forensics.barracudanetworks.com Open in urlscan Pro
99.86.243.54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
Submission: On September 25 via manual (September 25th 2020, 9:25:17 pm UTC) from CA

Summary HTTP 63 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 24 domains to perform 63 HTTP transactions. The main IP is 99.86.243.54, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is forensics.barracudanetworks.com.
TLS certificate: Issued by Amazon on February 6th 2020. Valid for: a year.

This is the only time forensics.barracudanetworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	99.86.243.54 99.86.243.54	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3032::681c:17e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	35.186.241.51 35.186.241.51	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1 1	99.86.7.67 99.86.7.67	16509 (AMAZON-02) (AMAZON-02)
5	99.86.243.34 99.86.243.34	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1 6	23.210.248.216 23.210.248.216	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 1	63.32.63.32 63.32.63.32	16509 (AMAZON-02) (AMAZON-02)
8 12	54.171.23.184 54.171.23.184	16509 (AMAZON-02) (AMAZON-02)
6	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1 2	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
1	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
1 2	52.59.64.254 52.59.64.254	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
63	26

12 99.86.243.54 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-54.vie50.r.cloudfront.net

forensics.barracudanetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::681c:17e1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.noticeable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.207.66 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.241.51 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.67 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-67.fra6.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.243.34 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-34.vie50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.210.248.216 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-216.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.63.32 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-63-32.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.171.23.184 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-23-184.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

api.noticeable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.38 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f38.1e100.net

6496512.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.219.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::2000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.64.254 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-64-254.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.145 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	adroll.com 9 redirects s.adroll.com d.adroll.com	26 KB
12	barracudanetworks.com forensics.barracudanetworks.com	5 MB
11	noticeable.io cdn.noticeable.io api.noticeable.io	234 KB
5	doubleclick.net 3 redirects stats.g.doubleclick.net 6496512.fls.doubleclick.net cm.g.doubleclick.net	2 KB
5	intercomcdn.com js.intercomcdn.com	199 KB
4	nr-data.net bam.nr-data.net	878 B
2	openx.net 1 redirects us-u.openx.net	480 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1004 B
2	facebook.net connect.facebook.net	166 KB
2	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	facebook.com www.facebook.com	146 B
1	yahoo.com 1 redirects ads.yahoo.com	734 B
1	pubmatic.com simage2.pubmatic.com	1010 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	google.de www.google.de	106 B
1	google.com www.google.com	106 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	mixpanel.com api-js.mixpanel.com	338 B
1	gstatic.com fonts.gstatic.com	14 KB
1	mxpnl.com cdn.mxpnl.com	27 KB
1	googleadservices.com www.googleadservices.com	12 KB
1	googleapis.com fonts.googleapis.com	755 B
63	24

	Domain	Requested by
12	d.adroll.com	8 redirects
12	forensics.barracudanetworks.com	forensics.barracudanetworks.com
6	api.noticeable.io	forensics.barracudanetworks.com
6	s.adroll.com	1 redirects forensics.barracudanetworks.com s.adroll.com d.adroll.com
5	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com
5	cdn.noticeable.io	forensics.barracudanetworks.com cdn.noticeable.io
4	bam.nr-data.net	js-agent.newrelic.com forensics.barracudanetworks.com
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	x.bidswitch.net	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	connect.facebook.net	d.adroll.com connect.facebook.net
2	6496512.fls.doubleclick.net	1 redirects
2	www.google-analytics.com	forensics.barracudanetworks.com
1	www.facebook.com
1	ads.yahoo.com	1 redirects
1	simage2.pubmatic.com
1	api-iam.intercom.io	js.intercomcdn.com
1	d.adroll.mgr.consensu.org	1 redirects
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	forensics.barracudanetworks.com
1	widget.intercom.io	1 redirects
1	js-agent.newrelic.com	forensics.barracudanetworks.com
1	api-js.mixpanel.com	forensics.barracudanetworks.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.mxpnl.com	forensics.barracudanetworks.com
1	www.googleadservices.com	forensics.barracudanetworks.com
1	fonts.googleapis.com	forensics.barracudanetworks.com
63	29

This site contains links to these domains. Also see Links.

