjMKnp4HKT24-oEs_M6368x_XVsUOVsJU2Xn01VM6yX5izw0jM_dFsMYtSTY0nb4icJdKihQK17a4P5GOiyRpOVsqRX_oYE4pPTS6XEzBUmj4L-1DFy5CTX-8toliooRHu7BNL3-gw7f-X5PRlp9v3bngKeihZnPFPv6Su_sKpo4YHjZ-b8xqDNpXpIWWXlp0xCDDZNl8KSj1e7QmzRCESiA1y76inJ7PB6MG7imXuk8wWET7BO2nsbc-03IfQmux1wrBjClh2g-fIjpzuijUPriC1mbwdmmbARj7Oe5US4bypQK3L0uXFcFLy6mDk7DLOZ_got6TWzW3AldYqe4__jA3XXvZAOCagN64m2TqsTfoCcP9DjYutlsVrubbGV-FXrwLp4Pr8iSCx9tb2lpi19pePqEiHsMkk1WVBiwWdDc3ENEzSxH3LU7qIZUTodYjfdGCjQGBxUE7mZ4G11IYA0t36m_xefU-92hLIX6Gb_KPRL-iaT8WimzLRVDdKRSV5EKVNipJ4aNbwkSbQ0DWhxYjo4lbbSsTo9kRnUXFrkP__cHNmSTN3MX5blrh-ggfR_qBZVy677f32STVq9Pum9IbnudN8LIJwt00yvRLkQH8XhIaFlPfTnQv1yCPTiZ-K7CGKAGoYU29Iq49QpvTj6NfvuWPDVWv5s9_sCIIvFOEts2NSkdh9ApF-DLawkddRhYS4Liq2HOXZrv5QBQjNCVooO4O26rASpVYCxFrpY__UuHUTjXo8XhlVp3KrlSE5r8LAphvMb1UPx0qmpNj9W_UPUbk8sHrvPjmPBPLcbiSrhPU0wckW2EEst---5JsKNOwtZxLFOWLkoSwrKseXYULXXEKhM2k3bjmukrC-OeFj_BdHenvw-nKvdn2kpN6YmSwL_A-vbTVldzAWOd0HKwc3gHeu9yDzeXMCT9roFtUzVvvH3zCfm_7frHoQUiQyjSuncVMDLml6FdnqhneTzpqKhVVGTzUTl9R2MKI8oXmGbOsNOQITDPGGUIIS1vUcDCKo5acFqUyX3N7RgJ0HEMsKJ0Ct_HnfgWIsEeqzCW5TZMldEdNSznr_VNZu0dAZlkuHE7LHh1oyUHrN1XZNtrkBsbe-AfwXuXHgdqtFuaWgm2mQmJ7Leq4AL4yovM6H0ipsHP89PpDrkz3LbNCVUHjo16LvsLL73EK2xRHreZAx_fyBOsHiSsUmRyQCoZgsessK2324PrzmzxF8tdfFZUnVo37dEu_C-shyYsdfP78WSkMe7DJDNdYFgMz55K3hAw6z0fCzwh_AAMJWovYIDMMR0_DrcsgyE0nbLd-ze18ZyNeQsWwNCbjfqv0Y-VfRClnL7WGeHmXxov_SYu--2LUuPQwqp6ZKmZY2OgGhDJBqpnIHnEPYwyW3dcHvdpfulyl-cC1XtRVNMAthIQGtEqw02tKQGcYotWLMVenFB6j-fxVli4jccp8zsOSxUil9yZxhucp-g_DbIn2U1511lr5qat5HZkt0i2ZTk9nFbpGuveJuy9Q7WzdeF4d2e8g2PZnbGQSjYFbT1hH05tMjAHU_oZ88EGDkQ5qDRUi7dz5judrDfCsxp3jorlRgDDAB4dt96Ekhb7RpwW_WFyY9HCLABvFOO864Oi15eSmM75Qy-ueBFEWNoG5eLnpMQ53qy6HTjfLKU314WLdR_wt5zL7LgAkY1-fiJxfH6eNF5DWBDOK36_d6XMumaR640FstGEBfFTU8KECOqMxpdY9Ufh6FDcvEm_ebksh4ajhs5Vw3dyInmr5pcfxvzvk6iOtl95Uh4HEbbnV011d_P3soHGNSKeb_KWjQgc7WUDu_DXSRMT16jpdeJl29C_Y&cid=CAASEuRoH5ur0gSfmOhgG0empr8erA&rfl=1%2Chttps%253A%252F%252Faskleo.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
821
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9341
x-xss-protection
0
server
cafe
etag
177112232901409761
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:08:22 GMT
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
436cd10b77fcf5f8d3d813c4d71cf5d22537d73da612449ea799a54409524fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3804
date
Mon, 23 Aug 2021 16:22:03 GMT
expires
Tue, 24 Aug 2021 16:22:03 GMT
cache-control
public, max-age=86400
last-modified
Fri, 05 Mar 2021 14:11:04 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 66B0 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssm-G-etAVisbh0rK02Jk729QQ0WK6FOqQ7_KtO2wjX152o6N3KNWun7irgWs9MishtXdPrGwXu_raKLAgpcSOQv2fwh6UQeUIHLsapA_hLwh_4PqofRPdNZUA2RbNwp_QeE-wDzPnyBm3rxLw7clja1pMYQ4eaXUnT8s74G9syRBCCRBllmOII9OUWgDA-WLAQPsP4QLaw5RQG9OP75KoC7qYM9JVL3w07lKH9W7A_Ryjc-D3RYLVi1umA50LkmW2drO5iyHko6x-rUA0Tf7SuLFvib1M12c3lbYScyuNapIX-tt_tHnXEa0flZTn80n0Iv2FvzqhI3xAePv0OuQMlxCZs_yco34Q_b_uTZ8789U9kHDowlngiqUxC19qBac89biOJnqzeYH0kpmQtbX8HOYZLyUM5ySzbVMPIAWRDEUlhgCQKkGGTtmZ5C8T8WkN1_QXwVGjtSmOflcNppsMjNCtt7kz7VfAy8VhHOAC8bSULt3FlHSy45K22XVsdvEPIcXHf00ZCidXLnT2yXVIALRYiPFProAVu9zsHbt_GIyVWqonpJRUbZnOrzp4Pd5GuliQA_FVPNzuWH5WwGP1PVaCYp1H6fJAEoOEhhoExx4U9twhLYDeBTfGBKI-HOholOL16IeETeLXh4AN_FDMf-Qa_xJQuhg3Ww88d3Ajz0570qbk2dm5wyEW_op8PkP75QDE3OUCPrg4It4J6dz3vwk8sxYEVHVq3R32lSIZI-I2EYdWPuzXqUEYd5VpmrEhF2NqM8PiFdrIckE2Ntg2fkZ2Pd-XFtFPQ-2qF_S_LBVLAZAmuKUt73Yui4lA8VTsN4mNvvUG-TsKp8byt-xqWUvSOi3fjcSG3Q5CNfiyi8ldsr37ZZQ_y45KpdgMBztRmCbs14qdcTaueLQ9IE2OjOZ_UE3JguM2fKpeKa8pDBmRv7Q5yBQGm_uybXY6G_p2sOmmapkhm7q-dV8TqB5HPz9wQotfwKv1ny7lB9q6Bj9XGnGLBOYarpWLw5Q6D-NMQRM_lUHVe0HHoZ1pfIlaOhP3fpmfLLhM872vhM0XAai5LAUG1C3LrxXAPmWxK3sDma4jzo9FNOFvV4nK4RAozxqht_gJY_FZRMI6uNrcfDjvVt4Pgi0-skTZqMvcC_7gASp-LXtHlpaRyTlYFrQlMxOUYW7FjAXTt0H6ZPuKBvu1fCPofqOtlV7GZjNUNXT7zV1Pl1mDF&sai=AMfl-YRqNbK7jN5uPvTHoNyg13ef2V54oHBC4M6Oh5IRdccxpXXj_IjCLdUz9fceXxAuefYLsYWqa6XMGbo5B0eEnmRD5R-krkz-krW9Kurub7k5yV8HsYUYWOwRhs2-hPnqphma5TJkNntDJHg9SCuGtiLFEuCRSg&sig=Cg0ArKJSzMqUalxfY_R0EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=84&cbvp=1&cstd=80&cisv=r20210816.44334&adurl=
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 23 Aug 2021 16:22:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
opt.objectiveportal.com/ Frame 66B0 		35 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://opt.objectiveportal.com/pixel.gif?customer=COO&brand=COO&domain=VL&process=banner&campaignid=26230621&placementid=310223783&che=3147083237&cmsiteid=1706137&adid=502811249&crid=144698338&gvalue=ct=DE&st=&city=0&dma=0&zp=&bw=4&keyvalue=0&line_item_id=&creativeid=&exchangeid=&insertionorderid=&sourceurl=&universalsiteid=&auctionid=&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.152.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.152.201.195.clients.your-server.de
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.objectiveportal.com objectiveportal.com
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
098f3822-e597-4dc4-957a-38714a097c0d
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors *.objectiveportal.com objectiveportal.com
strict-transport-security
max-age=63072000; includeSubdomains
content-length
35
x-content-type-options
nosniff
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 66B0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 07:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32423
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Aug 2022 07:21:40 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A051 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 23 Aug 2021 11:56:19 GMT
expires
Tue, 24 Aug 2021 11:56:19 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
15944
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 66B0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2daa00b5c510fe37f49069b68154d4308f40b1cb0d7c96335626902841e2a3ba

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EDA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdAOkKssjYYSrLIaH7gPO-4CwCQAAAAA4AeAEAg&bg=!jo2ljcnNAAZvV8FTb1c7ACkAdvg8Wpvhk3XuogkUBsuKaL0-AnJj6e7UY6gvrLQaHcm8ymELSWxDAQIAAAKjUgAAADpoAQcKAKTqTZsSnzr32-AuGUrUVx9WOP6CdBAhurX0OwROjkD4XdMkpczCo-IJ9WD8iR5NqLINEWyCSJpMaPm4CIfwX6y_U7UmY_g2c9Iw-r0qq5OU4LpD-c7JXykRvVGeAF5X_FrcGfzO1v0bI0bY-Kvnb2MeG14xdbK7S9qzpMqUgkI3M32YXnFv15COsTdNGZ87ICaa7yj3C0NkN9Q9VWDkHixSd6LrG5kCvhkwstK1akRIxIj1bx9zkdBoaV9BtnlsJSfe9xv_QsJdOth-gPdZxUUi5fT_PKLdj-SUJU3V5FcTyQwgtxrP-Ykt6qCcqGdiPBUJaNg-Xl_PzsTlqApUStMZ7ULlV_x_Je2h-1vcPugRFrcm023BmyrAgW9dSnO573xjppb_EuAlMR6yFx04EJliyW3tcG1EF2uwgzKIwsH-qPKoa4jxoAVkN_T-xnWTdG_GAXqdmzYKBP7A9nzhvCHDYBAzuG00t3XZooZ5a_9u9bZJzY5n7gcEqNqeqyIG-Jm_9bYRI_t8FlFwLQPq47KOKjzWXh20_7e-9LryOYC4DrYkrTjqEmRuSuGr_I8Y91sAbgVdx8znFWoTYu5-0WJmQsgPICYSinnZOG1UHgAx1T0X2Zo9qvEKQy07gzfOoMMWqv5xFBt4GPsMskgveGs_Yfc45_L5PyrBWYbxeWqXSLi5lvhu43KLq1_yhdi8zF5QIBhRlw-uUnochrd2VAxHHypOIBoLPo-WGafNEAhEPhGXBifhrsvBOc9TcMKXr15Aee6Dqr68OKfdZDAqVbivgqkPQSR-3d--vQpwvved_ZaB38sc7mJRyVTLsyqT0cuq75WhXKfDlTAI3L5d1Oz7pVvPnXdS6WUEZeGznA1mFkZKoIyMGj_WQO9Unh712vBP7ktuPqBjFYys7nk9vxjXdU--7uOFLL-jXtPM2rRWXAfIw_SixP5Ce-zz_G8D04TlwivGHpKTgWnw1Zkx3FZHSD-W06lnNOv3yI7RvFUrg19xoRlj9YC1t0oFMFaaOXvtGlRCievInkytdCi08Mip07o6MgtrhnTL_bvDs_O0s9Hr3awHDvnVqesLv245l389RaFQ9_sL-jbue2RZhTD4v3YNLwY3b-vDR0rHGqUdo3x9gaJLfg8SGFWPY94wsQNtq7i2Dg
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/ Frame 685A 		6 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4856801956de97b41cdd7111e8075bc4fe86fa18c05372a7dd6d73cdbcd819d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1391
date
Mon, 23 Aug 2021 16:22:03 GMT
expires
Tue, 24 Aug 2021 16:22:03 GMT
cache-control
public, max-age=86400
last-modified
Mon, 24 May 2021 16:40:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 20BB 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFmlZRQYLRS14X7DZuBgLtYuDs_37D_C95qJqt75nk5E7gZQvNv4q8DL1u_iF7x4aZi-hZw_0EHM1_1Wc4m1aVNT5NO-Pg8lJk-nNw43stycjBms25nkv5yTwjWJ6HZQJK3axM6RYrx8W1CLe804T2n1T0OPUBLzdivyap2ZupOpvSd9lF6PUfCbfb7cbOV6UTPPxkGHtclBXN0yqHqYFwgpSd6_VcjtDxsPWDnRw7eKlDXPnu9r00dji7J1A7czNMdU0P3xse0u2MREFI6dc_ArEDTMkfTewpz9SlN5e3zp49TRUQnFGEXnIHrIl-yJjUGbNrlfdPYxkFrVCoOS-46kmuRkkw0lwnI3JfpdoMEF-qLCEViNPbg5XRzbXg-_xRT8tuYndxPndyJCLANCvWZpodwlQE6QrNjYQFjLZB9cpwDMVA8X-Pa3YX5O1BxQQxD2CEglUea2huPEFYnW5InesIB-JTTGyzz_Sbbn6ovzVYPgLWSS0jTJ4QhTh1wKe_gi26xRFUKySs4fLysbrwkI1wiy67EnEbjvpjRREOF2x9O9lY-xUA9gA0nMDbJLboDRz-W70ruKb8GCbEj8m77TyaOPbNWFCT3MF-1yIPL2-0l-wKJ-KgN6jbjHXk5cJAyXbOyBBjX6QNW0hBvbbu_HvX9E3kyqVhTSHtHdY3aecWmDjBNmohKf8T6ludPQQAUXb4HCAWVztV23Qvi55pwLHMjnq0JkB1rQZq-iGbBdXvuwfAguGlMjkcl7GdrAUohuT9EmI1KLyOnVM7jxoy_93Y5VsMXmNQoSk7uzviCXOqdEjQ7W4AClZiczDiAqPJWkPSsoWa95gWHKjJVoH5mGHj6wch4J_t1oDPEh6gSFhzHiXi9CFWcmW0v3KTlTKPljwtFk6F6Yp7-Deny1RdBzIcsHl51uY0mHyfOwnHgQzGAGb2xdEiQw-n6qYgZABwzLEFBVbKPM_od4bhnIFqJ5E_dujCFg3Nvp7kxB4l7LhY79E50OUNHq71xNkUSB7M7WWm7sGKmFQHloVWPMbsbLKhDk6F0Qh_isVnwlfMzzkIOF716KC8oEQZ85aMgAFLEz415-0OMmb29Q_T-1hXItTiMIBg_4TNj5XDfFEWxJ8V9_XMiUQmUP16Zg2ARZNGoW48Q9qzKc82oNQXwksYoLDWN83wXl-2n3LQuVrQOgAPNP10HZAEVyKEnm8eFI_-FhYQlu--kT55d8GxpJzC_GFrDAU&sai=AMfl-YRPjpHcaKRC5r1MAg-KqX2VAh6YxVRHePZRztk96hoRppi5IJOaGGlq-oJc5wMi1tGoUg-kniEqQADOplsfJuoI5iJRNZS2U63W6SXeUGxCL7_8qcu9gbaLirB5iBeHCxPAQX0QoRSdaJPHxxPMY8LBEWABrivurdGILXQRdfY0Sh12eY3sxQ&sig=Cg0ArKJSzIG4Sbppsa4BEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=159&cbvp=1&cstd=155&cisv=r20210816.07826&adurl=
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 23 Aug 2021 16:22:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
B20896411.220210114;dc_pre=CMiikNfGx_ICFYUo4AodY20LDw;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=429784044;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=
ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/ Frame 20BB
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/B20896411.220210114;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=429784044;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?%2...
