urlscan.io logo urlscan.io
SecurityTrails logo

cloud.esker.com Open in urlscan Pro
40.80.151.24  Public Scan

Go To Rescan Add Verdict Report
URL: https://cloud.esker.com/fm/others/security/
Submission: On June 05 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 20 domains to perform 49 HTTP transactions. The main IP is 40.80.151.24, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is cloud.esker.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 3rd 2018. Valid for: 2 years.
This is the only time cloud.esker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 40.80.151.24 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 184.31.84.223 20940 (AKAMAI-ASN1)
1 4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 199.15.213.11 53580 (MARKETO)
1 172.217.22.34 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2.18.233.40 16625 (AKAMAI-AS)
2 7 54.247.94.157 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
5 8 79.125.119.113 16509 (AMAZON-02)
1 2 52.29.21.152 16509 (AMAZON-02)
1 2 52.28.38.209 16509 (AMAZON-02)
1 185.33.223.208 29990 (ASN-APPNEXUS)
1 34.95.92.78 15169 (GOOGLE)
1 2 173.241.240.143 36089 (OPENX-AS1)
2 2 216.58.207.34 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
49 21
13    40.80.151.24 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
cloud.esker.com
2    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    184.31.84.223 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-84-223.deploy.static.akamaitechnologies.com
munchkin.marketo.net
4    2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ssl.google-analytics.com
www.googletagmanager.com
3    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    199.15.213.11 (United States)

ASN53580 (MARKETO - MARKETO, Inc., US)
355-ahg-779.mktoresp.com
1    172.217.22.34 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2.18.233.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com
s.adroll.com
7    54.247.94.157 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-94-157.eu-west-1.compute.amazonaws.com
d.adroll.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
8    79.125.119.113 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-79-125-119-113.eu-west-1.compute.amazonaws.com
d.adroll.com
2    52.29.21.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-21-152.eu-central-1.compute.amazonaws.com
eb2.3lift.com
2    52.28.38.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-38-209.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    185.33.223.208 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    34.95.92.78 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com
idsync.rlcdn.com
2    173.241.240.143 (Amsterdam, Netherlands)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
us-u.openx.net
2    216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net
cm.g.doubleclick.net
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
15 d.adroll.com 7 redirects s.adroll.com
13 cloud.esker.com cloud.esker.com
3 connect.facebook.net s.adroll.com
connect.facebook.net
3 fonts.gstatic.com cloud.esker.com
3 ssl.google-analytics.com 1 redirects cloud.esker.com
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects
2 x.bidswitch.net 1 redirects
2 eb2.3lift.com 1 redirects
2 s.adroll.com cloud.esker.com
2 www.google.de cloud.esker.com
2 www.google.com 1 redirects cloud.esker.com
2 munchkin.marketo.net cloud.esker.com
munchkin.marketo.net
2 fonts.googleapis.com cloud.esker.com
1 www.facebook.com
1 idsync.rlcdn.com
1 ib.adnxs.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 355-ahg-779.mktoresp.com munchkin.marketo.net
1 www.googletagmanager.com cloud.esker.com
0 attribution.webmarketing123.com Failed cloud.esker.com
49 23

This site contains links to these domains. Also see Links.

Domain
www.esker.com
Subject Issuer Validity Valid
*.esker.com
DigiCert SHA2 Secure Server CA		 2018-05-03 -
2020-05-27		 2 years crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2018-12-24 -
2020-03-24		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.mktoresp.com
GeoTrust RSA CA 2018		 2018-02-05 -
2020-02-05		 2 years crt.sh
www.googleadservices.com
Google Internet Authority G3		 2019-05-21 -
2019-08-13		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA		 2018-12-19 -
2020-03-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-07-21		 3 months crt.sh
*.3lift.com
Amazon		 2018-07-31 -
2019-08-31		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2019-04-17 -
2020-05-04		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-24 -
2020-04-23		 a year crt.sh
*.openx.net
DigiCert ECC Secure Server CA		 2019-02-08 -
2020-05-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://cloud.esker.com/fm/others/security/
Frame ID: 586751A1D98A5BBFAC14EB49781AFB68
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /(?:<!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)|function MM_preloadImages\(\) \{)/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i
  • env /^adroll_/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^Munchkin$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