Domain
www.barracuda.com

Subject Issuer	Validity	Valid
*.forensics.barracudanetworks.com Amazon	`2020-02-06` - `2021-03-06`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-09` - `2021-05-07`	8 months	crt.sh
*.intercomcdn.com Amazon	`2020-03-29` - `2021-04-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh
qa.crewchiefga.com Let's Encrypt Authority X3	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.intercom.com Amazon	`2020-05-13` - `2021-06-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
Frame ID: 9DEDD8AD15876A775D4B4FEE00CD154C
Requests: 133 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.230bb7b5.js
Frame ID: 36C13CC70F1B74F0C150BB1DB48B5348
Requests: 5 HTTP requests in this frame

Frame: https://6496512.fls.doubleclick.net/activityi;dc_pre=COzw8ZafhewCFcTiuwgdDG4OgA;src=6496512;type=ukbat0;cat=decte0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7709491152134.465
Frame ID: 4EFADB00F73B4565DB11367FF4D66712
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

63
Requests

97 %
HTTPS

39 %
IPv6

24
Domains

29
Subdomains

26
IPs

6
Countries

5884 kB
Transfer

26025 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.barracuda.com/support/security
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://widget.intercom.io/widget/ae2du23r HTTP 302
https://js.intercomcdn.com/shim.latest.js

Request Chain 105

https://s.adroll.com/j/exp/T6GUPQIK5REDFO6FQ66AFC/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 107

https://d.adroll.mgr.consensu.org/consent/iabcheck/T6GUPQIK5REDFO6FQ66AFC?_s=3c3bc410e277b947728ef6a58e35b490&_b=2 HTTP 302
https://d.adroll.com/consent/check/T6GUPQIK5REDFO6FQ66AFC/?_s=3c3bc410e277b947728ef6a58e35b490&_b=2

Request Chain 123

https://6496512.fls.doubleclick.net/activityi;src=6496512;type=ukbat0;cat=decte0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7709491152134.465 HTTP 302
https://6496512.fls.doubleclick.net/activityi;dc_pre=COzw8ZafhewCFcTiuwgdDG4OgA;src=6496512;type=ukbat0;cat=decte0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7709491152134.465

Request Chain 125

https://d.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&pv=14795488698.360847&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/67KGJPTPU5CEJF7HLAFHW3.js

Request Chain 129

https://d.adroll.com/cm/g/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&advertisable=T6GUPQIK5REDFO6FQ66AFC HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=GXi8E06Lns5z-Lmagx5vNw HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 130

https://d.adroll.com/cm/aol,index,l,outbrain,pubmatic,n,taboola,triplelift,r/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&advertisable=T6GUPQIK5REDFO6FQ66AFC HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 131

https://d.adroll.com/cm/r/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&advertisable=T6GUPQIK5REDFO6FQ66AFC HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 132

https://d.adroll.com/cm/b/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&advertisable=T6GUPQIK5REDFO6FQ66AFC HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc

Request Chain 133

https://d.adroll.com/cm/x/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&advertisable=T6GUPQIK5REDFO6FQ66AFC HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=MTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc

Request Chain 134

https://d.adroll.com/cm/o/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&advertisable=T6GUPQIK5REDFO6FQ66AFC HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=1978bc134e8b9ece73f8b99a831e6f37 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=1978bc134e8b9ece73f8b99a831e6f37

Request Chain 135

https://d.adroll.com/cm/g/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&advertisable=T6GUPQIK5REDFO6FQ66AFC&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=GXi8E06Lns5z-Lmagx5vNw HTTP 302
https://d.adroll.com/cm/g/in

63 HTTP transactions
80 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
forensics.barracudanetworks.com/ 34 KB
12 KB 750ms
634ms Document
text/html 99.86.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-54.vie50.r.cloudfront.net

Software

Resource Hash

1227d7f97d9f3cf4e1b3a0d4b6ea19606c4ceee09e902752353548759823ccb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: forensics.barracudanetworks.com
:scheme: https
:path: /?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Fri, 25 Sep 2020 21:24:55 GMT
x-frame-options: SAMEORIGIN
x-download-options: noopen
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
set-cookie: XSRF-TOKEN=qPrXYlMF-7e6yMFXFvooBID5aTfO01W9Zrgo; path=/; samesite=none; secure XSRF-TOKEN.sig=FVXQrh6lfPW_MF4THv4J5MA2rWY; path=/; samesite=none; secure koa.cuda.sid=hMbD7Lau1-mmaHTC1dpxkIQH1SCExN4J; path=/; expires=Fri, 02 Oct 2020 21:24:55 GMT; domain=.barracudanetworks.com; samesite=none; secure; httponly koa.cuda.sid.sig=3Bhcp6xpb8FGRg-BtegTfcfVH3g; path=/; expires=Fri, 02 Oct 2020 21:24:55 GMT; domain=.barracudanetworks.com; samesite=none; secure; httponly
etag: W/"883d-yyq7qzl3Zggwa7y0MOqlY6oiO9c"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: PGc8z84Q4VUPSarySlfniDYyzsqkTmaCKt_3TqXOEPsMHnOnNlfvww==