  • https://ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/B20896411.220210114;dc_pre=CMiikNfGx_ICFYUo4AodY20LDw;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=429784044;dc_lat=;dc_rdid=;ta...
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/B20896411.220210114;dc_pre=CMiikNfGx_ICFYUo4AodY20LDw;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=429784044;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?%22BORDER=%220%22HEIGHT=%221%22WIDTH=%221%22ALT=%22Advertisement
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N5716.2176937TRAVELAUDIENCE0/B20896411.220210114;dc_pre=CMiikNfGx_ICFYUo4AodY20LDw;dc_trk_aid=418605151;dc_trk_cid=99469240;ord=429784044;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?%22BORDER=%220%22HEIGHT=%221%22WIDTH=%221%22ALT=%22Advertisement
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 20BB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 07:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32423
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Aug 2022 07:21:40 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7C2B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 23 Aug 2021 11:56:19 GMT
expires
Tue, 24 Aug 2021 11:56:19 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
15944
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 20BB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bdc5e709c9c483c83b67b40f75ef2193ff388b8d8c586de2c530cc1914257d9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 9916 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=564357&asId=bd1176b3-2550-3690-9cf4-7babc2d4115f&tv=%7Bc:m8tkDB,pingTime:-10,time:891,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1629735723837%7C%7C673caa2d7120cea1fde5f2df23ef4266%7C%7C605f01b1409979f1b4f5151f8eefb28a%7C%7C3a4a1343548989e35f784c1a6bef430b%7C%7Cd00d00b0c0d54f3b9124226a4377d000%7C%7C8dff22632d9ad1012151c0b9bbcfb192%7C%7C4a1842813775a7a72d20232103a22ff9%7C%7Ccd645b18f2a5eb786e2bccbbc81de395%7C%7C1629390669,im:%7BpWait:10%7D%7D
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.49.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-49-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:05 GMT
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3E27 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 23 Aug 2021 07:21:40 GMT
expires
Tue, 23 Aug 2022 07:21:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
32423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gwdpage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		55 B
88 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
age
60849
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55
x-xss-protection
0
expires
Mon, 23 Aug 2021 23:27:54 GMT
gwdpagedeck_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		731 B
272 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
gwdimage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		281 B
196 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
gwdgooglead_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		24 B
57 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
age
60849
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24
x-xss-protection
0
expires
Mon, 23 Aug 2021 23:27:54 GMT
gwdtaparea_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		157 B
153 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
gwdvideo_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		388 B
217 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwdvideo_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e66fb907a79a93d3c9813f2f348b42bd1bf6f3bf140331fe57bc7cc30a816246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
179
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
css
fonts.googleapis.com/ Frame 7CAB 		4 KB
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:regular,700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
87e5e6d5eea4dd359d5653e1e448a52c6ea8405acf6c97fc44d50aa6ec48bfc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 16:06:29 GMT
server
ESF
date
Mon, 23 Aug 2021 16:22:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Aug 2021 16:22:03 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6266
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
googbase_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		400 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3168403eabe87c4fa8bf097e63d6409e3e6d15a14825215c27e9e4f1f943c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 7CAB 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 22:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 22:44:00 GMT
gwdpage_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
gwdpagedeck_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74a8b34ddd37ba93b4c8198cebbc858c098de1effdddd63eebf9009d55cc53c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3125
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
gwdimage_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2001
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7CAB 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:22:03 GMT
gwd-events-support.1.0.js
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		2 KB
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwd-events-support.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
687
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
gwdgooglead_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a22c497288d6b312171de3df8ed00831f34a76a52384c1ba9d504e11c98a5f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4408
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
gwdtaparea_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
740d0e2ab785d5697336ecd812e6c6fb5547e741ab78204d93023d08bd274ecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1814
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
gwdvideo_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/gwdvideo_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f94ab680d6a6d6a9f2793b8ad326a91399e93b1da660dec1656bd3ea96716319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3118
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
cb.js
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		2 KB
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/cb.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3155af4abaf96ba3842b403e7972b2562ee7b49df5f940cbb5da7136c07ed45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
736
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:54 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0055 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 23 Aug 2021 07:21:40 GMT
expires
Tue, 23 Aug 2022 07:21:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
32423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/ Frame 685A 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28f5283c180d27f9223bf7d6b98255974fc099c415f9cb49fea5f75b554f4b60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2402
x-xss-protection
0
last-modified
Mon, 24 May 2021 16:40:38 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 12:07:56 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 685A 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 22:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 22:44:00 GMT
logic.js
s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/ Frame 685A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b963251d338ab3ff59bc530a0d31dd6b87e86e4fc2163081e66651534d4400df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 16:31:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85845
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1200
x-xss-protection
0
last-modified
Mon, 24 May 2021 16:40:38 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:31:18 GMT
pixel
cm.g.doubleclick.net/ Frame A051
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEwmPa5UdUjCLF6PeXFNkzM&google_cver=1&google_push=AYg5qPKmsb6AOWU7_KCde0ZNrNvH9Fe2YPn91N-LAvz60Kc4gg6_5gxmiNbhdnaZ89nqJ03yOzX9K...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPKmsb6AOWU7_KCde0ZNrNvH9Fe2YPn91N-LAvz60Kc4gg6_5gxmiNbhdnaZ89nqJ03yOzX9KizPXpzV7qzBqUN24kdN8OT0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPKmsb6AOWU7_KCde0ZNrNvH9Fe2YPn91N-LAvz60Kc4gg6_5gxmiNbhdnaZ89nqJ03yOzX9KizPXpzV7qzBqUN24kdN8OT0
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Aug 2021 16:22:04 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPKmsb6AOWU7_KCde0ZNrNvH9Fe2YPn91N-LAvz60Kc4gg6_5gxmiNbhdnaZ89nqJ03yOzX9KizPXpzV7qzBqUN24kdN8OT0
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
njfdnAH8nRbgkgHRXisAAA==
pixel
cm.g.doubleclick.net/ Frame A051
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOVTbSarg7w9NYtte8idS0c&google_cver=1&google_push=AYg5qPIyoZdVSWMtYsMcbluQLrYbY8a5JjOSLuuv9Xxp3wcwykTQ6x_vHKghKDr1ozSC33vvB7E8d1nD55d_8p...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5OTY2MTY0MDAwNjk1NzIwNQ%3D%3D&google_push=AYg5qPIyoZdVSWMtYsMcbluQLrYbY8a5JjOSLuuv9Xxp3wcwykTQ6x_vHKghKDr1ozSC33vvB7E8d1nD55d_8pV9QF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5OTY2MTY0MDAwNjk1NzIwNQ%3D%3D&google_push=AYg5qPIyoZdVSWMtYsMcbluQLrYbY8a5JjOSLuuv9Xxp3wcwykTQ6x_vHKghKDr1ozSC33vvB7E8d1nD55d_8pV9QFRRuL376Q
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5OTY2MTY0MDAwNjk1NzIwNQ%3D%3D&google_push=AYg5qPIyoZdVSWMtYsMcbluQLrYbY8a5JjOSLuuv9Xxp3wcwykTQ6x_vHKghKDr1ozSC33vvB7E8d1nD55d_8pV9QFRRuL376Q
Date
Mon, 23 Aug 2021 16:22:05 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A051
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEKerypSomrOU-_y2bylDNSU&google_cver=1&google_push=AYg5qPJjSC6DtIrxp5F6O0HKef3dVaPwmqf5btB9DmLgDXqhl7ntdBeZuuP0VRMr42QLUn5fmY6rcB2Yoda...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPJjSC6DtIrxp5F6O0HKef3dVaPwmqf5btB9DmLgDXqhl7ntdBeZuuP0VRMr42QLUn5fmY6rcB2YodayLCBJ165_aIs0hZ1U
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPJjSC6DtIrxp5F6O0HKef3dVaPwmqf5btB9DmLgDXqhl7ntdBeZuuP0VRMr42QLUn5fmY6rcB2YodayLCBJ165_aIs0hZ1U
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPJjSC6DtIrxp5F6O0HKef3dVaPwmqf5btB9DmLgDXqhl7ntdBeZuuP0VRMr42QLUn5fmY6rcB2YodayLCBJ165_aIs0hZ1U
Date
Mon, 23 Aug 2021 16:22:03 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame A051
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEIfg6FKwrqpNXQ1LkEUD3Pg&google_cver=1&google_push=AYg5qPJ40wVJAZCXNXR0qYixELEYXer7AZco-OfuWA9thW_AvzQVR7seHaby2Sze9QxEcMEWifmOt8bR5tvme7RzH2qVSHZEeobU
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=RW5Nd1hyVWNBT3lsNktXN0xNc2pZUQ%3D%3D&google_push=AYg5qPJ40wVJAZCXNXR0qYixELEYXer7AZco-OfuWA9thW_AvzQVR7seHaby2Sze9QxEcMEWifmOt8bR5tvme...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=RW5Nd1hyVWNBT3lsNktXN0xNc2pZUQ%3D%3D&google_push=AYg5qPJ40wVJAZCXNXR0qYixELEYXer7AZco-OfuWA9thW_AvzQVR7seHaby2Sze9QxEcMEWifmOt8bR5tvme7RzH2qVSHZEeobU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=RW5Nd1hyVWNBT3lsNktXN0xNc2pZUQ%3D%3D&google_push=AYg5qPJ40wVJAZCXNXR0qYixELEYXer7AZco-OfuWA9thW_AvzQVR7seHaby2Sze9QxEcMEWifmOt8bR5tvme7RzH2qVSHZEeobU
date
Mon, 23 Aug 2021 16:22:04 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame A051
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBGN8-HkCStJqdJAIIin66o&google_cver=1&google_push=AYg5qPJ6_efzjqzNDbEEAivFqkhZpEFhn_B4DwOTsI94tlh5A2--8euW-KsppirkaxFzutJWG9r...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NPVUtLT08tRi1IRllO&google_push=AYg5qPJ6_efzjqzNDbEEAivFqkhZpEFhn_B4DwOTsI94tlh5A2--8euW-KsppirkaxFzutJWG9r8CDDBKZiZTUJgneSTGsuEbX4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NPVUtLT08tRi1IRllO&google_push=AYg5qPJ6_efzjqzNDbEEAivFqkhZpEFhn_B4DwOTsI94tlh5A2--8euW-KsppirkaxFzutJWG9r8CDDBKZiZTUJgneSTGsuEbX4
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NPVUtLT08tRi1IRllO&google_push=AYg5qPJ6_efzjqzNDbEEAivFqkhZpEFhn_B4DwOTsI94tlh5A2--8euW-KsppirkaxFzutJWG9r8CDDBKZiZTUJgneSTGsuEbX4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame A051
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJf4HvVvyohi0Tak4ebIGqM&google_cver=1&google_push=AYg5qPKrmxtyL8FYlQweUiO-H36yPrHn9AdfBvXOKlSofWsC5I2T4n9XoKFQiExhMo5cYWWikxJnmr-lzmBa-eqj...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKrmxtyL8FYlQweUiO-H36yPrHn9AdfBvXOKlSofWsC5I2T4n9XoKFQiExhMo5cYWWikxJnmr-lzmBa-eqjpu55nDnChEB4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKrmxtyL8FYlQweUiO-H36yPrHn9AdfBvXOKlSofWsC5I2T4n9XoKFQiExhMo5cYWWikxJnmr-lzmBa-eqjpu55nDnChEB4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Aug 2021 16:22:05 GMT
via
1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKrmxtyL8FYlQweUiO-H36yPrHn9AdfBvXOKlSofWsC5I2T4n9XoKFQiExhMo5cYWWikxJnmr-lzmBa-eqjpu55nDnChEB4
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
56N06lVvPFKmFb_abLs41BpYTZvTxEc0AaL1IllUFtBiWk21FWjKqw==
pixel
cm.g.doubleclick.net/ Frame A051