49
Requests

98 %
HTTPS

41 %
IPv6

20
Domains

23
Subdomains

21
IPs

6
Countries

410 kB
Transfer

922 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1832253948&utmhn=cloud.esker.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=What%20you%20need%20to%20know%20about%20fraudulent%20emails&utmhid=1889554575&utmr=-&utmp=%2Ffm%2Fothers%2Fsecurity%2F&utmht=1559752039560&utmac=UA-3092307-3&utmcc=__utma%3D16921964.713520676.1559752040.1559752040.1559752040.1%3B%2B__utmz%3D16921964.1559752040.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1675925355&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAgE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3092307-3&cid=713520676.1559752040&jid=1675925355&_v=5.7.2&z=1832253948 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3092307-3&cid=713520676.1559752040&jid=1675925355&_v=5.7.2&z=1832253948 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3092307-3&cid=713520676.1559752040&jid=1675925355&_v=5.7.2&z=1832253948&slf_rd=1&random=4139495641
Request Chain 31
  • https://d.adroll.com/pixel/AXAYXEHCGJBW5I7YCGCUAT/YC3LDJ6Y65FJNFO3YTH4VB?adroll_fpc=86917dbb1ca285dde955a36bade1e898-1559752040082&pv=31840695382.32388&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fcloud.esker.com%2Ffm%2Fothers%2Fsecurity%2F HTTP 302
  • https://s.adroll.com/pixel/AXAYXEHCGJBW5I7YCGCUAT/YC3LDJ6Y65FJNFO3YTH4VB/HBCL6UEDYBFYLLB3ZSBCP3.js
Request Chain 39
  • https://d.adroll.com/cm/triplelift/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=ZTMzMmIwZjRlNGVhYTdiMjc3YTk3ODFlZWY4ZjA1Mjg&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZTMzMmIwZjRlNGVhYTdiMjc3YTk3ODFlZWY4ZjA1Mjg&dongle=c85e&gdpr=1&cmp_cs=
Request Chain 40
  • https://d.adroll.com/cm/b/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NDM0MTllNjU3OGY4NzQzYzczYzJiNTBhZDlmNjkxYjc HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NDM0MTllNjU3OGY4NzQzYzczYzJiNTBhZDlmNjkxYjc
Request Chain 41
  • https://d.adroll.com/cm/x/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=ZTkyZmUxN2ZjOGJmNDkyODBlNjU1ZmY3NWQ1MGQzNzM
Request Chain 42
  • https://d.adroll.com/cm/l/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=64dbeb1fca8c4108df2c2dc2c469afc1
Request Chain 43
  • https://d.adroll.com/cm/o/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=5f596d0ef636969898b8c6dfd1c3114c HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=5f596d0ef636969898b8c6dfd1c3114c
Request Chain 44
  • https://d.adroll.com/cm/g/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT&google_nid=adroll4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=40BFnxMkm2LNFB28R6xj-A&google_ula=1535926 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=40BFnxMkm2LNFB28R6xj-A&google_ula=1535926&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in?google_ula=1535926,0

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
cloud.esker.com/fm/others/security/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.80.151.24 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
6e2ceabc4549bb6ad411245911899942733853778f9473dc1c477a09d43a0ff5

Request headers

Host
cloud.esker.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
Set-Cookie
ASPSESSIONIDAGCBBCQD=MIJKCPGDEGFOCCHIBPNPIKIL; secure; path=/
Date
Wed, 05 Jun 2019 16:27:17 GMT
Content-Length
3668
css
fonts.googleapis.com/ 		4 KB
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
78b37ed8e1576145bcf491de5d2c9db26ed81845fdbb48537f9248912dd92a24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 05 Jun 2019 16:27:18 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 05 Jun 2019 16:27:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 05 Jun 2019 16:27:18 GMT
css
fonts.googleapis.com/ 		799 B
408 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0d70a99651474556b2f530101988ff7680eccc4778829bde520e80f3583ef578
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 05 Jun 2019 16:27:18 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 05 Jun 2019 16:27:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 05 Jun 2019 16:27:18 GMT
esker.min.css
cloud.esker.com/common/2013/css/ 		50 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.esker.com/common/2013/css/esker.min.css?version=1.2
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.80.151.24 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
899f6b9062317bf615809835f53cc880e7af298d1f55d54302d33c833da47dec