GET
H2 200 css
fonts.googleapis.com/ 3 KB
755 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Mono|Lato&display=swap

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

497197245f2b0f397e3ad89de0ca05a4478831524c64a5b96eead1522291fa5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 21:24:56 GMT
server: ESF
date: Fri, 25 Sep 2020 21:24:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Sep 2020 21:24:56 GMT

GET
H2 200 vendor-27077869e2226307bffd.css
forensics.barracudanetworks.com/static/ 20 KB
5 KB 163ms
159ms Stylesheet
text/css 99.86.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forensics.barracudanetworks.com/static/vendor-27077869e2226307bffd.css

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-54.vie50.r.cloudfront.net

Software

Resource Hash

56fc393c993fcd39882f3e431873b3d101d9b10a351ccc3b3aa9c0de04113067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 25 Aug 2020 06:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2731065
x-cache: Hit from cloudfront
status: 200
content-length: 4488
last-modified: Thu, 20 Aug 2020 16:48:33 GMT
x-frame-options: SAMEORIGIN
etag: W/"1188-1740cc5a2e8"
x-download-options: noopen
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: hFUuTTOa5qwm4TaY_PqRaIYeBANoBg5ZMHJrssthbImjPOzXPDtirQ==

GET
H2 200 fir-bc4f7dc4cb1fd533b49f.css
forensics.barracudanetworks.com/static/ 23 KB
6 KB 84ms
80ms Stylesheet
text/css 99.86.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forensics.barracudanetworks.com/static/fir-bc4f7dc4cb1fd533b49f.css

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-54.vie50.r.cloudfront.net

Software

Resource Hash

8125e84ab238ed3c54231e245e130ed3032df6c8bbe31181d91605fc4bb6cbf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 05:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56315
x-cache: Hit from cloudfront
status: 200
content-length: 5349
last-modified: Thu, 24 Sep 2020 23:09:42 GMT
x-frame-options: SAMEORIGIN
etag: W/"14e5-174c2612af0"
x-download-options: noopen
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: z2XW4g8aGOHhisOj4qCkIassmBA1UK3YEL2HI9U8auUoRQicsnSbbQ==

GET
H2 200 noticeable-widget.js Show response
cdn.noticeable.io/v1/ 803 B
949 B 53ms
22ms Script
text/javascript 2606:4700:3032::681c:17e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.noticeable.io/v1/noticeable-widget.js

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681c:17e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f58097610edb84caeafe66f6112b9c2b067feeb074455fd2e3742491a46e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:24:56 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: HIT
age: 149099
x-cache: MISS
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0568c0b4ed000005bf72261200000001
x-served-by: cache-fra19120-FRA
last-modified: Tue, 21 Jan 2020 14:45:50 GMT
server: cloudflare
x-timer: S1597883549.793671,VS0,VE365
etag: W/"5a37dd55266b0406dcdf8660f14dc8ab856b168066246448e5ac533c02cc2784"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5d87d09b19f905bf-FRA
x-cache-hits: 0

GET
H2 200 barracuda-teeth-7b5b034dd3e050885d454324c73ffbe2.png
forensics.barracudanetworks.com/static/ 3 KB
3 KB 200ms
196ms Image
image/png 99.86.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forensics.barracudanetworks.com/static/barracuda-teeth-7b5b034dd3e050885d454324c73ffbe2.png

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-54.vie50.r.cloudfront.net

Software

Resource Hash

2bf5accc71b9ab97a812bd9bf34483945254afabb9ea04427c8e432de5b26c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 12:21:10 GMT
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 464626
x-cache: Hit from cloudfront
status: 200
content-length: 2722
last-modified: Mon, 31 Aug 2020 14:30:07 GMT
x-frame-options: SAMEORIGIN
etag: W/"aa2-17444ecd998"
x-download-options: noopen
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: ZP2jwY7dujhIFOvmwqX6kP2CS5SXhvd3gUlcKBIm3Iozq9ww0mB_6g==

GET
H2 200 manifest-ce083d58f47edd127e23.js Show response
forensics.barracudanetworks.com/static/ 806 B
1 KB 87ms
84ms Script
application/javascript 99.86.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forensics.barracudanetworks.com/static/manifest-ce083d58f47edd127e23.js