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGJ_RdqmhCOZNDhGF-jDoyo&google_cver=1&google_push=AYg5qPIBtF_JAtcWQlRKKw0an5iNVshm9Dq_pOnAxD1J9qFpZtOsPXIDQKiuuGyvZRcluhzH9FsaPg...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIBtF_JAtcWQlRKKw0an5iNVshm9Dq_pOnAxD1J9qFpZtOsPXIDQKiuuGyvZRcluhzH9FsaPgVRxsKT__aPBVb_irA6hiHB&google_hm=NjUzNDIzNj...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIBtF_JAtcWQlRKKw0an5iNVshm9Dq_pOnAxD1J9qFpZtOsPXIDQKiuuGyvZRcluhzH9FsaPgVRxsKT__aPBVb_irA6hiHB&google_hm=NjUzNDIzNj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIBtF_JAtcWQlRKKw0an5iNVshm9Dq_pOnAxD1J9qFpZtOsPXIDQKiuuGyvZRcluhzH9FsaPgVRxsKT__aPBVb_irA6hiHB&google_hm=NjUzNDIzNjc1OTU2MTg4ODMz&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIBtF_JAtcWQlRKKw0an5iNVshm9Dq_pOnAxD1J9qFpZtOsPXIDQKiuuGyvZRcluhzH9FsaPgVRxsKT__aPBVb_irA6hiHB&google_hm=NjUzNDIzNjc1OTU2MTg4ODMz&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
431
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A051 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbD7FUXMr0IBgs9nyiZD2fbv2nWk9WFbU9kdWYgbnxh8y0kiOJtCAJsPmAtd8h8pkxzHOo
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 7C2B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAsN3dXfK7wXnIQ3yAHw9wA&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAsN3dXfK7wXnIQ3yAHw9wA&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZHRpejJLdFMxTWljSTQ1&google_gid=CAESEAsN3dXfK7wXnIQ3yAHw9wA&google_cver=1&google_push=AYg5qPLtoO3hWqsKWtchfeTUpwdwjKOyQwwSMXAZZYaLE2B...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZHRpejJLdFMxTWljSTQ1&google_gid=CAESEAsN3dXfK7wXnIQ3yAHw9wA&google_cver=1&google_push=AYg5qPLtoO3hWqsKWtchfeTUpwdwjKOyQwwSMXAZZYaLE2B...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZHRpejJLdFMxTWljSTQ1&google_gid=CAESEAsN3dXfK7wXnIQ3yAHw9wA&google_cver=1&google_push=AYg5qPLtoO3hWqsKWtchfeTUpwdwjKOyQwwSMXAZZYaLE2BBLW-1v2gjcUVNrb28nK7nTcPqNKH6TVFnfTwj_qe79zqJbQPadYwy&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZHRpejJLdFMxTWljSTQ1&google_gid=CAESEAsN3dXfK7wXnIQ3yAHw9wA&google_cver=1&google_push=AYg5qPLtoO3hWqsKWtchfeTUpwdwjKOyQwwSMXAZZYaLE2BBLW-1v2gjcUVNrb28nK7nTcPqNKH6TVFnfTwj_qe79zqJbQPadYwy&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
478
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7C2B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENjFIHSXXQ90A1HG6_FWUmQ&google_cver=1&google_push=AYg5qPKbYmNKXoQRWXEHYawdx0s2IQqhWnEJbOkRkUjUuoNcmbrYKy3oUynQFR0Sdzx9qzKpCXkwgfGedKR0oNvL...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKbYmNKXoQRWXEHYawdx0s2IQqhWnEJbOkRkUjUuoNcmbrYKy3oUynQFR0Sdzx9qzKpCXkwgfGedKR0oNvLSQzHIOQ-O_k
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKbYmNKXoQRWXEHYawdx0s2IQqhWnEJbOkRkUjUuoNcmbrYKy3oUynQFR0Sdzx9qzKpCXkwgfGedKR0oNvLSQzHIOQ-O_k
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 23 Aug 2021 16:22:03 GMT
Server
MT3 3853 9552a83 master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKbYmNKXoQRWXEHYawdx0s2IQqhWnEJbOkRkUjUuoNcmbrYKy3oUynQFR0Sdzx9qzKpCXkwgfGedKR0oNvLSQzHIOQ-O_k
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Aug 2021 16:22:02 GMT
pixel
cm.g.doubleclick.net/ Frame 7C2B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVNQTEt3QUVCN19WaUFBNA==&google_gid=CAESEFiIZn1FKoPF1BNwJIudPuM&google_cver=1&google_push=AYg5qPIKol5Dz_RUla0mnmGgGtI5b6y_cn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVNQTEt3QUVCN19WaUFBNA==&google_gid=CAESEFiIZn1FKoPF1BNwJIudPuM&google_cver=1&google_push=AYg5qPIKol5Dz_RUla0mnmGgGtI5b6y_cnZrasSt9vmP153JqqaTw0EWaRvRU4-_7cFifuzSA7322bIy0DA4t6wdfS4W5TjVK76m
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1629735724.024771,VS0,VE0
x-served-by
cache-fra19178-FRA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVNQTEt3QUVCN19WaUFBNA==&google_gid=CAESEFiIZn1FKoPF1BNwJIudPuM&google_cver=1&google_push=AYg5qPIKol5Dz_RUla0mnmGgGtI5b6y_cnZrasSt9vmP153JqqaTw0EWaRvRU4-_7cFifuzSA7322bIy0DA4t6wdfS4W5TjVK76m
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7C2B 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGn1oIJhbZJH2KAPf5JRxRs&google_cver=1&google_push=AYg5qPIFER1GH6VEjGJAV0-DyNwN1PepzhYW067gNnVYVrshaJ9LIBL_MI8DPeEy5EzhnWp6DuJFB3T4etsiSalQypnWgPg8Iwk
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:03 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 7C2B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGdt8fdfxNuv5P9M2HgOvXI&google_cver=1&google_push=AYg5qPKcADUya-f1vCKtfHbvMzL3WbRDO2Kr2-2rSiKAcRnubW63PJUQTox6FXPMNoRpk4GINSYOnVJcCe7BZ...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGdt8fdfxNuv5P9M2HgOvXI&google_push=AYg5qPKcADUya-f1vCKtfHbvMzL3WbRDO2Kr2-2rSiKAcRnubW63PJUQTox6FXPMNoRpk4GINSYOnVJcCe7BZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKcADUya-f1vCKtfHbvMzL3WbRDO2Kr2-2rSiKAcRnubW63PJUQTox6FXPMNoRpk4GINSYOnVJcCe7BZUwobdY0-XvgdWU&google_hm=bURKb1Zvb2NiNnREYzFUN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKcADUya-f1vCKtfHbvMzL3WbRDO2Kr2-2rSiKAcRnubW63PJUQTox6FXPMNoRpk4GINSYOnVJcCe7BZUwobdY0-XvgdWU&google_hm=bURKb1Zvb2NiNnREYzFUNTZJZm0=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 16:22:05 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKcADUya-f1vCKtfHbvMzL3WbRDO2Kr2-2rSiKAcRnubW63PJUQTox6FXPMNoRpk4GINSYOnVJcCe7BZUwobdY0-XvgdWU&google_hm=bURKb1Zvb2NiNnREYzFUNTZJZm0=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7C2B
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uCJ7nelfR4-4BWPjzNqUoQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uCJ7nelfR4-4BWPjzNqUoQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLt1t0TAyGnjmGo2Esn7MICfLF4RNI-_tpRLZrGOFJLOsmaf8ps3G5w1D2-y-Y68bY3S9pWoYqepqM6IUVdEq1j_Z8RhSdA
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uCJ7nelfR4-4BWPjzNqUoQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLt1t0TAyGnjmGo2Esn7MICfLF4RNI-_tpRLZrGOFJLOsmaf8ps3G5w1D2-y-Y68bY3S9pWoYqepqM6IUVdEq1j_Z8RhSdA
date
Mon, 23 Aug 2021 16:22:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7C2B
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEP92h56pQ1lwVD_JkJ2Rp68&google_cver=1&google_push=AYg5qPKSMh_OYoER4EIH6JypIBih2h4eu5AEO5XIkpPziZTiMUZn0yDYRhloqIzKgF1alI6w2rpJJUv7KZlAWu03Uz7SBXA...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKSMh_OYoER4EIH6JypIBih2h4eu5AEO5XIkpPziZTiMUZn0yDYRhloqIzKgF1alI6w2rpJJUv7KZlAWu03Uz7SBXAGpyIUwA&google_hm=MjgyMDU3N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKSMh_OYoER4EIH6JypIBih2h4eu5AEO5XIkpPziZTiMUZn0yDYRhloqIzKgF1alI6w2rpJJUv7KZlAWu03Uz7SBXAGpyIUwA&google_hm=MjgyMDU3NTg4ODIwNDA4MjkyMA==
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKSMh_OYoER4EIH6JypIBih2h4eu5AEO5XIkpPziZTiMUZn0yDYRhloqIzKgF1alI6w2rpJJUv7KZlAWu03Uz7SBXAGpyIUwA&google_hm=MjgyMDU3NTg4ODIwNDA4MjkyMA==
Date
Mon, 23 Aug 2021 16:22:05 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame 7C2B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8rnkSoGseyrvCKtU6cGnLnozdpJILWmKVFlt_xTsFG3jTjbxflXsq_lFLuOkvs_wbZMm4GQ
Requested by
Host: 6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
URL: https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 20BB 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFmlZRQYLRS14X7DZuBgLtYuDs_37D_C95qJqt75nk5E7gZQvNv4q8DL1u_iF7x4aZi-hZw_0EHM1_1Wc4m1aVNT5NO-Pg8lJk-nNw43stycjBms25nkv5yTwjWJ6HZQJK3axM6RYrx8W1CLe804T2n1T0OPUBLzdivyap2ZupOpvSd9lF6PUfCbfb7cbOV6UTPPxkGHtclBXN0yqHqYFwgpSd6_VcjtDxsPWDnRw7eKlDXPnu9r00dji7J1A7czNMdU0P3xse0u2MREFI6dc_ArEDTMkfTewpz9SlN5e3zp49TRUQnFGEXnIHrIl-yJjUGbNrlfdPYxkFrVCoOS-46kmuRkkw0lwnI3JfpdoMEF-qLCEViNPbg5XRzbXg-_xRT8tuYndxPndyJCLANCvWZpodwlQE6QrNjYQFjLZB9cpwDMVA8X-Pa3YX5O1BxQQxD2CEglUea2huPEFYnW5InesIB-JTTGyzz_Sbbn6ovzVYPgLWSS0jTJ4QhTh1wKe_gi26xRFUKySs4fLysbrwkI1wiy67EnEbjvpjRREOF2x9O9lY-xUA9gA0nMDbJLboDRz-W70ruKb8GCbEj8m77TyaOPbNWFCT3MF-1yIPL2-0l-wKJ-KgN6jbjHXk5cJAyXbOyBBjX6QNW0hBvbbu_HvX9E3kyqVhTSHtHdY3aecWmDjBNmohKf8T6ludPQQAUXb4HCAWVztV23Qvi55pwLHMjnq0JkB1rQZq-iGbBdXvuwfAguGlMjkcl7GdrAUohuT9EmI1KLyOnVM7jxoy_93Y5VsMXmNQoSk7uzviCXOqdEjQ7W4AClZiczDiAqPJWkPSsoWa95gWHKjJVoH5mGHj6wch4J_t1oDPEh6gSFhzHiXi9CFWcmW0v3KTlTKPljwtFk6F6Yp7-Deny1RdBzIcsHl51uY0mHyfOwnHgQzGAGb2xdEiQw-n6qYgZABwzLEFBVbKPM_od4bhnIFqJ5E_dujCFg3Nvp7kxB4l7LhY79E50OUNHq71xNkUSB7M7WWm7sGKmFQHloVWPMbsbLKhDk6F0Qh_isVnwlfMzzkIOF716KC8oEQZ85aMgAFLEz415-0OMmb29Q_T-1hXItTiMIBg_4TNj5XDfFEWxJ8V9_XMiUQmUP16Zg2ARZNGoW48Q9qzKc82oNQXwksYoLDWN83wXl-2n3LQuVrQOgAPNP10HZAEVyKEnm8eFI_-FhYQlu--kT55d8GxpJzC_GFrDAU&sai=AMfl-YRPjpHcaKRC5r1MAg-KqX2VAh6YxVRHePZRztk96hoRppi5IJOaGGlq-oJc5wMi1tGoUg-kniEqQADOplsfJuoI5iJRNZS2U63W6SXeUGxCL7_8qcu9gbaLirB5iBeHCxPAQX0QoRSdaJPHxxPMY8LBEWABrivurdGILXQRdfY0Sh12eY3sxQ&sig=Cg0ArKJSzIG4Sbppsa4BEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=468&vt=11&dtpt=309&dett=3&cstd=155&cisv=r20210816.07826&adurl=
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ Frame 7CAB 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:29:56 GMT
x-content-type-options
nosniff
age
575528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:29:56 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ Frame 7CAB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:29:56 GMT
x-content-type-options
nosniff
age
575528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:29:56 GMT
dobraslab-book-webfont.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/dobraslab-book-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 10:21:35 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
age
21629
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28524
x-xss-protection
0
expires
Tue, 24 Aug 2021 10:21:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 685A 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d5605c873d4341f3a40f3d9aed6f3fb5d9b381b229c2db15cb23ca525d59d65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4320
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7CAB 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
074c5ad0e9bcaba915f0248625e8be0aca92b720b9ab9592611d1548a0438159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4468
x-xss-protection
0
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 9916 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:04:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/ Frame 9916 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/564357/54904813/xbbe/creative/adj?p=APEucNWCLq93jJridOGtuvINwi1SYqVW5wYW94wMkk13A9Yi9NIpMb0&d=CnkAoCZ_4FTw9hpVrOvuqyEjgAXSlc7Nfe5KCO27Pz53jCQKG62lb5yS80wLB6cogA09Lzdb2mDkOf7uH9lk0vTsII7LKZRGya1QkdLFOg0thbXVUjbxAYHxciEwjgH-IR25KhITiojzsZduHKQGOleIPAQHOkvCgNXNEqkTAKAmf-CsqwUUlTDaEIsZia5_iczUGjUkJiwOQ1_1ipubX_EAlm1Od6MVcFq3RW3z6ke9eNV0Nt3fPoSaiid3ug4X3Rw8QiFNV-linMwnflpoBrWH-Q_nEXp-JoUrjZqiojJT-GoS5GONhFGUhhneBErfzofmc5WJYS4oTEi8Km6Z__j0jCPOgfUq0BeqmufiK3tRrmxZBbEz5ndDexTttZz7R0uHBXeRQaikng46B9yPIZf70EgNe9L4DG4Lnkt8Jm-7FZTjr5R9-FHPYNxx8NxEzGrLkxd8sKDojRXhlhWRItd0PmDjn6YvDTQnlmXsMu-SWDzIJQ_an1t2a_2qqJ0qFvhd_FNK-nrdkuStqkkST2p1QIbzMItSg3dObzyeYVMOdFoDej2iy3Wj8WnxL3yeQGDd1PtoHljatTXklhcrKQty0kaLoBLBHvHH_JnV-2tZj3Kd17bbyPKl-3QfsRi9c7LxBkibri8Pkn3sard_oGhf4hJT5CZSiRSSGZzxbN9yUJbV6XFrJCB45w5goAg52pqMtB3v1vf4tNBOk-KNoPGlXBUgUR2ta4d4zddpi_pzuoNJzMWi5SirW5mMwgrJZOJNKdPxN37rt4Eqm9_DwqIBgA_mVm7aVt0BjSK7ltvDFuaIGYfiF52GoFZCJ9dCClbabmMLzGQGCDpM11dR5YlNsw_hy4iy1K5J8lHzWzO26AwysSh7_OtCuwubnKYCitVwveoze3-ny2g_IBaFja1xK57p4syxuTUlTsWmBlgmtb4of2d1aQeN8XQEBeobDgmSM_v3BbCabTaWgToZFlJHGrC8cr0r7fpEsXwEoA-1gixAExjgphJCNSJiOxhXo5wEqwCa7QhedrrlKGE23lszbiywlnnWDbUur-_aF7wsy12aWGoXnROuGoIzOfArgTSPz8yyhU4JmHHCY0s9pGn5RzkGXT_T6w3r43LkPKYgjmXEZv9hjIZN0mWDsO1nJz-vWvAD5TuvIr9zGOEcdB1XajE7Ks4p7WAMhN9nVc8Nt3LE0TReMzAlKuUZ5ibJc_1f6V_M-Dko5glTgjXnthX5RdTzXQnxn4nEObxYUfTfmlquW2G7fMJJOFWU_soigV1V_Hi8hgp6N6pQvsy_IXvT15nFpN6b_9TdhezekgucFkdT5xGfMIoGgvWrBIaI3Y1yw7vHjUiZNK3PF9zZAkX9-qiCCEO5QinlzSw5xN2g8tuffch7qZ9k6pt7DBYMx1-ltLs-QEU2sjgdMnZM2lveOA_c5134DglegLjA-HlNdfMEnPIYlGoz4Dq3cCEGsRTlIjyICcy6DzZ9vG97LXtcsaJjzSmMp0x0UKsvI7-f5TNx0LtSwre9Virau3gBUeh2lMCjKvdLBl9ekAUEAY1OiD3XlZsMyXRGSQAq_0_ry0-4FCN6hH6i1i-N1NmA3RFIDP0fFEqPJEvpW-tMKTPWEalyBZmMwnPNnWfrLVeyJWZeS0ah5Luof0uis5EEIEAfNvoE3YwLQ2amnkrdcnurRwIyS8j6Pd1N67AnQolFlEJIBd4SjEASuudcC_WRfRdtoJy31MftIzNSvX6mMKhffa0WYAuhzLcJupazFRdK8y_GNnHVc809_M65W6MDlYMqg6RD9JPZM9Zi_gFwd2BAA0vaPoC4ykGqgV-JU6UX-SQjZWxdGJmvOzgodbi0A8PFQjGkIqH3Aoj4NVO4VinmFIMuMszACPRxtnDOPRT_ZFfyjsnyU2ehLx_A-ub_NvAJIyAPSh6BYiI0Q-RCs2FPoK1AdcPQUIMbNCFQ221Cu0t0g1h-M4sM7LLOXrq3msT3kMDoaFuZiDH1H5AO8-1OEa5uT75SAouJo5P8p1WyBrZSzIegTRVBWjw1JY1sxink5zgEvm0TB1iBDU-a6ALLTxUb9vu7bQUW7M3_jiqMzSeW9YTp6oksrPCyPY0AWs3ITS7AmwNHDpVtuQVZiP3u9pZHE3Y_LoYpUnONjWVJiNwuYhJvPzibUil960pN4Ga07Z579chaOEntgvev6gdVqADS9EdqVLk_ZENT8EpfXEam5YfPnmEF7SqhVKXecpLHiXD3-JPKXQMo-DYF598qutj9_urnFQ_nQfK3vHPKYJBxYqaXYpNDh7h9odn63aIrDys8WrYeA99aY4F0ti7GiwCZ5gid_-iJF6Oy9qF7DmdajXJTEPbQWHoMaUg9zQPrQwMd7IxH7ZtDU6mOS4rqyFAuv_0btAK2-ngnTYsWPaaz2JmxOrF1rhTLVJEIn-6tuOFTbApWpe_tQiGgj1YwmBCInKScxCPk2Fc_GZe15EQD_hJxOlmppzOLDyCLzLQOkUn14jwsvEXb6k1eikwH8WN6j8THGBgWsImJ3kn-5WEn8s6g1V4WVv_WoF7_LmCh551kK7D38yQ5zqNoJcV2iqI4mLKtbPYmXNnpB-C46K-rf2j5Gxv0WgzZqvOjKnrAxgNwSFkiIMU6VUUbo9CD9dP4Dc6_BYD4JSwWtmCKNiN9BUeJ6pzEgcGlye7-wduSEw9Re35bQyj1SGGDSf5U4l_AC4qCl634R1OmrzQfHczohdRbpSWKL1yYpsqINZVgfU4NuaJzGi1wtHmY9UntaL9Ahsq2tBh-RRB-lwYtOdp0NI-XTJsKPAljHNb423rFUjOUyTE5l9VumURlfIGxVNXDJ3ybrfnnu4l3v9JGD6j3phP5_ywjcWOr9kxGnLuIkvB0mhOPtVvTL5Puqr4WNO_GN-5Dqi9UBUplu48pmgNFaPBwdLDBeRc1LjCSJBJfrH-VGhLBFcmS63erQrXpyGMr8RbRVVmiBpSA9VaiAS4tczZzpL1L0dW5IWeGP1U1fjMZz8ni1eeG9mRUZrVPmfo7S4xxX2_RNyTGGtt7i6jHuj0sA2Hcc9s8kE7DM0Kcu_zeCtCQfYHA_YGSeGrU40QzIawp1zx1qzY245vzknr0dGRmgzl46YXwsvIVqYchQNb9snv9NjABZOpE_LNZXOByQQrd2CRfmHELK6nDp5V2LPJf4Sx8WYR8RY-1jVDe2FSiqYt27L3utRIwuzqLC4AXlEBNBlHZZSsgds-ExzeioZzb4mglm0SZcHey4sKvXBLWtL-EqUyJ7BrdKKn0Fe1BVDzgZ1i45yRbnS303gsB-5B2Lpp-iVjkNoVWIL8e8AnfUC4cmGav0nWSqAAUotnsDhjUmcZmiBAoO7kKBSLw20MMgo_FXgwj11tPUTEhZQldHjt-RCPqk_2D4H1TOBKyVx_u5HRNFvY5fLvEQbOsLT3rA02pXaZGayYTUJzgR9jvmBoZCAASFeRorY-KNMlzO14xAl2LB_XlLTSTXmAB&adsafe_url=https%3A%2F%2Faskleo.