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Jun 2016 09:13:12 GMT
Server
Microsoft-IIS/8.5
ETag
"0c46a4b1dd1d11:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
10255
jquery-1.8.2.min.js
cloud.esker.com/common/2013/jquery/ 		91 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.esker.com/common/2013/jquery/jquery-1.8.2.min.js
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.80.151.24 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
d9417f26dd8238bab43152d96c24338358acd0fa024791dc3d2915dcdf3a10d4

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jun 2016 08:50:16 GMT
Server
Microsoft-IIS/8.5
ETag
"05479c519c6d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
42581
jquery-ui-1.10.2.custom.tabsandeffects.min.js
cloud.esker.com/common/2013/jquery/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.esker.com/common/2013/jquery/jquery-ui-1.10.2.custom.tabsandeffects.min.js
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.80.151.24 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
aaadc074725de4b95f90c6890838692ac71aad7937de0c7d5604c99c485514f4

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jun 2016 08:50:18 GMT
Server
Microsoft-IIS/8.5
ETag
"081aac619c6d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
15066
jquery.tools.tooltip.min.js
cloud.esker.com/common/2013/jquery/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.esker.com/common/2013/jquery/jquery.tools.tooltip.min.js
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.80.151.24 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
1ce5e85a9ed77d13bf0d7d18cd3dd9bb8dc8c0895292a1c2a49f71c5087ccb02

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 May 2019 11:49:12 GMT
Server
Microsoft-IIS/8.5
ETag
"02c648ba6cd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1786
jquery-banner-rotator.js
cloud.esker.com/common/2013/jquery/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.esker.com/common/2013/jquery/jquery-banner-rotator.js
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.80.151.24 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
4568502a976a6225dbf133d53489014a0bdb9b0698603452e505b502eba8dfae

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jun 2016 08:50:16 GMT
Server
Microsoft-IIS/8.5
ETag
"05479c519c6d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
10890
jquery.cookie.js
cloud.esker.com/common/2013/jquery/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.esker.com/common/2013/jquery/jquery.cookie.js
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.80.151.24 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
9fc1ebdd1d49741a4f0aeb25fafa46d73290cb1381aed455ff8d23b44570acc1

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jun 2016 08:50:18 GMT
Server
Microsoft-IIS/8.5
ETag
"081aac619c6d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1300
common.min.js
cloud.esker.com/includes/2013/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.esker.com/includes/2013/common.min.js?v=2
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.80.151.24 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
229313a347b65c4356c21f5ef5975b99c6cd7565cb257f7b1f09da278c333e5b

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Jul 2016 14:02:44 GMT
Server
Microsoft-IIS/8.5
ETag
"09a32efde0d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
7053
alerte_icon.png
cloud.esker.com/fm/others/security/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.esker.com/fm/others/security/img/alerte_icon.png
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.80.151.24 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
4270f6ada8322773931f4695ded661719267f1220e4dc272c962426903aa20e1

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:18 GMT
Last-Modified
Wed, 15 Jun 2016 08:38:34 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"061764de1c6d11:0"
Content-Length
5850
Content-Type
image/png
IE.png
cloud.esker.com/fm/others/security/img/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.esker.com/fm/others/security/img/IE.png
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.80.151.24 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
123517d977940647deeb41d5811df8f10c8f2f2fdf5931c9487221b3d852eff2

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:18 GMT
Last-Modified
Wed, 15 Jun 2016 08:38:32 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"034454ce1c6d11:0"
Content-Length
35035
Content-Type
image/png
GC.png
cloud.esker.com/fm/others/security/img/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.esker.com/fm/others/security/img/GC.png
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.80.151.24 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
467913a305cacde5ef78a8d74f4491cd94295662b93ea7c9533db7a91b7e5bb7