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-54.vie50.r.cloudfront.net

Software

Resource Hash

85531c36e82dae479860e689c0050db2c5027996d7aaf25530b6d11bd599b5ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 01:07:37 GMT
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1455439
x-cache: Hit from cloudfront
status: 200
content-length: 806
last-modified: Mon, 31 Aug 2020 14:30:07 GMT
x-frame-options: SAMEORIGIN
etag: W/"326-17444ecd998"
x-download-options: noopen
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: L6g7xCAx4l6jhnQmS4KsJzyHC1AEVRIlKjJ5ZfTZ0KzFztST0vBo4g==

GET
H2 200 vendor-27077869e2226307bffd.js Show response
forensics.barracudanetworks.com/static/ 20 MB
4 MB 98ms
95ms Script
application/javascript 99.86.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forensics.barracudanetworks.com/static/vendor-27077869e2226307bffd.js

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-54.vie50.r.cloudfront.net

Software

Resource Hash

2492772bacac2d8985416dd8d85b560550607d57c130708a9685588f58ae1e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 04:52:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 664373
x-cache: Hit from cloudfront
status: 200
content-length: 4649471
last-modified: Mon, 31 Aug 2020 14:30:07 GMT
x-frame-options: SAMEORIGIN
etag: W/"46f1ff-17444ecd998"
x-download-options: noopen
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: vEpkM7YYkDVgHuXU97j5PNvkLTT3Vg5ZFAzY5Wav13aXvBtR0kjq7w==

GET
H2 200 fir-bc4f7dc4cb1fd533b49f.js Show response
forensics.barracudanetworks.com/static/ 2 MB
391 KB 163ms
160ms Script
application/javascript 99.86.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forensics.barracudanetworks.com/static/fir-bc4f7dc4cb1fd533b49f.js

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-54.vie50.r.cloudfront.net

Software

Resource Hash

75af2196a7dae8306b63d992f0ce058c7e51e7e49347d7147ea6fd61f57a980d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 05:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56315
x-cache: Hit from cloudfront
status: 200
content-length: 399385
last-modified: Thu, 24 Sep 2020 23:09:42 GMT
x-frame-options: SAMEORIGIN
etag: W/"61819-174c2612af0"
x-download-options: noopen
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: pdwVXolxVyXYqH6_CpL0G7qnkUH1XEagD-W1U4hb_qwS5xNvQtwQ0g==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 162ms
56ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: cafe
etag: 12833363978352728442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Sep 2020 21:24:56 GMT

GET
H2 200 custom-elements-es5-adapter.js Show response
cdn.noticeable.io/v1/libs/webcomponentsjs/ 938 B
614 B 24ms
24ms Script
text/javascript 2606:4700:3032::681c:17e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.noticeable.io/v1/libs/webcomponentsjs/custom-elements-es5-adapter.js

Requested by

Host: cdn.noticeable.io
URL: https://cdn.noticeable.io/v1/noticeable-widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681c:17e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4460fccd65e471cf1af46da8c20b5d14e88cce41a1199cf6932dcc0faf6354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:24:56 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: HIT
age: 60967
x-cache: HIT
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0568c0b507000005bf72263200000001
x-served-by: cache-fra19154-FRA
last-modified: Tue, 21 Jan 2020 14:45:50 GMT
server: cloudflare
x-timer: S1592526164.068641,VS0,VE1
etag: W/"23dcb1299d67732cd1db73d04b67d423796da977056c1c6b5e246c4b7ef8a65a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5d87d09b3a6105bf-FRA
x-cache-hits: 1

GET
H2 200 webcomponents-loader.js Show response
cdn.noticeable.io/v1/libs/webcomponentsjs/ 4 KB
1 KB 12ms
12ms Script
text/javascript 2606:4700:3032::681c:17e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.noticeable.io/v1/libs/webcomponentsjs/webcomponents-loader.js

Requested by

Host: cdn.noticeable.io
URL: https://cdn.noticeable.io/v1/noticeable-widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681c:17e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3ed53279a8da1ed394cec205e6bcfefa5b5a97509dba76d139f0991c22fca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:24:56 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: HIT
age: 60967
x-cache: HIT
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0568c0b521000005bf72266200000001
x-served-by: cache-fra19173-FRA
last-modified: Tue, 21 Jan 2020 14:45:50 GMT
server: cloudflare
x-timer: S1592526164.102625,VS0,VE1
etag: W/"4de5ba187d81be00ae741ada9982bfc4a1c624738c97ac7a3af87fe8d7295ee8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5d87d09b6abb05bf-FRA
x-cache-hits: 1