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bd1176b3-2550-3690-9cf4-7babc2d4115f,c:m8tkqW,sl:na,em:true,fr:false,mn:app04ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:sGVD0ry+11%7C12%7C131%7C132%7C133%7C14%7C15%7C161%7C162%7C163%7C164%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1a6%7C1a7%7C1a8%7C1a9%7C1aa%7C1ab%7C1ac%7C1ad%7C1b1%7C1c*.564357-54904813%7C1c1%7C1c21,idMap:1c*,rp:s,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:107,oid:3fe0da62-042e-11ec-a64f-061b2abdf756,v:19.8.234,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:21:48 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 9916 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/564357/54904813/xbbe/creative/adj?p=APEucNWCLq93jJridOGtuvINwi1SYqVW5wYW94wMkk13A9Yi9NIpMb0&d=CnkAoCZ_4FTw9hpVrOvuqyEjgAXSlc7Nfe5KCO27Pz53jCQKG62lb5yS80wLB6cogA09Lzdb2mDkOf7uH9lk0vTsII7LKZRGya1QkdLFOg0thbXVUjbxAYHxciEwjgH-IR25KhITiojzsZduHKQGOleIPAQHOkvCgNXNEqkTAKAmf-CsqwUUlTDaEIsZia5_iczUGjUkJiwOQ1_1ipubX_EAlm1Od6MVcFq3RW3z6ke9eNV0Nt3fPoSaiid3ug4X3Rw8QiFNV-linMwnflpoBrWH-Q_nEXp-JoUrjZqiojJT-GoS5GONhFGUhhneBErfzofmc5WJYS4oTEi8Km6Z__j0jCPOgfUq0BeqmufiK3tRrmxZBbEz5ndDexTttZz7R0uHBXeRQaikng46B9yPIZf70EgNe9L4DG4Lnkt8Jm-7FZTjr5R9-FHPYNxx8NxEzGrLkxd8sKDojRXhlhWRItd0PmDjn6YvDTQnlmXsMu-SWDzIJQ_an1t2a_2qqJ0qFvhd_FNK-nrdkuStqkkST2p1QIbzMItSg3dObzyeYVMOdFoDej2iy3Wj8WnxL3yeQGDd1PtoHljatTXklhcrKQty0kaLoBLBHvHH_JnV-2tZj3Kd17bbyPKl-3QfsRi9c7LxBkibri8Pkn3sard_oGhf4hJT5CZSiRSSGZzxbN9yUJbV6XFrJCB45w5goAg52pqMtB3v1vf4tNBOk-KNoPGlXBUgUR2ta4d4zddpi_pzuoNJzMWi5SirW5mMwgrJZOJNKdPxN37rt4Eqm9_DwqIBgA_mVm7aVt0BjSK7ltvDFuaIGYfiF52GoFZCJ9dCClbabmMLzGQGCDpM11dR5YlNsw_hy4iy1K5J8lHzWzO26AwysSh7_OtCuwubnKYCitVwveoze3-ny2g_IBaFja1xK57p4syxuTUlTsWmBlgmtb4of2d1aQeN8XQEBeobDgmSM_v3BbCabTaWgToZFlJHGrC8cr0r7fpEsXwEoA-1gixAExjgphJCNSJiOxhXo5wEqwCa7QhedrrlKGE23lszbiywlnnWDbUur-_aF7wsy12aWGoXnROuGoIzOfArgTSPz8yyhU4JmHHCY0s9pGn5RzkGXT_T6w3r43LkPKYgjmXEZv9hjIZN0mWDsO1nJz-vWvAD5TuvIr9zGOEcdB1XajE7Ks4p7WAMhN9nVc8Nt3LE0TReMzAlKuUZ5ibJc_1f6V_M-Dko5glTgjXnthX5RdTzXQnxn4nEObxYUfTfmlquW2G7fMJJOFWU_soigV1V_Hi8hgp6N6pQvsy_IXvT15nFpN6b_9TdhezekgucFkdT5xGfMIoGgvWrBIaI3Y1yw7vHjUiZNK3PF9zZAkX9-qiCCEO5QinlzSw5xN2g8tuffch7qZ9k6pt7DBYMx1-ltLs-QEU2sjgdMnZM2lveOA_c5134DglegLjA-HlNdfMEnPIYlGoz4Dq3cCEGsRTlIjyICcy6DzZ9vG97LXtcsaJjzSmMp0x0UKsvI7-f5TNx0LtSwre9Virau3gBUeh2lMCjKvdLBl9ekAUEAY1OiD3XlZsMyXRGSQAq_0_ry0-4FCN6hH6i1i-N1NmA3RFIDP0fFEqPJEvpW-tMKTPWEalyBZmMwnPNnWfrLVeyJWZeS0ah5Luof0uis5EEIEAfNvoE3YwLQ2amnkrdcnurRwIyS8j6Pd1N67AnQolFlEJIBd4SjEASuudcC_WRfRdtoJy31MftIzNSvX6mMKhffa0WYAuhzLcJupazFRdK8y_GNnHVc809_M65W6MDlYMqg6RD9JPZM9Zi_gFwd2BAA0vaPoC4ykGqgV-JU6UX-SQjZWxdGJmvOzgodbi0A8PFQjGkIqH3Aoj4NVO4VinmFIMuMszACPRxtnDOPRT_ZFfyjsnyU2ehLx_A-ub_NvAJIyAPSh6BYiI0Q-RCs2FPoK1AdcPQUIMbNCFQ221Cu0t0g1h-M4sM7LLOXrq3msT3kMDoaFuZiDH1H5AO8-1OEa5uT75SAouJo5P8p1WyBrZSzIegTRVBWjw1JY1sxink5zgEvm0TB1iBDU-a6ALLTxUb9vu7bQUW7M3_jiqMzSeW9YTp6oksrPCyPY0AWs3ITS7AmwNHDpVtuQVZiP3u9pZHE3Y_LoYpUnONjWVJiNwuYhJvPzibUil960pN4Ga07Z579chaOEntgvev6gdVqADS9EdqVLk_ZENT8EpfXEam5YfPnmEF7SqhVKXecpLHiXD3-JPKXQMo-DYF598qutj9_urnFQ_nQfK3vHPKYJBxYqaXYpNDh7h9odn63aIrDys8WrYeA99aY4F0ti7GiwCZ5gid_-iJF6Oy9qF7DmdajXJTEPbQWHoMaUg9zQPrQwMd7IxH7ZtDU6mOS4rqyFAuv_0btAK2-ngnTYsWPaaz2JmxOrF1rhTLVJEIn-6tuOFTbApWpe_tQiGgj1YwmBCInKScxCPk2Fc_GZe15EQD_hJxOlmppzOLDyCLzLQOkUn14jwsvEXb6k1eikwH8WN6j8THGBgWsImJ3kn-5WEn8s6g1V4WVv_WoF7_LmCh551kK7D38yQ5zqNoJcV2iqI4mLKtbPYmXNnpB-C46K-rf2j5Gxv0WgzZqvOjKnrAxgNwSFkiIMU6VUUbo9CD9dP4Dc6_BYD4JSwWtmCKNiN9BUeJ6pzEgcGlye7-wduSEw9Re35bQyj1SGGDSf5U4l_AC4qCl634R1OmrzQfHczohdRbpSWKL1yYpsqINZVgfU4NuaJzGi1wtHmY9UntaL9Ahsq2tBh-RRB-lwYtOdp0NI-XTJsKPAljHNb423rFUjOUyTE5l9VumURlfIGxVNXDJ3ybrfnnu4l3v9JGD6j3phP5_ywjcWOr9kxGnLuIkvB0mhOPtVvTL5Puqr4WNO_GN-5Dqi9UBUplu48pmgNFaPBwdLDBeRc1LjCSJBJfrH-VGhLBFcmS63erQrXpyGMr8RbRVVmiBpSA9VaiAS4tczZzpL1L0dW5IWeGP1U1fjMZz8ni1eeG9mRUZrVPmfo7S4xxX2_RNyTGGtt7i6jHuj0sA2Hcc9s8kE7DM0Kcu_zeCtCQfYHA_YGSeGrU40QzIawp1zx1qzY245vzknr0dGRmgzl46YXwsvIVqYchQNb9snv9NjABZOpE_LNZXOByQQrd2CRfmHELK6nDp5V2LPJf4Sx8WYR8RY-1jVDe2FSiqYt27L3utRIwuzqLC4AXlEBNBlHZZSsgds-ExzeioZzb4mglm0SZcHey4sKvXBLWtL-EqUyJ7BrdKKn0Fe1BVDzgZ1i45yRbnS303gsB-5B2Lpp-iVjkNoVWIL8e8AnfUC4cmGav0nWSqAAUotnsDhjUmcZmiBAoO7kKBSLw20MMgo_FXgwj11tPUTEhZQldHjt-RCPqk_2D4H1TOBKyVx_u5HRNFvY5fLvEQbOsLT3rA02pXaZGayYTUJzgR9jvmBoZCAASFeRorY-KNMlzO14xAl2LB_XlLTSTXmAB&adsafe_url=https%3A%2F%2Faskleo.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bd1176b3-2550-3690-9cf4-7babc2d4115f,c:m8tkqW,sl:na,em:true,fr:false,mn:app04ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:sGVD0ry+11%7C12%7C131%7C132%7C133%7C14%7C15%7C161%7C162%7C163%7C164%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1a6%7C1a7%7C1a8%7C1a9%7C1aa%7C1ab%7C1ac%7C1ad%7C1b1%7C1c*.564357-54904813%7C1c1%7C1c21,idMap:1c*,rp:s,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:107,oid:3fe0da62-042e-11ec-a64f-061b2abdf756,v:19.8.234,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
822
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9341
x-xss-protection
0
server
cafe
etag
177112232901409761
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 16:08:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 66B0 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssm-G-etAVisbh0rK02Jk729QQ0WK6FOqQ7_KtO2wjX152o6N3KNWun7irgWs9MishtXdPrGwXu_raKLAgpcSOQv2fwh6UQeUIHLsapA_hLwh_4PqofRPdNZUA2RbNwp_QeE-wDzPnyBm3rxLw7clja1pMYQ4eaXUnT8s74G9syRBCCRBllmOII9OUWgDA-WLAQPsP4QLaw5RQG9OP75KoC7qYM9JVL3w07lKH9W7A_Ryjc-D3RYLVi1umA50LkmW2drO5iyHko6x-rUA0Tf7SuLFvib1M12c3lbYScyuNapIX-tt_tHnXEa0flZTn80n0Iv2FvzqhI3xAePv0OuQMlxCZs_yco34Q_b_uTZ8789U9kHDowlngiqUxC19qBac89biOJnqzeYH0kpmQtbX8HOYZLyUM5ySzbVMPIAWRDEUlhgCQKkGGTtmZ5C8T8WkN1_QXwVGjtSmOflcNppsMjNCtt7kz7VfAy8VhHOAC8bSULt3FlHSy45K22XVsdvEPIcXHf00ZCidXLnT2yXVIALRYiPFProAVu9zsHbt_GIyVWqonpJRUbZnOrzp4Pd5GuliQA_FVPNzuWH5WwGP1PVaCYp1H6fJAEoOEhhoExx4U9twhLYDeBTfGBKI-HOholOL16IeETeLXh4AN_FDMf-Qa_xJQuhg3Ww88d3Ajz0570qbk2dm5wyEW_op8PkP75QDE3OUCPrg4It4J6dz3vwk8sxYEVHVq3R32lSIZI-I2EYdWPuzXqUEYd5VpmrEhF2NqM8PiFdrIckE2Ntg2fkZ2Pd-XFtFPQ-2qF_S_LBVLAZAmuKUt73Yui4lA8VTsN4mNvvUG-TsKp8byt-xqWUvSOi3fjcSG3Q5CNfiyi8ldsr37ZZQ_y45KpdgMBztRmCbs14qdcTaueLQ9IE2OjOZ_UE3JguM2fKpeKa8pDBmRv7Q5yBQGm_uybXY6G_p2sOmmapkhm7q-dV8TqB5HPz9wQotfwKv1ny7lB9q6Bj9XGnGLBOYarpWLw5Q6D-NMQRM_lUHVe0HHoZ1pfIlaOhP3fpmfLLhM872vhM0XAai5LAUG1C3LrxXAPmWxK3sDma4jzo9FNOFvV4nK4RAozxqht_gJY_FZRMI6uNrcfDjvVt4Pgi0-skTZqMvcC_7gASp-LXtHlpaRyTlYFrQlMxOUYW7FjAXTt0H6ZPuKBvu1fCPofqOtlV7GZjNUNXT7zV1Pl1mDF&sai=AMfl-YRqNbK7jN5uPvTHoNyg13ef2V54oHBC4M6Oh5IRdccxpXXj_IjCLdUz9fceXxAuefYLsYWqa6XMGbo5B0eEnmRD5R-krkz-krW9Kurub7k5yV8HsYUYWOwRhs2-hPnqphma5TJkNntDJHg9SCuGtiLFEuCRSg&sig=Cg0ArKJSzMqUalxfY_R0EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=581&vt=11&dtpt=497&dett=3&cstd=80&cisv=r20210816.44334&adurl=
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
army.gif
askleo.com/porpoiseant/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzIiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTBfMiIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzcifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8yIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzIiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTBfMiIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzcifV0sImlzX29yaWciOmZhbHNlfV0=
pragma
no-cache
cookie
__gads=ID=46e75b5ba7a874e1:T=1629735722:S=ALNI_Mb7I1GsHqct32winK6fFLA6bvJa7g; ezouspvh=26; ezouspvv=52; ezouspva=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:04 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:22:03 UTC
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 685A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:22:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7CAB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:22:04 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 3E27 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 15:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
2546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 15:39:38 GMT
index.html
s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/ Frame 88E4 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b5b12e027b420bd331b1b8852728cf67bee7812cab232102217fce7ff8f91f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
1782
date
Mon, 23 Aug 2021 06:27:38 GMT
expires
Tue, 24 Aug 2021 06:27:38 GMT
last-modified
Wed, 23 Dec 2020 11:26:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
35666
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 9916 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuT0hqLTXboNeqL_SjmyVbyDWuQF8cm9oQhMhv39rLGjiYmfSZxj9l762sK15fhM7HKmGBoo3PwwGzgNMbkli0bWdDw42J5z2AZoAXV32lDafxH0gqzjwhI1ZWIajA&sai=AMfl-YRVcznYycwXIF-TJMCMa2f0OvqX3TQNEGHY2xjCoh9V55qg_jg2SK2dB_peBGR-elKhxcsSuqQyxNA2JDLdwq1pREb2W1mLF1XK1iM&sig=Cg0ArKJSzC6E02k54hZeEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=119&cbvp=1&cstd=115&cisv=r20210816.47722&adurl=
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 0055 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 15:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
2546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 15:39:38 GMT
dynamicBuilder.min.js
s0.2mdn.net/creatives/assets/1951882/ Frame 685A 		9 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1400
x-xss-protection
0
last-modified
Wed, 04 Apr 2018 17:00:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:30:10 GMT
300x250_AR.png
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/300x250_AR.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c4ec7ec7ea4f686b74aeeb0c33cafc252f2d9fdebf324107cc8833deada9b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
age
60849
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22438
x-xss-protection
0
expires
Mon, 23 Aug 2021 23:27:55 GMT
brandlogo-white.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		1 KB
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/brandlogo-white.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32dc6aceaea29998363bfd9d584a440a132bd0435332e0b8b9ad8f31ffd5b8c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
804
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:55 GMT
CB-logo.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/CB-logo.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75dcc7e301b57af3cc353fbf1ed719734702f233e3c2a132c1bda213e048a59e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1514
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 14:11:03 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 23:27:55 GMT
room.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/ Frame 7CAB 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/room.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d986c26f5304c48aba12ffcc13078c4ce6c31c48fe00634d1b8b7839ce0856e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 23:27:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Mar 2021 14:11:04 GMT
server
sffe
age
60849
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
174847
x-xss-protection
0
expires
Mon, 23 Aug 2021 23:27:55 GMT
truncated
/ Frame 9916 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba9c5082b16c9f74ef556bbd5e1c44acddcfcce3094001176133665330093ed9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
file.mp4
r1---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/c55bf449626797d8/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3759401616/sparams/acao,expire,id,ip,ipb... Frame 7CAB
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/c55bf449626797d8/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3759401616/sparams/id,itag,source,ratebypass,m...
  • https://r1---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/c55bf449626797d8/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3759401616/sparams/acao,expire,i...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/c55bf449626797d8/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3759401616/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/4313889120B9A30CC14F500783B1C24374A0E1BA.54DCC59214552C876ACB0DAFE8F8F2ADB2E097D5/key/cms1/cms_redirect/yes/mh/xD/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1629735393/mv/m/mvi/1/pl/50/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:62::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