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:18 GMT
Last-Modified
Wed, 03 Apr 2019 09:57:03 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"146aba963ead41:0"
Content-Length
39369
Content-Type
image/png
FF.png
cloud.esker.com/fm/others/security/img/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.esker.com/fm/others/security/img/FF.png
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.80.151.24 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
ed8b329c24b8c30d3dd3efdc9dd8603537b669cbd2c7dc6f95791cb701084ce8

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:18 GMT
Last-Modified
Wed, 15 Jun 2016 08:38:34 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"061764de1c6d11:0"
Content-Length
33748
Content-Type
image/png
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.223 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-84-223.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Apr 2019 02:53:44 GMT
Server
Apache
ETag
"54520320df20b526337717d6d28181fc:1554432824"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
4235
date
Wed, 05 Jun 2019 15:16:44 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17168
expires
Wed, 05 Jun 2019 17:16:44 GMT
1Ptrg8zYS_SKggPNwIYqWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v13/1Ptrg8zYS_SKggPNwIYqWqZPANqczVs.woff2
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63faac0a35283fa66924f73966386a8e1e41dac3f1c957f9b02c924c7fd0121d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Raleway:300
Origin
https://cloud.esker.com

Response headers

date
Mon, 03 Jun 2019 19:10:57 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:11:48 GMT
server
sffe
age
162982
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13316
x-xss-protection
0
expires
Tue, 02 Jun 2020 19:10:57 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700
Origin
https://cloud.esker.com

Response headers

date
Sun, 02 Jun 2019 04:36:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
301869
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Mon, 01 Jun 2020 04:36:10 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700
Origin
https://cloud.esker.com

Response headers

date
Sun, 02 Jun 2019 16:28:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:03 GMT
server
sffe
age
259108
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Mon, 01 Jun 2020 16:28:51 GMT
gtm.js
www.googletagmanager.com/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSSKCD
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
f48341e48d1f0c6fb523c3d1438600957b63318e78bdad3ac527d18d1aed725d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 16:27:19 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
22812
x-xss-protection
0
expires
Wed, 05 Jun 2019 16:27:19 GMT
munchkin.js
munchkin.marketo.net/155/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/155/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.223 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-84-223.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Nov 2018 03:18:20 GMT
Server
Apache
ETag
"c67dad42946949112916578f78706df8:1543547900"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
3923
Expires
Fri, 13 Sep 2019 16:27:19 GMT
icon_close_video.png
cloud.esker.com/common/assets/global/ 		837 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.esker.com/common/assets/global/icon_close_video.png
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.80.151.24 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
2c7e715792a5fed9d843e9e33e9e08379346943e0f6e48a4a3b729f2a8c85cfc

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 16:27:19 GMT
Last-Modified
Tue, 14 Jun 2016 09:41:40 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"062aef320c6d11:0"
Content-Length
837
Content-Type
image/png
visitWebPage
355-ahg-779.mktoresp.com/webevents/ 		43 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://355-ahg-779.mktoresp.com/webevents/visitWebPage?_mchNc=1559752039516&_mchCn=&_mchId=355-AHG-779&_mchTk=_mch-esker.com-1559752039516-44223&_mchHo=cloud.esker.com&_mchPo=&_mchRu=%2Ffm%2Fothers%2Fsecurity%2F&_mchPc=https%3A&_mchVr=155&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/155/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.15.213.11 , United States, ASN53580 (MARKETO - MARKETO, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cloud.esker.com/fm/others/security/
Origin
https://cloud.esker.com