GET
H2 200 webcomponents-hi.js Show response
cdn.noticeable.io/v1/libs/webcomponentsjs/ 11 KB
4 KB 19ms
18ms Script
text/javascript 2606:4700:3032::681c:17e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.noticeable.io/v1/libs/webcomponentsjs/webcomponents-hi.js

Requested by

Host: cdn.noticeable.io
URL: https://cdn.noticeable.io/v1/libs/webcomponentsjs/webcomponents-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681c:17e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f65a0f11dfb663a620dde743cab6c8434307b9aedea52c0f4c3f9ba52e5d706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:24:56 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: HIT
age: 231179
x-cache: MISS
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0568c0b530000005bf72269200000001
x-served-by: cache-fra19130-FRA
last-modified: Tue, 21 Jan 2020 14:45:50 GMT
server: cloudflare
x-timer: S1599627558.048130,VS0,VE285
etag: W/"c88ad881e37ef471fc3a4053f3973f1779b537d7d9cbb7d827edfc91e2afd494"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5d87d09b8af505bf-FRA
x-cache-hits: 0

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 79 KB
27 KB 19ms
6ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4232e3c12b3860ed86f62ab38ee1a711ba7393218593d61cefa8100c28afdd6f

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:23:13 GMT
content-encoding: gzip
age: 103
x-guploader-uploadid: ABg5-UzRYqOiGT14yzVle9l9nGVcRvNN7tu0dfd9AlJOL7JB_fgSr8Bv0iI8r0d6lxsHpwEM-mFVfmuQtTRczDXzperPiizirg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 26928
last-modified: Mon, 17 Aug 2020 21:43:08 GMT
server: UploadServer
etag: "0f7532346a033260e6e905e6396195aa"
vary: Accept-Encoding
x-goog-hash: crc32c=AlJgbg==, md5=D3UyNGoDMmDm6QXmOWGVqg==
x-goog-generation: 1597700588364815
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 26928
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 25 Sep 2020 21:33:13 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono|Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://forensics.barracudanetworks.com
Referer: https://fonts.googleapis.com/css?family=Roboto+Mono|Lato&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 18:24:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 269998
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Wed, 22 Sep 2021 18:24:58 GMT

GET
H2 200 / Show response
api-js.mixpanel.com/decide/ 65 B
338 B 734ms
676ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=1320f2411f85edb0c4282e94ff8abaf8&ip=1&_=1601069096350
Requested by: Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.241.186.35.bc.googleusercontent.com
Software: gunicorn/19.9.0 /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:24:57 GMT
via: 1.1 google
server: gunicorn/19.9.0
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://forensics.barracudanetworks.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 557
date: Fri, 25 Sep 2020 21:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 25 Sep 2020 23:15:40 GMT

GET
H2 200 noticeable-widget.html Show response
cdn.noticeable.io/v1/libs/noticeable-widget/ 918 KB
218 KB 46ms
32ms XHR
text/html 2606:4700:3032::681c:17e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.noticeable.io/v1/libs/noticeable-widget/noticeable-widget.html

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681c:17e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8aed2231497c0fddace130dc8eb6f536e4bd86f692b25ee00416321c816fb68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:24:57 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: MISS
x-cache: HIT
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0568c0b86f000006211c3c9200000001
x-served-by: cache-fra19173-FRA
last-modified: Tue, 21 Jan 2020 14:45:50 GMT
server: cloudflare
x-timer: S1601069097.089703,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5d87d0a0beef0621-FRA
x-cache-hits: 1

GET
H2 204 user Show response
forensics.barracudanetworks.com/auth/ 0
291 B 493ms
493ms XHR
text/plain 99.86.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forensics.barracudanetworks.com/auth/user

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-54.vie50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
X-XSRF-TOKEN: qPrXYlMF-7e6yMFXFvooBID5aTfO01W9Zrgo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:24:57 GMT
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-C1
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
status: 204
strict-transport-security: max-age=31536000
x-amz-cf-id: zcHUZWner9Y8XEMCpoeCrwr5uEdsIQZIJtQTIIv4nEnZwH7l78sIbw==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
409 B 39ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1725604252&t=pageview&_s=1&dl=https%3A%2F%2Fforensics.barracudanetworks.com%2F%3Fc%3Dlll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0&ul=en-us&de=UTF-8&dt=Forensics%20%26%20Incident%20Response&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1512525825&gjid=2026801799&cid=442679856.1601069097&tid=UA-377962-1&_gid=854215900.1601069097&_r=1&_slc=1&z=852735820