858a61e1828014e52cc734fa30cbf3c2edd8bcdb7d77ec902d4eaf91f64d4fe2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 16:22:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 05 Mar 2021 14:07:34 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1277856/1277857
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1277857
Expires
Mon, 23 Aug 2021 16:22:04 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:04 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/c55bf449626797d8/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3759401616/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/4313889120B9A30CC14F500783B1C24374A0E1BA.54DCC59214552C876ACB0DAFE8F8F2ADB2E097D5/key/cms1/cms_redirect/yes/mh/xD/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1629735393/mv/m/mvi/1/pl/50/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
681
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 1681 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 15:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
2546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 15:39:38 GMT
9008038092360765102.json
s0.2mdn.net/creatives/assets/3948419/ Frame 685A 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3948419/9008038092360765102.json
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82d931e3e1d39b1e7029328eb9fd764f5c078c0d2af110c8b0dcc320d3295b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2407
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 10:46:27 GMT
server
sffe
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Aug 2021 16:37:04 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 0816 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 15:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
2546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 15:39:38 GMT
prod_studio_01_245_videomodule.js
s0.2mdn.net/879366/ Frame 7CAB 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_245_videomodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236888a9bde0a1cabbd288498b6ba4fb3f4ec7119d2d06666a5a48a82f51f042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61676917/20210305061103818/index.html?e=69&leftOffset=0&topOffset=0&c=N7HJPE202w&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 07:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4849
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 07:53:13 GMT
styles.css
s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/styles/ Frame 88E4 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/styles/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b49dd04d93efe931ac1a3795acf0ff6bc4aad86b416596cf87d93373fa063bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 06:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1226
x-xss-protection
0
last-modified
Wed, 23 Dec 2020 11:26:14 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 24 Aug 2021 06:27:38 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/ Frame 88E4 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/TweenLite.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cc6f6eef6a5856aeb3a6bd1e3e5d46c4c08e50d749d8c044f120f10bc2d63cd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
418562
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8823
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-6bb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49%2B8Jnetvp0UYrMrnOxcMQoMLlVLOF6CKkpSmGBvSpJWgqgnbf%2FuUcJHhvc6hLz08x4hyoIe7dVIGC6V37%2FURBEvWo7NzNUP3dh4q0GH3rTnG6P%2Fh53nh6LsdDjLA1HPE4uZAtKAZXGbahkjna%2FpAs2e"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6835ad76784c2c4a-FRA
expires
Sat, 13 Aug 2022 16:22:04 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/easing/ Frame 88E4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/easing/EasePack.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b28ed0d85790996c5ba8b672133fdd131e72085d657da84842aaedfa049aa7aa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1011180
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1807
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-155b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APoGqoHqimL0R6c5fvh6eA72sDMMG4M9VyFoiNwW5TrywsW1zIehPVWDMsHUEgpOu9tCjvH7KsVitrGU3xQ53depxC2z5vkfx2SAwvOUyvovLXhnGcnGSyJ%2BCCwUPgCHVIBGTTrwW9xdTZZtolx8bs8F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6835ad76784f2c4a-FRA
expires
Sat, 13 Aug 2022 16:22:04 GMT
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/plugins/ Frame 88E4 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/plugins/CSSPlugin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24ece61e45e94bcb16969dc25b12dd94cc0c4ef9a968bd524b36d1388141cb4a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1182234
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
14328
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-a170"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3sN%2FmWrvZBGNI5HDSX3NhT0dePtJwNlXqZ2xkFOU2DCijqY1UV4uF%2BUaMJMriyeoFWi74EANKbUVWTJYms5a3jDvR%2BD2n8ntj7K1nzBmjDd%2BbcaD526Velhbk6tAPH9zvy7kExolEGBnCMgXaRKmwrM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6835ad7678502c4a-FRA
expires
Sat, 13 Aug 2022 16:22:04 GMT
main.js
s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/js/ Frame 88E4 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/js/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4904e0d616ecf48cd9ce781e89e9bd299be7d6bc97bdad36f799bf9b71f9e003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 06:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1432
x-xss-protection
0
last-modified
Wed, 23 Dec 2020 11:26:14 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 24 Aug 2021 06:27:38 GMT
img_frame01.jpg
s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/ Frame 88E4 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/img_frame01.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e7225369190a58c13e47300b33df93f31b5de1f8cd6dd5c6dcf8bfbdcc5e8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 06:27:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Dec 2020 11:26:14 GMT
server
sffe
age
35666
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113262
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:27:38 GMT
img_frame02.jpg
s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/ Frame 88E4 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/img_frame02.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2e2a6708fda2c74c99c71bc139c88e4a60cf0413169bb47b84014d675f85ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 06:27:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Dec 2020 11:26:14 GMT
server
sffe
age
35666
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113864
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:27:38 GMT
noImage.png
s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/ Frame 88E4 		95 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/noImage.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f564cf133cfc26e10d80a745642081f4999ce7881c86b84814f168c88a9023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 06:27:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Dec 2020 11:26:14 GMT
server
sffe
age
35666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:27:38 GMT
bg.jpg
s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/ Frame 88E4 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8082c5c154c7f8477a5ec84e5d746701470627b736199dba9aba77a56acd4208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 06:27:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Dec 2020 11:26:14 GMT
server
sffe
age
35666
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8617
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:27:38 GMT
product.png
s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/ Frame 88E4 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/product.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6af3acde27cc9101ecad088c6ca0e8bf6fc38c57c8396eb50292411c6ef0bf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 06:27:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Dec 2020 11:26:14 GMT
server
sffe
age
35666
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203516
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:27:38 GMT
retro.png
s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/ Frame 88E4 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/retro.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebaac62f6845b155b77df52bdf3cc185a47f5950323986b05bbfbf35d014daea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 06:27:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Dec 2020 11:26:14 GMT
server
sffe
age
35666
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57388
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:27:38 GMT
round.png
s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/ Frame 88E4 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/round.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1466ed5d9fb3024474ba1438ea710ae0d7eb8d94a80c9e5e2e65efd0a447b97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 06:27:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Dec 2020 11:26:14 GMT
server
sffe
age
35666
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22310
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:27:38 GMT
Logo-Philips.png
s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/ Frame 88E4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/Logo-Philips.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc383abcabd010595dad41eae73bc786a0838d63b8d0dfcc5fe995f562d677b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 06:27:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Dec 2020 11:26:14 GMT
server
sffe
age
35666
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7457
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:27:38 GMT
Brandline.png
s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/ Frame 88E4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/images/Brandline.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da6c8ebf400f669fb77b5609732959c1401f6d92362d302595862a6c5506af0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 06:27:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Dec 2020 11:26:14 GMT
server
sffe
age
35666
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7164
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:27:38 GMT
098df7e508117552337f7ef680e89725.jpg
s0.2mdn.net/creatives/assets/3948419/ Frame 685A 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3948419/098df7e508117552337f7ef680e89725.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8e3d6a2882b2f244219c4f7264e812bdcf5410c1379268513fab16be1958dca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:10:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 13:59:39 GMT
server
sffe
age
724
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
150080
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:25:00 GMT
f65e966bcdc5b11ac96f18e6360523f9.png
s0.2mdn.net/creatives/assets/3948419/ Frame 685A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3948419/f65e966bcdc5b11ac96f18e6360523f9.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83b6392647b173ff74f52a012934f86945c64c18f4fe5a053955575b3eae2ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:10:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 09:29:38 GMT
server
sffe
age
697
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1696
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:25:27 GMT
transparent.png
s0.2mdn.net/creatives/assets/3948419/ Frame 685A 		68 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3948419/transparent.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:07:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Nov 2020 17:35:19 GMT
server
sffe
age
870
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:22:34 GMT
eedfc52030c1731e538ea2a06f8677b6.png
s0.2mdn.net/creatives/assets/3948419/ Frame 685A 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3948419/eedfc52030c1731e538ea2a06f8677b6.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64e660a1995b3dc7880aaa8a054c28664785d7e0d1436815e212d71dd235cfb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Jun 2021 16:32:09 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13209
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:37:04 GMT
trg.gif
ads.travelaudience.com/ Frame 685A
Redirect Chain
  • https://tags.bluekai.com/site/82519?limit=0&phint=event%3Dimp&phint=aid%3D%eadv!&phint=cid%3D%ebuy!&phint=crid%3D%ecid!&phint=pid%3D%epid!&phint=segment%3DINMKT-CITY-LYS-DCO&redir=https%3A%2F%2Fads...