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 16:27:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Jun 2019 11:27:20 -0500
Server
Apache
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=5, max=100
Content-Length
43
Expires
-1
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
4235
date
Wed, 05 Jun 2019 15:16:44 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17168
expires
Wed, 05 Jun 2019 17:16:44 GMT
wm.min.js
attribution.webmarketing123.com/tools/ 		0
0
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSSKCD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 16:27:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8912
x-xss-protection
0
server
cafe
etag
11386026576561889187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 05 Jun 2019 16:27:19 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1832253948&utmhn=cloud.esker.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3092307-3&cid=713520676.1559752040&jid=1675925355&_v=5.7.2&z=1832253948
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3092307-3&cid=713520676.1559752040&jid=1675925355&_v=5.7.2&z=1832253948
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3092307-3&cid=713520676.1559752040&jid=1675925355&_v=5.7.2&z=1832253948&slf_rd=1&random=4139495641
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3092307-3&cid=713520676.1559752040&jid=1675925355&_v=5.7.2&z=1832253948&slf_rd=1&random=4139495641
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jun 2019 16:27:19 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jun 2019 16:27:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3092307-3&cid=713520676.1559752040&jid=1675925355&_v=5.7.2&z=1832253948&slf_rd=1&random=4139495641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/986712234/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986712234/?random=1559752039587&cv=9&fst=1559752039587&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5m0&sendb=1&frm=0&url=https%3A%2F%2Fcloud.esker.com%2Ffm%2Fothers%2Fsecurity%2F&tiba=What%20you%20need%20to%20know%20about%20fraudulent%20emails&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
efa28b7fe32daf560ae0d7656258a6c9c86fa34f3fa9ce0e99ba17b5b416c93f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jun 2019 16:27:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
975
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/986712234/ 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/986712234/?random=1559752039587&cv=9&fst=1559750400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5m0&sendb=1&frm=0&url=https%3A%2F%2Fcloud.esker.com%2Ffm%2Fothers%2Fsecurity%2F&tiba=What%20you%20need%20to%20know%20about%20fraudulent%20emails&async=1&fmt=3&cdct=2&is_vtc=1&random=3176233835&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jun 2019 16:27:19 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/986712234/ 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/986712234/?random=1559752039587&cv=9&fst=1559750400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5m0&sendb=1&frm=0&url=https%3A%2F%2Fcloud.esker.com%2Ffm%2Fothers%2Fsecurity%2F&tiba=What%20you%20need%20to%20know%20about%20fraudulent%20emails&async=1&fmt=3&cdct=2&is_vtc=1&random=3176233835&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jun 2019 16:27:19 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
roundtrip.js
s.adroll.com/j/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: cloud.esker.com
URL: https://cloud.esker.com/fm/others/security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8aa2d4a076b1df43e751a2dca70d57a2c6098758addfc7c13e7076337564e0fd

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
0KvjO0PSxb_aRPpEctl8rXy5kbeLg3Al
Content-Encoding
gzip
x-amz-request-id
40FE85C4C9F6C9C5
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Wed, 05 Jun 2019 16:27:19 GMT
Connection
keep-alive
Content-Length
10323
x-amz-id-2
Z8FRLCjiCrNv7ODKvm7cBkksOER9yFd0ycpcEz249zelF0yMhhYNe/DHwMNNVexdwcX0h9wznlc=
Last-Modified
Wed, 29 May 2019 15:13:20 GMT
Server
AmazonS3
ETag
"089df3afc0b2c1dede17edfaf42eee33"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
AXAYXEHCGJBW5I7YCGCUAT
d.adroll.com/consent/check/ 		40 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/AXAYXEHCGJBW5I7YCGCUAT?_s=26bf8431d10074df745cc4ee20c86ad9
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.94.157 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-94-157.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
867bd168728faba904fe15de941932d1d7537130b0edb918970901435cf39929

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 16:27:20 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/javascript
Content-Length
40
HBCL6UEDYBFYLLB3ZSBCP3.js
s.adroll.com/pixel/AXAYXEHCGJBW5I7YCGCUAT/YC3LDJ6Y65FJNFO3YTH4VB/
Redirect Chain
  • https://d.adroll.com/pixel/AXAYXEHCGJBW5I7YCGCUAT/YC3LDJ6Y65FJNFO3YTH4VB?adroll_fpc=86917dbb1ca285dde955a36bade1e898-1559752040082&pv=31840695382.32388&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2...
  • https://s.adroll.com/pixel/AXAYXEHCGJBW5I7YCGCUAT/YC3LDJ6Y65FJNFO3YTH4VB/HBCL6UEDYBFYLLB3ZSBCP3.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/AXAYXEHCGJBW5I7YCGCUAT/YC3LDJ6Y65FJNFO3YTH4VB/HBCL6UEDYBFYLLB3ZSBCP3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
faeff31b6afd720f9647b76e46860ff140d894b3c89af107d772ea2e4cfd0a1e