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:24:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://forensics.barracudanetworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-spa-1044.min.js Show response
js-agent.newrelic.com/ 30 KB
12 KB 94ms
31ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1044.min.js
Requested by: Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fa0b93dcc79d1ef847f9bc6650fed0dae8fd91d138ad82b39e534e39391e004

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:24:57 GMT
content-encoding: gzip
x-amz-request-id: 35DE9A3B6F3E3E9E
x-cache: HIT
status: 200
content-length: 11929
x-amz-id-2: YP0CG+Ty6faav7FHKx56EYgbixNGkelOo8vq5/tsc+opFid9w/fXfn8tttAD48ekD/1pHMnmUzc=
x-served-by: cache-hhn4061-HHN
last-modified: Wed, 28 Feb 2018 23:35:17 GMT
server: AmazonS3
x-timer: S1601069097.456567,VS0,VE0
etag: "ecc4d675754da137f5dacbc99541e133"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 62

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/ae2du23r
https://js.intercomcdn.com/shim.latest.js

9 KB
4 KB

136ms
42ms

Script
application/javascript

99.86.243.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-34.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b49f107642adfb7dceac0b2d963055e6dfb397085c94b0591cd2c2fe5b04123

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:21:33 GMT
content-encoding: gzip
age: 204
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 3432
last-modified: Fri, 25 Sep 2020 12:46:22 GMT
server: AmazonS3
etag: "471909203acbc80bf0eb714954e965cc"
content-type: application/javascript; charset=UTF-8
via: 1.1 b48fca327a980187d93a198e7530195c.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: 49jaG5hJVVpJqdZ7F3b1nJg_VgJVmz6kicHDxYO2elKKWWuUpVDNCg==

Redirect headers

date: Fri, 18 Sep 2020 08:50:01 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
server: AmazonS3
age: 650097
status: 302
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: U1tMlgufpRwI2cU2p0Yfngk5HOqX8G01Ts0FUGOtOIxmZ_7MIusmWg==

GET
DATA 200
OK truncated Show response
/ 13 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65d20dc5f2eb478778e6403ff50560ce98c2901137f90ff006272ee0e1dedcdd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd1aabe83c42857f51120c2515a4eaa05c0b9e04cd661a68a9e96674f0cc9427

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7af3e117bca06c69087ddf636e1911a8c36144e0374d5b75399cb3df8f7a67e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 265c4895160f0dfe4c8d3b7fbd690d49bee3fdb912d92661dce69ae25ce41c49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e58c9df5cfe4169657ffb656a22bd6eba38cc7140e8d242877ad3755864039a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f465d88ef19c7592b95c00a870994c828aa970bb2c5ceba3ec8605e95d930506

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c9fe191776a8dee7599d608cbf86e937477a9f3ccb5f6ffb61c9bdce619f410

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0c04f35e4b0fa1456824dde34c108b3538787704495ccb4a0ef0802d2adb366

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
98 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-377962-1&cid=442679856.1601069097&jid=1512525825&gjid=2026801799&_gid=854215900.1601069097&_u=IEBAAEAAAAAAAC~&z=722947604

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Sep 2020 21:24:57 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://forensics.barracudanetworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 131c031cc8ad2550b44cc9397ec6629f6ae4b2f91e747487ac397c5b59f8a98e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5f9351dbae4e358df3ac36e163b2512bbeb8b01ed864f3f3caf233e4b353a3a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0695b640b8ba188cda50553695c7bd53568b0526b97a344380a726f51c04101

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f6452c043799a1b404eeda4cccae9ece6c5c6065b8760c89704b768e36739bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 18 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8c97fc9b7fa1f9a6aa974602f8ac67ab7ca091dc2a3654fbcc89af57aaed484

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97d93c7a81fd0240c6ca48a10d5e64ea1b9518a9dde8a3b908a0f2ed3ef3fc53

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 18 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b0d23dd5b46e873c00e9784daecbde6b3897257c9e8c397376a0988d4d0670a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 95 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8698ca5b62de65ad1496e1e5d8e6e164098244aca63adaddaab43d5ca4dae52a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adaef0370c385b70af292410347b8e5af65c07b7b4de4c278d2919c608207aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 38 KB
13 KB 97ms
33ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e986347fae4cd3e188d0285b8c175fbda863568def399a7cc63663dc65eda556