  • https://ads.travelaudience.com/trg.gif?ds=dp&acc=SC&lvl=1&pl=dubai&pt=16&rcm=724&pix=0&exid=4goWJTOS9xef60BC&dp=event_type:impression
35 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.travelaudience.com/trg.gif?ds=dp&acc=SC&lvl=1&pl=dubai&pt=16&rcm=724&pix=0&exid=4goWJTOS9xef60BC&dp=event_type:impression
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.15.12 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:05 GMT
content-encoding
gzip
x-engine-version
0.0.0
server
nginx/1.15.12
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
via
1.1 google
x-host
tde-deliveryengine-production-75454cbd8f-vzs5f
content-type
image/gif
alt-svc
clear

Redirect headers

Location
https://ads.travelaudience.com/trg.gif?ds=dp&acc=SC&lvl=1&pl=dubai&pt=16&rcm=724&pix=0&exid=4goWJTOS9xef60BC&dp=event_type:impression
Date
Mon, 23 Aug 2021 16:22:04 GMT
Connection
keep-alive
Content-Length
0
BK-Server
db1d
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
DINPro-Medium.woff2
s0.2mdn.net/creatives/assets/3948419/ Frame 685A 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3948419/DINPro-Medium.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f428062aa55829eeebfda9c449413bfe490556b047c1cbd1c827f5490a48a3a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:10:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Nov 2020 17:35:19 GMT
server
sffe
age
671
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35348
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:25:53 GMT
Bison-Bold.woff2
s0.2mdn.net/creatives/assets/3948419/ Frame 685A 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3948419/Bison-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2c21f9d5267c3a6471b0abf1800536bc1fb69623d0c476f2e98ede1e7436b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/index.html?e=69&leftOffset=0&topOffset=0&c=tw3BUIS9po&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:11:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 09:29:37 GMT
server
sffe
age
622
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8568
x-xss-protection
0
expires
Mon, 23 Aug 2021 16:26:42 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 685A 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1187190
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
21678
timing-allow-origin
*
last-modified
Tue, 21 Jul 2020 23:12:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f177643-eca3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CEMW4GCUhFME6xHYReKxOVSkkCtvYbdUvC724r1NtCs%2F%2FcBmqTjuj2V5rB%2BYLWEUmNWnsT6C2%2FYPqO%2B3ni%2BOJljTT0HZZQWEGwQKcbPb2OilfwWeNB6OWPAEDlhIRGljlRIXIiOSBs5Bz%2BUvmOfR8lD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6835ad771d1896a4-FRA
expires
Sat, 13 Aug 2022 16:22:04 GMT
centralesansbook-webfont_woff.woff
s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/fonts/ Frame 88E4 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/fonts/centralesansbook-webfont_woff.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/styles/styles.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f22eedafe130c14c32e71a6227ffaef8b7e02fe2b46c0176b3e474a1b859f6ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/9093136/1608722774211/NL_OneBlade_Display_Explore_Retro-Gamer_300x250/styles/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 06:27:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Dec 2020 11:26:14 GMT
server
sffe
age
35666
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20604
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:27:38 GMT
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzcifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzcifV0sImlzX29yaWciOmZhbHNlfV0=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:04 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:21:54 UTC
army.gif
askleo.com/porpoiseant/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://askleo.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8xIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzEiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTBfMSIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzcifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: askleo.com
URL: https://askleo.com/detroitchicago/cmbv2.js?gcb=195-2&cb=04-1y02-4y06-12y07-1y0b-5y0d-14y13-3y17-3y20-3y33-15y52-1y56-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x20x33x52x56&abt=JoykatTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk4MzI4MjEzODk4MTQwOCIsImRvbWFpbl9pZCI6IjE3MzA3OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFza2xlb19jb20tbWVkcmVjdGFuZ2xlLTMtMF8xIiwidF9lcG9jaCI6MTYyOTczNTcxMSwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDlkNzI5ZDUtMmFhYS00MTk2LTczMmItMjkxNjQzYzBkYWJhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTgzMjgyMTM4OTgxNDA4IiwiZG9tYWluX2lkIjoiMTczMDc4IiwidW5pdCI6ImRpdi1ncHQtYWQtYXNrbGVvX2NvbS1tZWRyZWN0YW5nbGUtMy0wXzEiLCJ0X2Vwb2NoIjoxNjI5NzM1NzExLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwOWQ3MjlkNS0yYWFhLTQxOTYtNzMyYi0yOTE2NDNjMGRhYmEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY5ODMyODIxMzg5ODE0MDgiLCJkb21haW5faWQiOiIxNzMwNzgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hc2tsZW9fY29tLW1lZHJlY3RhbmdsZS0zLTBfMSIsInRfZXBvY2giOjE2Mjk3MzU3MTEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA5ZDcyOWQ1LTJhYWEtNDE5Ni03MzJiLTI5MTY0M2MwZGFiYSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzcifV0sImlzX29yaWciOmZhbHNlfV0=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
askleo.com
referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:22:04 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sun, 22 Aug 2021 16:22:01 UTC
view
googleads4.g.doubleclick.net/pcs/ Frame 9916 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuT0hqLTXboNeqL_SjmyVbyDWuQF8cm9oQhMhv39rLGjiYmfSZxj9l762sK15fhM7HKmGBoo3PwwGzgNMbkli0bWdDw42J5z2AZoAXV32lDafxH0gqzjwhI1ZWIajA&sai=AMfl-YRVcznYycwXIF-TJMCMa2f0OvqX3TQNEGHY2xjCoh9V55qg_jg2SK2dB_peBGR-elKhxcsSuqQyxNA2JDLdwq1pREb2W1mLF1XK1iM&sig=Cg0ArKJSzC6E02k54hZeEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=858&vt=11&dtpt=739&dett=3&cstd=115&cisv=r20210816.47722&adurl=
Requested by
Host: askleo.com
URL: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 16:22:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dc_oe=ChMIiZf-1sbH8gIVzOK7CB0PxwYSEAAYACDi1_9EQhMIvcTc1sbH8gIVie93Ch1AngBi;met=1;&timestamp=1629735725015;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame 66B0 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIiZf-1sbH8gIVzOK7CB0PxwYSEAAYACDi1_9EQhMIvcTc1sbH8gIVie93Ch1AngBi;met=1;&timestamp=1629735725015;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E27 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRzNeK8sjYcnVGszF7_UPj46bkAEAAAAAOAHgBAI&bg=!8vGl8bXNAAZvV8FTb1c7ACkAdvg8WhO-3UwUBbsJjn6N3hH7RUaj_zPTvjQq5OZsEoAZ_bOqk-6UJgIAAAN5UgAAAE5oAQeZAsCddC1wWWoPNsuQs5VQ5I3zL5jJlTRj6tq05JVt8pASZZbAA_-AsQKN1Hgxm2h8WugUQJtEVzSY-cwCQAXAOQVJ4H3HmepHkZ0dxdCmT97ZpiXDE1EliQFcAJEe5KMDarIjmGphidy1CaaGw5rKOIk0ZLcOJ9C9GnyxwnFZuitTuFStd6pegiS8D4hZ0n9dpskkYs-XskCbx0mIBIzvKaAFRGeXCgZvVRVotT7JqTpU3qZcR2eGmdMb7gvUGZMJmDVYSc915zz2WQ1qzL2CNKQAshFwziVbfHQ414zsDUfiyo3VHY6XwKR8VDehF0hk7kHLnTF-BFLz7S9UrF9PNX0b1gF0peG8h0pPIPA7nqeFpOSD9GeqH3Eni37wk4wRzGadCPzSRLbaOTNq0hts8lRpvNMEvIozOYHAvuDFW-8Q5a2rncVX71tFuIfVUj2OAOkZx800Z3HHas5oBtutiPDoMtPGs0C5_0pXSrA5CNdDyiLFenG07eQoVR1u9y9JRrx8FyygwIM8m82QTAkPHfN_q5-AUgzlDXEzMZWyjEWaEj0veIxfY1OgX6H2Y2HniEg0WLoQ3H0oxyELT3_KmzHLA3yS0Nwcj2cqpyPv43ZCZ0Pb6PRDxmYoUwc79RFtxLc7PtV7on0OZWE-3yZnnAWMA4YksVQe74FvM86ICoQIa88VruG_sbWN0zJUKW2tlRN37Kj_zEk3JN5Av9OwNEQzNHJJVfrY9L6K8iqxuOFL_E2ZkKxOGdQKODMWK9nKJVXZ49R-rOvS0JYWQXgu8BmoHSmWtxzZycZUv8MMUrsg56SSf_WT3CEbMFBpwz7em6JnN0UUlr-k_wK5V7zuHnKf6JW15_S5IdAdRTqZWN1vFHU4z1O62bknQeITfqxxF7jA1b97_J9nlC7uKuegpc_3NwA3iLPoV-mNdLk18o0mdA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0055 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCjrgK8sjYf-JHOGI9u8P5e-VmAgAAAAAOAHgBAI&bg=!OzilOHzNAAZvV8FTb1c7ACkAdvg8WlZGF8jzHokTOiHBCtwWVBv5JT-oMj1rCzW7IrqcIfzYzeV7bQIAAANoUgAAABhoAQcKABFLn2JHzsxmaus-TBfUTCfIaJkCwmbxHsBSYBmkgAWUps4BspvaZLgcDY9UG0PKzUG_A27Kc6f7rSrqu86XryJ4acUjSH_uO54q2LHujK-nxADNt-SpugdAR8Dq2nUy9bU1owR2aTJYa5Wl7q8zmYflXaakg4eHESUCmLN4bRQvbPMac8B-6UCFM7woWzV3ftko_2q6gvifDwQ9evNUBiaDVvEjuu0wYSvOu4Cm--V_RqFq5FgjKQRkiJN2WKVnyO9aJGzB_j6IuSaKBRbP4zaLbZEWa015cpMIgetszl2yY5wXs0T02e1ZwRRD4cl5hsZrPei__LAR-G1xcwP2vUAx1X_FZzBHLmKtkMyQtlqM0gQ3mRCL8cAvV0Tf_3R3ij8APRUa7uQfJtA7C-CEekrUyVUPNXw3rA8m6LFX2xzkYzqOwmbk5SUalXwPrLidOzG82GkFsuZBUneHrdUMbJCORRDTSD121k1h2YBvsFyBavi887wbcY3SIANDPNRJHZmk6Q0_q9847lk1WekYyv6hqF4TcdTjJZKekwaZd1bwmQeU5bJHpXFnrkf-bdR6lztze3RNOCndAQkWgzY90ENK_-BhVdm7bOMlIzESCtD3ysbCVE2Lnl4z769a5AI6WXlP-JIE6YHqQE_R9nMWrdlmxshl1VFg9Pp6hVHbXzi3udHPfB_ev7CT54fFbv0V_FEWjV3nwZY4giAp5lf1YLZqO741PKA2OuF-UBmA6vX6WnMSseUN5mrhCn99xbBQ97CzLX1OVezoTuY1HsMGMApPsheyzCF-5IrzwdGWFX6XDpyIhQAn74nyPLQoLHbBN6_NCvWd3mJWVRl4Q8odVy7FDiJEB6BStVRdOKyEV1gQrqwsgbGQgyR0AKy26tzfVswj1c0_3SZaxtGmHczltnviaYip0idSFWrS8OXZWRH4IB0unnWFne1s98rN2ycoMVlu0E9tEYo
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIs6fw08bH8gIVhfl3Ch2HkwNHEAAYACCKxfszQhMIlofa08bH8gIVD9J3Ch21zghf;met=1;&timestamp=1629735727216;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame E9CF 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIs6fw08bH8gIVhfl3Ch2HkwNHEAAYACCKxfszQhMIlofa08bH8gIVD9J3Ch21zghf;met=1;&timestamp=1629735727216;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 16:22:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZDZjOWJlNDZkOTZjNDBmODQyMTViY2QzMmFhMmE2NzA=&google_push=AYg5qPL3JH-2PkCX0XEzRRvYYWjFQUCa96O5eh3wBBBRYL0kv-V5p0MSEM5_oktXY6bWKVIhB1vmPskBLpPZ-kXmJJ3detvAJtM&google_tc=

Verdicts & Comments Add Verdict or Comment

261 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __ez string| __sellerid boolean| ezhbopt object| __ezaps string| __ezapid function| getAmazonSlotById function| ezapsFetchBids object| apstag object| __banger_pmp_deals object| _ebcids number| ezobv function| ez_isclean object| ezSlotKVStore function| ezSetSlotTargeting function| ezGetSlotById function| ezSetTargetingFromMap object| ez_queue function| sort_queue function| execute_ez_queue function| ez_write_tag function| in_array object| ezrpos undefined| ez_current_interval number| ez_current_load function| __ez_fad_load boolean| __ez_fad_floatshowd function| __ez_fad_floatshow object| __ez_fad_initslot object| __ez_fad_fastd object| __ez_fad_fastdiv object| __ez_fad_fastslots object| __ez_fad_viewslots object| __ez_fad_instaslots object| ezslit_run object| __ez_fad_divs object| __ez_fad_divsd number| __ez_fad_vw number| __ez_fad_vh function| __ez_fad_invisible function| __ez_fad_position function| __ez_fad_fast function| __ez_fad_csnt boolean| __ez_fad_haspo function| __ez_fad_rdy function| __ez_fad_docht function| __ez_fad_vpht number| __ez_fad_doc_ht number| __ez_fad_vp_ht boolean| __ez_fad_hascp object| ez_ad_units object| ezslots object| ezsrqt object| __ez_fad_divpos object| ezorbf boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad object| googletag object| ezoibfh object| ezaxmns object| ezaucmns object| __ez_fad_floating boolean| __ez_fad_gptd boolean| __ez_fad_ezpbinitd function| __ez_fad_gpt function| __ez_fad_pb function| ezogetbrkey boolean| ezoll string| ezoadxnc string| ezoadhb boolean| ezoicTestActive object| _ezaq object| _ezim_d object| _ezat undefined| href object| ggeac object| google_js_reporting_queue undefined| $ function| jQuery object| cmtt_relart_data object| mejsL10n object| _wpmejsSettings object| cmtt_data object| popupally_pro_check_source_object object| popupally_pro_action_object object| cookieconsent_options boolean| hasCookieConsent string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| __ez_ezosuigenerisEvt function| create_ezolpl function| attach_ezolpl string| _audins_dom number| _audins_did number| _ez_fad_vw boolean| apstagLOADED