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
WOxn2IynmnA_z0zts6xxDz29cR5pZpvr
Content-Encoding
gzip
x-amz-request-id
86A85691B7F8BF33
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Wed, 05 Jun 2019 16:27:20 GMT
Connection
keep-alive
Content-Length
1423
x-amz-id-2
2AgSFBNdrnstiZbb+3LJo2/eDE9P68VPS3aeOkcqbN2XMrPykjuPCHSR6DMpQcXBQOAtSV5hj98=
Last-Modified
Wed, 22 May 2019 00:09:50 GMT
Server
AmazonS3
ETag
"62ca36c21674b7fde3c0286af85dffe3"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Wed, 05 Jun 2019 16:27:20 GMT
X-Segment-Display-Name
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection
keep-alive
Content-Length
0
Pragma
no-cache
X-Conversion-Value
0.0
Server
nginx/1.14.1
X-Rule
*
X-Segment-Eid
HBCL6UEDYBFYLLB3ZSBCP3
Location
https://s.adroll.com/pixel/AXAYXEHCGJBW5I7YCGCUAT/YC3LDJ6Y65FJNFO3YTH4VB/HBCL6UEDYBFYLLB3ZSBCP3.js
Cache-Control
no-store, no-cache, must-revalidate
X-Pixel-Eid
YC3LDJ6Y65FJNFO3YTH4VB
X-Segment-Name
*
X-Advertisable-Eid
AXAYXEHCGJBW5I7YCGCUAT
X-Conversion-Currency
fbevents.js
connect.facebook.net/en_US/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/pixel/AXAYXEHCGJBW5I7YCGCUAT/YC3LDJ6Y65FJNFO3YTH4VB/HBCL6UEDYBFYLLB3ZSBCP3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
76ea9ffb498d4afa3e7499fe8663594985fbe902bab9d01db87e94e976738b4f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
16245
x-xss-protection
0
pragma
public
x-fb-debug
pJu5alUoVa5hbWfuOCPqwg5dJzR0NQ7uJxcbDTYDhVpy6cDLY2qmLjT9nYn2zOBdSl9t8HP+eh/Vb8PVpvVtiA==
date
Wed, 05 Jun 2019 16:27:20 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
out
d.adroll.com/cm/aol/ 		42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/aol/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.94.157 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-94-157.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 16:27:20 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
out
d.adroll.com/cm/index/ 		42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.94.157 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-94-157.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 16:27:20 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
out
d.adroll.com/cm/n/ 		42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/n/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.94.157 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-94-157.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 16:27:20 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
out
d.adroll.com/cm/outbrain/ 		42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/outbrain/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.94.157 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-94-157.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 16:27:20 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
out
d.adroll.com/cm/pubmatic/ 		42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/pubmatic/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.119.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-79-125-119-113.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 16:27:20 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
out
d.adroll.com/cm/taboola/ 		42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/taboola/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.119.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-79-125-119-113.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 16:27:20 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT
  • https://eb2.3lift.com/xuid?mid=4714&xuid=ZTMzMmIwZjRlNGVhYTdiMjc3YTk3ODFlZWY4ZjA1Mjg&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZTMzMmIwZjRlNGVhYTdiMjc3YTk3ODFlZWY4ZjA1Mjg&dongle=c85e&gdpr=1&cmp_cs=
37 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZTMzMmIwZjRlNGVhYTdiMjc3YTk3ODFlZWY4ZjA1Mjg&dongle=c85e&gdpr=1&cmp_cs=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.21.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-21-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 05 Jun 2019 16:27:20 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
37
content-type
image/gif