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: d1pKkVEOnjXkhSna2LdckzCPNFxdQVqw
Content-Encoding: gzip
ETag: "e48ec93e4813a7969adbe0de01c4a49c"
x-amz-request-id: 8EB28073509C7335
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12201
x-amz-id-2: sI/NR0k1GE753WXWS6GJiwma/FFWZEPSGmDoBDTMXYrYEd0e1NacCh69FANqx3U9uLFHX5HecL8=
Last-Modified: Thu, 24 Sep 2020 20:19:10 GMT
Server: AmazonS3
Date: Fri, 25 Sep 2020 21:24:57 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
DATA 200
OK truncated Show response
/ 8 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f712d6ffc84ad65ca312ed9569e096844b1b17dff08487320541f79dc6284511

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 28 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b1517d858de6410033adcc3adb854eef6a0a9c36a7f3a1cfd515a495073e121

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 26ms
26ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-377962-1&cid=442679856.1601069097&jid=1512525825&_u=IEBAAEAAAAAAAC~&z=2145352535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:24:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 25ms
25ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-377962-1&cid=442679856.1601069097&jid=1512525825&_u=IEBAAEAAAAAAAC~&z=2145352535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:24:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc5120ac1632fdbc76b6090b88a37e5a85d562976ac7ed418f389b9f66a596ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 25 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb8908772f477b25de8d69afd70f2f5ff969797c407ba4e05df9a582ed3fce95

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1f3c215dc1a24acdda56737c226b6d898180c2a7b951133355854bf5f9cbb24

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 976371449ae6b1a8ba47bb13dcaa1158c14f3ace788800424158d4e6e3750244

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3840ccf57f97a47b55f8f7f5a51174fa6ca00d2b81334c19c70f36f4f6dd192

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42cf21f8674ffbd3d62802288fd99ddbc39b262b625a7284e53338764a6bdabf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 429 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 295fd0985be73716f8e05af964493849debd69409cc362f4f61a603ea826fc8e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 8 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bd105f02796087b78488ae8a5469f1afceefbaf84487d1961abe2441eed9f66

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 250a772484496e278a79fbf6582d3a45746d60245e20be31d1dfad8d31f7909f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 573 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae6e251293164ee5b8a1e90b3621c741a2540db54774d6aa555f576b72229c44

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1e0145fdb090253ce375cc6346e21c20a94af844dfdd76952f76884c2c7e464

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 34 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdca8d11e708c0766214c02bb9340c500ce9360502e46124140f1c89b65d9a19

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 17 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a876f8af5282933197c51d545faf30517c022206b5918551905f3faa2bfafaeb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed26bf16258f35d19150534a90f5752f9ae8dbe7c0cb40fbfbd2113543291f30

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 8 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9d184f39dc95a4e654c54c8b1871b4a343642e556d7a5da269fcb7c7b19896b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 22 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8084305b38728773ea9a079012d98f9068ce25a4ed825508d3af3ca78f3c2660

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca722fa47b01887a994f5155b942a8a2015cdf85c633117ad023b1c87a68a82e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 106a3aead2f61a9984733d2008b79755106d7939c66ee3fe1a0d962fa0ad7ca8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a078ea93f7c0b51d761e718b4d5888f5a82e771c58ceb14914cc5c4752527e8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 896 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bf40ee26cfe25f9d8934b411303c0053ef4ea67452da25cee0ce7d36e62adad

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 19 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77ba0fb17ca8a7e1d6de055af4bc7399afd92b9ac80ed0dcd86720e66c42a6d9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 8 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3894a4aa9bf2e139c77ef0579a8005f76d2acd8eea43d546ad00dbdbf2d370f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 12 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a89548cb86a4c788e144fd14a535bc787418646bc0ca01f4e32519e56a011d8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: faa9c80b0fc1a018cc15055adb5ab4900a5cb72e559985b069bedacd93fa17f7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d33c87ba0ce8f68360157726a32263d53c09bb0e78c7553dcc63197c0929ae57

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35e512db77e11b957c51d220ff4333bfc59933ccc1d405d00f331bd8404c0740

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 280 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80b13f9906ad825abf4647a435a9bc09b6f8c6f9359736b4270651265c9372aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fe524b19f8cff1117242affb16d5879e9a1f2d0a0bc2e38d6206c6740d5480c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 12 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b817bfaaf1a5743f386113549c26e00620b276458afc4e5bbbbe4ab20e1eccb1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17c3421958cc3922187bdd429dca2e152d0ccae6407fcef327784d860e0340f0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 457 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bbd7a631d4f6bf9a051fa11db12c123c0ee9427ce26a760e0767860a14fdb2c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0986106ad61613a45632ebfe76ff00fc0c826a4dc1fdd8662a6b744328b0525e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69f14c8b3c19829ee0525c9928cd11951fa456523f7a06a9dd8b450319e96f36