string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL object| ezomash function| ezbanger function| ezvb function| ezsr function| ezosethbbids function| ezoSyncToDfp function| ezoGetDFPSlot function| formatBid function| ezorefgsl function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString function| __ezDotData object| ezux function| _ez_TOS_TrackEvent object| vitalsFired object| metricNameMap function| ezlogVital object| _qevents object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count object| webVitals function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| ezosuigeneris function| __ez_func_ezosuigeneris object| wc_add_to_cart_params object| woocommerce_params object| wc_cart_fragments_params function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| generatepressMenu object| FOOBOX object| generateWooCommerce object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| __ez_fad_ezpbinit object| epbjs boolean| __enableAnalytics object| __s2sbidders object| __allBidders function| __ez_tkn_evnt function| __ez_fad_scroll number| __ez_fad_scrollint function| __ez_fad_chkpos object| ezslot_16 object| ezslot_17 number| i3 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| ezRBA undefined| __ez_dims object| CM_Tools object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| CM_Tooltip object| wp object| duwhs_popupallypro_html_code_sjhw function| Cookies object| addComment object| FooBox function| powerpress_show_embed function| powerpress_embed_html5v function| powerpress_embed_html5a function| powerpress_onload function| powerpress_stp object| ak_js object| commentForm undefined| replyRowContainer undefined| children object| ezslot_3 function| uglipop function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| LazyLoad object| ct object| ezmt object| ezua object| ezuxgoals object| ezdent object| ezDenty function| ezoChar function| ezoCharSize object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy function| epbjsRequestAdUnits function| epbjsRefreshSlot object| ezoptbid string| pubcidCookie boolean| ezowwinit function| update_cookieconsent_options object| perf_vals string| token object| GoogleGcLKhOms object| google_image_requests object| ampInaboxIframes object| ampInaboxPendingMessages number| ezouspvv string| slotElName number| bid_val object| slots string| slot object| ezslot_0 object| ezslot_1 object| ezslot_2 function| epbjsChunk object| _pbjsGlobals object| mnet string| slot_key object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

20 Cookies

Domain/Path Name / Value
.askleo.com/ Name: __qca
Value: P0-1166294967-1629735713048
askleo.com/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
askleo.com/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
.askleo.com/ Name: __gads
Value: ID=717ecc9b69bc6606-2218ce2aacc800a9:T=1629735712:S=ALNI_Mb-a7pYpvIehPli2d_yy_3KIN5PJA
.askleo.com/ Name: ezosuigeneris
Value: 774a8de04059fa0080152dcd29ddf935
.askleo.com/ Name: ezCMPCCS
Value: true
.askleo.com/ Name: ezovuuid_173078
Value: 663f24fa-fae3-4fd0-5aff-649062f3e3f8
.askleo.com/ Name: ezovuuidtime_173078
Value: 1629735712
.askleo.com/ Name: ezepvv
Value: 1265
.askleo.com/ Name: ezopvc_173078
Value: 1
.askleo.com/ Name: ezovid_173078
Value: 1114168860
.askleo.com/ Name: ezoab_173078
Value: mod85
askleo.com/ Name: ezux_lpl_173078
Value: 1629735713759|09d729d5-2aaa-4196-732b-291643c0daba|false
.askleo.com/ Name: ezoref_173078
Value:
.askleo.com/ Name: active_template::173078
Value: pub_site.1629735711
askleo.com/ Name: ezouspvv
Value: 0
.askleo.com/ Name: lp_173078
Value: https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
.askleo.com/ Name: ezoadgid_173078
Value: -1
askleo.com/ Name: ezouspva
Value: 0
.askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers Name: _dlt
Value: 1

7 Console Messages

Source Level URL
Text
console-api log URL: https://askleo.askleomedia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://s0.2mdn.net/creatives/assets/3782707/productCard.js(Line 1402)
Message:
CBKLABEL CHECK false
console-api warning URL: https://go.ezodn.com/hb/dall.js?b=ix,luponmedia,medianet,onetag,pubmatic,rubicon,sharethrough,unruly&cb=195-2-26(Line 9)
Message:
fun-hooks: referenced 'adpod' but it was never created
console-api info URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2108100143000 https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/
console-api log URL: https://s0.2mdn.net/creatives/assets/3782707/productCard.js(Line 1402)
Message:
CBKLABEL CHECK false
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.12.js(Line 32)
Message:
a: 0.0068359375 ms
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774477/20210524094038431/logic.js(Line 116)
Message:
column not empty. append image.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6f94824b89712f5abb0be57927550195.safeframe.googlesyndication.com
a.c.appier.net
a.rfihub.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.playground.xyz
ads.pubmatic.com
ads.travelaudience.com
adservice.google.be
adservice.google.com
askleo.askleomedia.com
askleo.com
b1sync.zemanta.com
bid.g.doubleclick.net
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cc.adingo.jp
cdn.ampproject.org
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
contextual.media.net
cs.media.net
csync.loopme.me
d.adroll.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
g.ezoic.net
gcdn.2mdn.net
go.ezodn.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.askleomedia.com
js-sec.indexww.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
nep.advangelists.com
onetag-sys.com
opt.objectiveportal.com
pagead2.googlesyndication.com
pb-server.ezoic.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r1---sn-4g5e6nsk.c.2mdn.net
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.google.com
www.googletagservices.com
x.bidswitch.net
cm.g.doubleclick.net
104.111.215.191
104.111.242.245
13.224.102.75
13.224.90.44
139.162.84.221
142.250.181.230
142.250.185.130
142.250.185.226
142.250.186.130
151.101.13.44
151.101.14.49
151.139.128.11
159.253.128.188
159.65.196.12
162.55.6.212
172.217.23.98
178.250.0.157
178.250.0.163
18.158.98.109
18.195.239.175
18.197.127.76
185.29.132.245
185.33.220.241
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.86.139.93
193.0.160.129
195.201.152.90
2.18.233.180
2.18.234.21
2.18.235.93
2001:678:cb4:bbbb::11
213.155.156.166
213.19.147.45
23.37.38.181
23.37.42.132
2600:9000:2190:f200:6:44e3:f8c0:93a1
2606:4700:20::681a:ad1
2606:4700:3031::6815:496e
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6812:d05
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:119:50e1:101::6cae:b25
2a00:1288:110:c305::8000
2a00:1450:4001:62::6
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:802::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:2638:1::13
2a02:fa8:8806:12::1370
2a04:4e42:3::300
3.125.99.7
3.126.56.137
3.217.109.237
3.66.136.156
34.107.148.139
34.254.206.82
34.98.107.212
34.98.64.218
35.190.0.66
37.157.6.241
37.252.173.62
38.91.45.7
51.222.80.231
51.89.9.253
52.1.49.131
52.18.52.16
52.198.4.47
52.205.247.225
52.30.92.119
52.46.133.124
52.49.37.161
52.57.8.242
54.36.109.155
54.73.110.124
54.78.254.47
54.81.207.173
66.155.71.150
69.173.144.143
69.173.144.165
70.42.32.95
72.251.241.196
74.125.206.157
76.223.111.131
85.114.159.118
87.98.252.5
00fc7b252d629bd7e3243ca99628088fc65717696bcaa98bd4a52c81237465e6
0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f
01aa68e81f70d57c8dc3acba0ec75437cca46ad0e985dec97a03826f0e79435b
02159cd3570c28fb35026c7708464a7fa408568bd8c56c75c50152fc7e624214
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
043125925c1c824d15648aa72b6a36876d6fbd9d3c22de45d5d8d07080a1edde
051d92bd9abf927fe7d47b84dda61e8c1dd49d902229ac91b27477f570fe6481
055000922d1766e8faddb9c173b5c4313b6adf76a6303be821a9971b2de61b8b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
074c5ad0e9bcaba915f0248625e8be0aca92b720b9ab9592611d1548a0438159
0933213569bb16a7f86305d19cb08ad2d9a7c6d474afbd7a3c831a3a2c1bef8f
09be3165c49c3331ccd6588936e3bc62744ae0dfb44a578ee49c65e2d7caa537
0a27e451d447cf91977a122d2a184d299d135bfc04b6d04158a023a00258c0f7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0fea4f275704bb57b3ec17051db212de23efd556ce0ab4adcb33df8cba76e077
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
1256a19f3b1bc945333a9956ba28263b06ff1396c532ce41d78085fa06bf5e25
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1431cdf90e23ab4795bcbc806e8b6aea38cefaf18922bef42705ac5f8fea986a
14375082f18c8501a36b803a80a3489476d037a97867ffa2a1aae1b65df4fa57
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
154c85250d7bdf201fe19e9f5f20910d8727ee9dfbba11ce98dcb36a48b61ab5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18eb8f465dbec9c97b0f1315990493aeb2fea391094e6c562868a9221ac4c2d2
1bfb4195f92629d2bac3258d4c20c8c961f42490d6d477ab62944648abcce615
1c3c2553309f88ced7c7fd949101fe6bd99828858621f80513dc4c187ac6bd1a
1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee
1d679474c62830d6a3e51724af7fb034d9151eea7168bf3b02a715a4dfdb3fd5
1e7225369190a58c13e47300b33df93f31b5de1f8cd6dd5c6dcf8bfbdcc5e8d3
1ee73a11f7deaf542b5417e0fa5adac6d92212515da73813d552157337d25cfc
1fb8544e73538de55afcfe79ceaa681e59d9837ca0594fe91e0cc8b4df6f9404
1fda2e11a60ed0d8a4356f63755d7023483fd54ac7c15e9c71d755bdb5431f89
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
2087d023c149cf3b8c828e94c7c057c759648209f45447774b40c67f1b288ba1
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
236888a9bde0a1cabbd288498b6ba4fb3f4ec7119d2d06666a5a48a82f51f042
237c7b47a1aa95b662e01c9628165f3731cda8f807109d86e2fed9a9b6ff7f7d
24ece61e45e94bcb16969dc25b12dd94cc0c4ef9a968bd524b36d1388141cb4a
257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee
2620ea80d4b627207ed8ee055d6db3b460e241936dbede10f54cd5bf26653c6b
28f5283c180d27f9223bf7d6b98255974fc099c415f9cb49fea5f75b554f4b60
290f819a036b8ff8ff68de92f2de1fde20137d11fe1dafe274e6f01a0e6e3c8a
295062a4203e70412532530983a6c4e75758872160ec9a5d869e34b25697a83c
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2daa00b5c510fe37f49069b68154d4308f40b1cb0d7c96335626902841e2a3ba
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e42eb4dc61c96c40d59cee5896e8f484346f11007d056cea941d1cc90fd7f80
3155af4abaf96ba3842b403e7972b2562ee7b49df5f940cbb5da7136c07ed45c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32dc6aceaea29998363bfd9d584a440a132bd0435332e0b8b9ad8f31ffd5b8c4
3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
381a270a8837746d2393af408a52499565fe633d757dcf4bd775b77d48a70e39
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
39d5cdc19374a44077c4246db6f442209b230d42642019e056574a20090403c4
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791
3acbf2ba8364869e954172e3541fee82f3e618cb5a450bf855d9a42b2d3c4656
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40863be2b431a191bda85df5372da56e3f5cc09e0402d2a65422b124a94654f6
436cd10b77fcf5f8d3d813c4d71cf5d22537d73da612449ea799a54409524fda
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
45d9c255bfee6158a900a122f900f26781e9775a3410bb05fd15ca5290ac5915
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
48052f6267b2e21fb086ad26457c715b3b8b5e8c6fcbcdea42589da06b05e9be
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4904e0d616ecf48cd9ce781e89e9bd299be7d6bc97bdad36f799bf9b71f9e003
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b2d732121c09a7187640a98acc242938634d6eb885c444a10148051a3c6ce24
4b49dd04d93efe931ac1a3795acf0ff6bc4aad86b416596cf87d93373fa063bd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c3d23d7025038f5971f496b7cfe56432f045fac5b2e248ab32c89fd6c6c54ce
4c4ec7ec7ea4f686b74aeeb0c33cafc252f2d9fdebf324107cc8833deada9b41
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee6cb4482225d6c4f47f4db5011d22a38a4248a59063d7b4cde53ad1fea1723
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f6cacd54975e047a9bb152841f8fa870b1797366cd5993462f121ee77711e13