Redirect headers

status
302
date
Wed, 05 Jun 2019 16:27:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
/xuid?ld=1&mid=4714&xuid=ZTMzMmIwZjRlNGVhYTdiMjc3YTk3ODFlZWY4ZjA1Mjg&dongle=c85e&gdpr=1&cmp_cs=
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NDM0MTllNjU3OGY4NzQzYzczYzJiNTBhZDlmNjkxYjc
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NDM0MTllNjU3OGY4NzQzYzczYzJiNTBhZDlmNjkxYjc
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NDM0MTllNjU3OGY4NzQzYzczYzJiNTBhZDlmNjkxYjc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.38.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-38-209.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 05 Jun 2019 16:27:20 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Wed, 05 Jun 2019 16:27:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NDM0MTllNjU3OGY4NzQzYzczYzJiNTBhZDlmNjkxYjc
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT
  • https://ib.adnxs.com/setuid?entity=172&code=ZTkyZmUxN2ZjOGJmNDkyODBlNjU1ZmY3NWQ1MGQzNzM
43 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=172&code=ZTkyZmUxN2ZjOGJmNDkyODBlNjU1ZmY3NWQ1MGQzNzM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 16:27:22 GMT
AN-X-Request-Uuid
a805f211-65cc-4727-a3fb-21683208a370
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
83.97.23.37; 83.97.23.37; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 16:27:20 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://ib.adnxs.com/setuid?entity=172&code=ZTkyZmUxN2ZjOGJmNDkyODBlNjU1ZmY3NWQ1MGQzNzM
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
93
377928.gif
idsync.rlcdn.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT
  • https://idsync.rlcdn.com/377928.gif?partner_uid=64dbeb1fca8c4108df2c2dc2c469afc1
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/377928.gif?partner_uid=64dbeb1fca8c4108df2c2dc2c469afc1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.92.78 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
78.92.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Wed, 05 Jun 2019 16:27:20 GMT
via
1.1 google
alt-svc
clear

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 16:27:20 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://idsync.rlcdn.com/377928.gif?partner_uid=64dbeb1fca8c4108df2c2dc2c469afc1
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
86
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=5f596d0ef636969898b8c6dfd1c3114c
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=5f596d0ef636969898b8c6dfd1c3114c
43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=5f596d0ef636969898b8c6dfd1c3114c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jun 2019 16:27:20 GMT
server
OXGW/16.146.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status
302
date
Wed, 05 Jun 2019 16:27:20 GMT
server
OXGW/16.146.0
content-length
0
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=5f596d0ef636969898b8c6dfd1c3114c
p3p
CP="CUR ADM OUR NOR STA NID"
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?advertisable=AXAYXEHCGJBW5I7YCGCUAT&google_nid=adroll4
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=40BFnxMkm2LNFB28R6xj-A&google_ula=1535926
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=40BFnxMkm2LNFB28R6xj-A&google_ula=1535926&google_tc=
  • https://d.adroll.com/cm/g/in?google_ula=1535926,0
42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.119.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-79-125-119-113.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 16:27:20 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
X-Result
g.-1.-1.1535926.0.-1

Redirect headers

pragma
no-cache
date
Wed, 05 Jun 2019 16:27:20 GMT
server
HTTP server (unknown)
location
https://d.adroll.com/cm/g/in?google_ula=1535926,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
246
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
807057649350330
connect.facebook.net/signals/config/ 		228 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/807057649350330?v=2.8.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6b289197545ec050089543c321bc075c2427e6f0f221470dbcbfb5c19e62d500
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
AEhUWDaUtIXVTOEU+UMaEyIrf3yc55/UZu1ROLIPVg/utBk5TrE5IVexjzuWPk4hyZPen3gVCJ4d4kjAz8on/w==
date
Wed, 05 Jun 2019 16:27:20 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
CfXyVZHI6//UE3Umou13+qCKcIq/s40JD1s7ZG2tHHu32fTy+rzza4NFzQaCmURSVvaM7Tdb5lbQvy3SBtLsug==
date
Wed, 05 Jun 2019 16:27:20 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=807057649350330&ev=PageView&dl=https%3A%2F%2Fcloud.esker.com%2Ffm%2Fothers%2Fsecurity%2F&rl=&if=false&ts=1559752040620&cd[segment_eid]=HBCL6UEDYBFYLLB3ZSBCP3&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=29&fbp=fb.1.1559752040619.1199726959&it=1559752040379&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://cloud.esker.com/fm/others/security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 16:27:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 05 Jun 2019 16:27:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
attribution.webmarketing123.com
URL
https://attribution.webmarketing123.com/tools/wm.min.js