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5230f33198b804ac5be09c7b178100587533dd1ddc527a875f0f1f184a7f5eb4
53c781ab15544fabc8a5884e3ec5b6b42f29129f8853156ac6b0ba35b07ec3fd
59a5e8318addddfb2444d1f424da19c513403900acd58e779c26ef93ab9a2780
5b29f10d6e7c79c2f7f11b0abe16a4fb45e29673dababd29a0313d72aeaa90b5
5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a
5ce12c6a858d78dbc3b062ff1905ec4e84e23e72887f6c054f7687d19ee8aa0a
607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7
609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4
6179c4db6016209d3297febf8a9243c7356e99b52cb8b3c7e7b72c0bbc7dbaf8
629db7e286c97c88af572b9ee82bf16a937f8916093adbe89f14f77ebf3ee79d
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
64e660a1995b3dc7880aaa8a054c28664785d7e0d1436815e212d71dd235cfb1
6589baa864490881d75f462b4d5da4fdc458d5305d21fdd34bf3ba49209a6583
65d5149458411882e55592136d5d5bfa559466266b18c0164c6307a070180252
6a0e73d2713a0d1fc0737daacef3c8f39e347ed1c9ce3ef6dddb3fce1dcd2b9f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5b12e027b420bd331b1b8852728cf67bee7812cab232102217fce7ff8f91f5
6bdc5e709c9c483c83b67b40f75ef2193ff388b8d8c586de2c530cc1914257d9
6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6f78dced421cfd84fc6b1ce1853708b63e6bc80d1cdecd275297001f370aede8
720b7e396b7a7387b1f93a9e1f5cc8f5bdf9e6ebf40e7d8ad8892d6c4267b4a4
72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804
73d269abb8a6ba50a6393840c5c5cff3bd149a14d638434b09cd38ff1268f08e
740d0e2ab785d5697336ecd812e6c6fb5547e741ab78204d93023d08bd274ecd
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74a8b34ddd37ba93b4c8198cebbc858c098de1effdddd63eebf9009d55cc53c0
75ab967337aa8edae5bb0cf87c905b770b76b85be76de75eae74fa4c6041b060
75dcc7e301b57af3cc353fbf1ed719734702f233e3c2a132c1bda213e048a59e
777d64ed5f90cc4c4a9c683655965eb44cb7eb038b0fbc0dac1574c2ea3f1c4d
794c0c828bde7f4181c1d5a2fa65a3cfb4a431b2528b9e450fd7d3bb7943115c
79f4bc782a8607a8be12480a4048ef477cb68d115a8b119adbcbfc114c8aeee4
7bf99bd072ef2181aaa53f2e5cebd463ff723828c971d8527a450ac48fcc54ff
7d3315c2b2c849bdb5d2a94f08472eaadb8147502748cef585adc1d000e1a38b
7d5605c873d4341f3a40f3d9aed6f3fb5d9b381b229c2db15cb23ca525d59d65
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7ee7784d217b273bd847dcc83ca3451f76f63cc1b619805dbdb297197bb44eb8
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
7fc4209c1df4006c475e8cff0e951b301922d7eb6822cd85f59d51ea6f0b391d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9
8082c5c154c7f8477a5ec84e5d746701470627b736199dba9aba77a56acd4208
80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec
80fe516a14d9be1a4cd35f21df843a00ac70dab7d57910bcbc422a22e97dd402
81a2dbbcb0084b0c758491f99ac65e7845ebefbdae81a99bace7bea32402f982
81dbd7856135d55d3709211fdba8d86bc2b299f6b48170c1dd4e590a984131be
8276d99808a3a111dcb2dc61c895388c21341d48be9c3f87d905787a49c2b832
82d931e3e1d39b1e7029328eb9fd764f5c078c0d2af110c8b0dcc320d3295b59
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a8e7854d4f0a0f33e0a52d2dabec997b125058db15914104ba49c7a63359cb
83b6392647b173ff74f52a012934f86945c64c18f4fe5a053955575b3eae2ddb
83d6a90d1dee1d91b0513febd572f8b5c807454c5c1c7baedf3cd5251ac7de07
844b23a41ac030e589ee673e50ba1d0d5581b1cdebd48dd2d4fd1675bde66185
858a61e1828014e52cc734fa30cbf3c2edd8bcdb7d77ec902d4eaf91f64d4fe2
859e7bdcd95e7481128e01b5a7ff2fcf34a963198abaea0f0c483e40d22b2986
85f1dc7c35f47c67b139453f0221075ccd0848b444a1039fb1d2ba25a59b7e01
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
87e5e6d5eea4dd359d5653e1e448a52c6ea8405acf6c97fc44d50aa6ec48bfc3
8a12cd1ba53519b9b8f531f062e149c5b29ddcf92c45df0c873ca6a21aa086f8
8b0723635b932d07aa18138a7f0ec12eaf80065b3e33f328aa135b52aa60ebb7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da6c8ebf400f669fb77b5609732959c1401f6d92362d302595862a6c5506af0
8f9c57c81d47ce90d89f07b6fa259e7b6ab9e7d843ab8608950e3d2d9bad3da3
8fcbe39f732897d9c5e7b665e3dd1708bc3a06fc0eb96653a54322aa1c0d484a
902596331db2197744da09ad0713133650e5e01f66def98e475bf8efc64d7ba2
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9130089f503b409bdc8eb98de051d9ba356723aed20feee9f637cca189d2b190
92dfc771b95bd6572632549d34a03fdeece705631fc6d70f8270ac4b50024770
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
997bcb47618fae4ce1bcbb8eb0bd8e8f8e30d0e57aba263d6ec148d5ee6c5c8f
99d52606bf2e9b52a8a30569f553738909f7684432235bd53c39f95bde9d4ac6
99db61ecfd0688ee0ce50bf3389181e2034c69724776541b27f169a68bf79a47
99dcbdaab6b94a5296d3152512c6e2549649ed7c3b4e8afca003db2c29bf49c5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b91464c3d89d306c5ee7f7926fcba0ee368374c16420de5d1d1bc42e9dabbdb
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b
9cc6f6eef6a5856aeb3a6bd1e3e5d46c4c08e50d749d8c044f120f10bc2d63cd
9d986c26f5304c48aba12ffcc13078c4ce6c31c48fe00634d1b8b7839ce0856e
9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d
9e02a4cb2f3303d88488009d7a4385d1a369dd925789ad85ee3f279b7177ca3f
9e509f02367cdd95bb7b298c1096def66626cf1c01c61e0939698d8b285b64b4
9f3f6121ee9e9db4bb59cb15d5584d38625752b6a3d5a69988464177eb726092
9f5874208db31922418ad3337a1792c52bfbcc2942f3135ab4b87e20235a5bc3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13c3785019a3df9ec138c9f5cb05d697c0c3dfe089b3ccc18017af4bc5e8537
a22c497288d6b312171de3df8ed00831f34a76a52384c1ba9d504e11c98a5f21
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a2e2a6708fda2c74c99c71bc139c88e4a60cf0413169bb47b84014d675f85ae5
a34f0ac0e0bae229e0913698c55cf65d12b30bb97c62e0bd6c8691dbbf2f9857
a3c216cefae59e5da3e9fd500ac9c3e09112a11ec45fd633d4f30ff3fb43f5e0
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a48e3091c3e26309f1329bb7ee2812cf158deb93cd80fe6439e53e8d57e58d3d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5390fbeb6fcb4697d18f9e2603d96b82dc4fd3f5922806a83df0fb439747063
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6f564cf133cfc26e10d80a745642081f4999ce7881c86b84814f168c88a9023
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ac2c21f9d5267c3a6471b0abf1800536bc1fb69623d0c476f2e98ede1e7436b0
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
acbbae3ea8c718877be4d5cc6437e6837d712b847a82b4f0aed2dc10bf9fdb64
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad1daeb0c017c11c68df7e8c08916788e2dcf248e26df4f032ba6c1e148b481e
ad57d9fa035ad21ee0e725b9a1791c447c57599ebf388c5833a3e5444b491457
ae19adaabc7a5d8387d0e953041b3ef6135b3a26715281aeea76009ab771e752
ae707ec81b142f04b6d5f785a5d4f7e8301bdb62a95288dee1f3e58930d21c7a
ae9eb13db541a6965ba0df5c4b3c4e0b5a331a7297a625b03f319c16e3550f77
af28f3c80c13d9c5d9fb069c86792f6b15b56e89d44e12f0576e7638dd0ca207
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f2ad19633051d6a096ada0b6a79b6bd31a4f7932b5221374bff41ea515e57d
b2721c18b1d73541b177b8d05ba7a9e1c7fcf8c4cfe4a8a75640523c14a62ff0
b28ed0d85790996c5ba8b672133fdd131e72085d657da84842aaedfa049aa7aa
b3391b26fd634859b900670bddcdd8ef22a819e3581da050f15f48c85a15ba5c
b49498d1142de7f2e16afc2cd4250d2ba30c5df4de5d291f51d7cf69727efdbe
b5ca6a5538f84c38359f176278d88a2b0b2596c4e10cff85b9e5ef34e13f96f7
b5d0eed1e60aa4445314f7e0be635f86d2e6a23ad316e79f2a1581e1f4dc1bfa
b6af3acde27cc9101ecad088c6ca0e8bf6fc38c57c8396eb50292411c6ef0bf7
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b963251d338ab3ff59bc530a0d31dd6b87e86e4fc2163081e66651534d4400df
ba9c5082b16c9f74ef556bbd5e1c44acddcfcce3094001176133665330093ed9
ba9c563212915f4bb5b697b0858b564b9ee38b74fd9e1d944a81d600071c8a80
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc590c10742490a00daef3a82ef8fe7ab4bc736122c79b27c4ac7dea80e3af1f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
c01eb865aabc41361d25ec5a333411bebb146b11e264111f043615cd96b7177b
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3a75eaffe81ffd2ca154675c64ee887de61f5c30fc2035794aaf06a6eb9d8ea
c3b9547ad5efb844125a3f9751483384a257a2a3a33d34b461ef62ca61f0845d
c3db931fdc86bd4c3c5e5e68853da1d4754d95d9839e3aac0fcf06f757b764c2
c460b99f65b6c9db943bdee926064c37d4e1ea4f7f6309c958861e97d22f23d2
c4d6559fa96f1a97ce556c90facd8504d53bc656d238d9d5fd89a63aab36525b
c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f
c707359c4e07add0ce75011f1d1d079f54243816a20953bb3bcc45e644f4962f
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c8e3d6a2882b2f244219c4f7264e812bdcf5410c1379268513fab16be1958dca
ca365af1bccae26f47327961da261d6851977cd77fdade42589a3c8839cbdb75
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca42d0bcff0c988669252b205c214fda66994f866dc2474059d826f07e4f96dd
cc3533e181e6e2e97e0bcfd2c8bbe98becc92d6b4338953ee4afdba5bc3dc10b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c
cdc5d5292ae0a49cfa86919b0d6de59460aa0f089d49da01ffed462e7e9b032f
cef56cfb50af106eee13a8077d15efd46d114217ffa7446463414fb8b25e028e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5607249df9251c245d675570dad6611ff2edfa90acd067655f8f93f0a58bac
cffd6ebd54f05c54184ddeded1add555dfe800378d2fe121ef3f10202bfada60
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d325476db806449106ec43620c920e7aae14b5193de849534ca479aebe8982ff
d4856801956de97b41cdd7111e8075bc4fe86fa18c05372a7dd6d73cdbcd819d
d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33
d7bd7eebe26ee3a45916df1024da6efa98901010fd32d7051e3933ef5f2301ee
d7c2e37029cd63f54220acb65f1d3df2f8c8f4dc323280a8f5b52405f4c6b55f
d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69
d87211f63f610d7365da06fa2d7cda1609ecc7a0405bcbc170da028801c9156d
dbc8af587b4d1133648936495aa2d60c4cf3aabbe2282eb16f4a8f31b94e2e1e
dbdbacda218432f315ac3e50c11c793d3b095afce52955d97a56ef7bd680bd8e
dc383abcabd010595dad41eae73bc786a0838d63b8d0dfcc5fe995f562d677b7
dca3671d6755bba09dc8903a2276febbd110b09a9a65725a37be84cbf1a41b87
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4993e5c6015cb663a4ff917d77897ed71deda6eedaed515b41326305b3ed72
dde55dc1c914a593fb92f692a3442e570eb8eb62b9ed631878e3789b6e562072
de9901d70f685458ce4c69c62a143877ad1cba00815bcfda248da5e349c98b6d
df5c679dc6733cb9a2c3e545b9426f9b01ef302d6f8d638cf1b975bc295b53ad
e0b1384ca6c3c1df835b8ae6710ebb72bd98ea1876336576cc24ae4a2dc1c0ab
e1fb071a5a135b63fbd96a89a4a0c2c2e20fd01a9bbd703db45d199df6ad1525
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45818350fb6700935c0dce924d8317b166845c5516bc391a1dbda39203f143a
e480344cbb81a7947492b631619d33659eef13770b3cded1056254aa5d0421c7
e482a48fef03d183029fa2edf995fc8e9ce023f18649fd1d9149958e977068a1
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e5bdc8836e401144476fe22b6fd05b2c6d1a94aea39564bc356ac9d09c39673c
e66fb907a79a93d3c9813f2f348b42bd1bf6f3bf140331fe57bc7cc30a816246
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
e9e1d1570937b4b0ab772f08da052b11767aa32fd810de373e16120f6468ae8a
ea09798cbbc33360fdbad1748500adc650867b736b5955f2ef1199802ba1426f
ebaac62f6845b155b77df52bdf3cc185a47f5950323986b05bbfbf35d014daea
ec4be0f885f8bf796aa356fc6e4fca12d0e620b3e160ee3a8b26f6ad2f877d2e
ed1449a3d34f0c975f912645da2e304003524c91ba5c80e3ab9907cf2768654e
ed99e90ee1e28944cb257b8a06d730a89f3cbf40dcb2f102b8414e80897dabda
edaa305a75e55c4bc4687fc43cc9778cb8c86cff4fae321402ea9494a0a605b4
ee22f683394ec9d609b8c7b90e446dc4fde1cdcf0895322f7004078b5d3ed549
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4a51d1cd2bd151839092725e90e8e556be00aee315cc7bab78fec9db774f11
f1466ed5d9fb3024474ba1438ea710ae0d7eb8d94a80c9e5e2e65efd0a447b97
f22eedafe130c14c32e71a6227ffaef8b7e02fe2b46c0176b3e474a1b859f6ac
f3168403eabe87c4fa8bf097e63d6409e3e6d15a14825215c27e9e4f1f943c95
f428062aa55829eeebfda9c449413bfe490556b047c1cbd1c827f5490a48a3a1
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
f8d951b1faac73691f9c6e1df8345788cb862128575422c439d2cac0e3e7a2d7
f94ab680d6a6d6a9f2793b8ad326a91399e93b1da660dec1656bd3ea96716319
fb522ec3242cac33d5bde39303f2eba60d3328ac8606a9979113fd5826856869
fb56fab7f9b0405a03f249bfa6595de41410812a840af0bfbc01d694d711d1ce
fd6ac5a1e0b62484abe064705a98e8d30694a1ff6345a35e5ae28295eca5f360