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| launchWindow function| IsValidString function| IsValidEmail function| IsInRange function| IsValidNumber string| current_href string| current_title string| gLanguage object| _gaq string| adroll_adv_id string| adroll_pix_id object| dataLayer function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| jQuery18208866876776379986 object| _gat object| MunchkinTracker object| google_tag_manager object| _wmq object| gaGlobal function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars function| fbq function| _fbq

8 Cookies

Domain/Path Name / Value
.esker.com/ Name: __utmb
Value: 16921964.1.10.1559752040
.esker.com/ Name: __utmc
Value: 16921964
.esker.com/ Name: _mkto_trk
Value: id:355-AHG-779&token:_mch-esker.com-1559752039516-44223
.esker.com/ Name: __utma
Value: 16921964.713520676.1559752040.1559752040.1559752040.1
.esker.com/ Name: __utmt
Value: 1
.esker.com/ Name: __utmz
Value: 16921964.1559752040.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.esker.com/ Name: __utmd
Value: 1
cloud.esker.com/ Name: ASPSESSIONIDAGCBBCQD
Value: MIJKCPGDEGFOCCHIBPNPIKIL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

355-ahg-779.mktoresp.com
attribution.webmarketing123.com
cloud.esker.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
munchkin.marketo.net
s.adroll.com
ssl.google-analytics.com
stats.g.doubleclick.net
us-u.openx.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
attribution.webmarketing123.com
172.217.22.34
173.241.240.143
184.31.84.223
185.33.223.208
199.15.213.11
2.18.233.40
216.58.207.34
2a00:1450:4001:808::2003
2a00:1450:4001:819::200a
2a00:1450:4001:81d::2004
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2008
2a00:1450:4001:820::2002
2a00:1450:400c:c06::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.95.92.78
40.80.151.24
52.28.38.209
52.29.21.152
54.247.94.157
79.125.119.113
0d70a99651474556b2f530101988ff7680eccc4778829bde520e80f3583ef578
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
123517d977940647deeb41d5811df8f10c8f2f2fdf5931c9487221b3d852eff2
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1ce5e85a9ed77d13bf0d7d18cd3dd9bb8dc8c0895292a1c2a49f71c5087ccb02
229313a347b65c4356c21f5ef5975b99c6cd7565cb257f7b1f09da278c333e5b
2c7e715792a5fed9d843e9e33e9e08379346943e0f6e48a4a3b729f2a8c85cfc
4270f6ada8322773931f4695ded661719267f1220e4dc272c962426903aa20e1
4568502a976a6225dbf133d53489014a0bdb9b0698603452e505b502eba8dfae
467913a305cacde5ef78a8d74f4491cd94295662b93ea7c9533db7a91b7e5bb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
63faac0a35283fa66924f73966386a8e1e41dac3f1c957f9b02c924c7fd0121d
66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76
6b289197545ec050089543c321bc075c2427e6f0f221470dbcbfb5c19e62d500
6e2ceabc4549bb6ad411245911899942733853778f9473dc1c477a09d43a0ff5
76ea9ffb498d4afa3e7499fe8663594985fbe902bab9d01db87e94e976738b4f
78b37ed8e1576145bcf491de5d2c9db26ed81845fdbb48537f9248912dd92a24
867bd168728faba904fe15de941932d1d7537130b0edb918970901435cf39929
899f6b9062317bf615809835f53cc880e7af298d1f55d54302d33c833da47dec
8aa2d4a076b1df43e751a2dca70d57a2c6098758addfc7c13e7076337564e0fd
9fc1ebdd1d49741a4f0aeb25fafa46d73290cb1381aed455ff8d23b44570acc1
aaadc074725de4b95f90c6890838692ac71aad7937de0c7d5604c99c485514f4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d9417f26dd8238bab43152d96c24338358acd0fa024791dc3d2915dcdf3a10d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed8b329c24b8c30d3dd3efdc9dd8603537b669cbd2c7dc6f95791cb701084ce8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa28b7fe32daf560ae0d7656258a6c9c86fa34f3fa9ce0e99ba17b5b416c93f
efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
f48341e48d1f0c6fb523c3d1438600957b63318e78bdad3ac527d18d1aed725d
faeff31b6afd720f9647b76e46860ff140d894b3c89af107d772ea2e4cfd0a1e