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8690ea2be06ef5035c8273c9fbe4a858339110c411b4521445d4d910eff521ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 18 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47839fdbbb4c63ad88eb777d1dc2a3709291e07509cc9266882c31a568b318ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22a9ed976e125a23a61f1119b6e455327b218bc218b8d34db4db0e3145dc4b75

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 793918660b7cd4136bc87888bb6b9d0bfd1dffac25410ca43d472bcfe43e7ae9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7786933b47c91ecf487c12be824f20e94522b9a0559d1bda56a92fac29471697

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e23396b56d99957ae53b9122a1f9f7c13ae51fb4f081c346caa25414c13b7ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK 43396c0e54 Show response
bam.nr-data.net/1/ 57 B
275 B 475ms
119ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/43396c0e54?a=20004106&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=2109&ref=https://forensics.barracudanetworks.com/&be=923&fe=1992&dc=1671&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1601069095385,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:23,%22c%22:23,%22s%22:41,%22ce%22:116,%22rq%22:116,%22rp%22:750,%22rpe%22:756,%22dl%22:753,%22di%22:1670,%22ds%22:1671,%22de%22:1672,%22dc%22:1992,%22l%22:1992,%22le%22:1993%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-spa-1044.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8eeebde264331b200fec3d52f7c678ff055c41d27a0d1e380f0808942c90119

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d85abf6342ab7e31c6c1ce8546d81ead68a72ce3447e72ac1494053c1f5b2a8e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 21 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e66df8345b8b1c2476b9260e6c694b3dabf456dbd0dd642778c808c45b0aa9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea9d2c45cb2ef275db3ec9856eeed09b96b873f64c9576d78580be373bc0e4a1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b14cccc4f0ce549a5ebe46667fbc49e0834ce99caccf69424579d1634fcfe855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 271 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 606a36bdf75365109ca3dfc9a2f6711b91e2e72319fec152b0308b0d0486c195

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 6 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3700d985e7d8b2df3fb8667a5066c6b1ecf25570740faca670ebc9675918ee87

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c01b9e996022acc94f30f6a38bb6732cda8f7d89ea530167bb360c7672515ca0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f586cf76931991f2c6fb5e4ef5adc15e5d43f1678fe6ed11e1ee1adec68a6f4d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 12 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe0f4e83bda0a71b5ac10b326ab68b52b9feb1d8c1ba4e2807523692edc6d139

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56ef4e5dbaf70c79b995351b2a2af9fa09a0e22a4a880e20fdb97e3a68e0c07d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 934 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 379e351aa7dac1b3a9a24fa0b9033cb992d58e454b07ba71db8a635dddfcb09f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 946 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 641af876ae8f6fa1f4e08d8620c706fdcf28a1caaea4006811a07ce7f340fb14

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31d7bea9f14666e61a9e80245465915dc3a03a9b0dfefa0d2b2b2f7e9956da52

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 28 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c3c61e9cb28c1c163436406e98059b498ee1194546b17872575986eb7ad67e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa60be2116deef425c5716cbb8bb9471593fba6b3016142d1be607f2c335c5cf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 204dd6eb709404c007f38041a76e06e8f1fd1d1bdfa5c97c1532bc77644274c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 36 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 726b38955fee459d146e99676dc2881e71b611a0127f7ac8ce97ac7d1820eb2c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 30 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1753e2d36090cb31e46260a1a641fbd315e980ca27a5121e95fe977227b68668

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 107 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60e58270918165cd68ab1069ac7a589d6cd78496c9d8b9523131f9b01d097205

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 52 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964c4e3ba6e9ecccfd82b71f94f92e439953a2e3da66bc41ddd940f38254bd3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/T6GUPQIK5REDFO6FQ66AFC/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

31ms
31ms

Script
application/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 2U8XMvdFINXJNFsilaXONuSvqmREKV3.
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 0A9DFB41B15EF3A2
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 9wtYzl8isf76a+KTcCc0hWCh/ZKrxXSL0KsmsoDDvS1VGgWl/GxdSe7DtPnOmbh4BH+84jF1nEY=
Last-Modified: Fri, 31 Jul 2020 16:11:15 GMT
Server: AmazonS3
Date: Fri, 25 Sep 2020 21:24:57 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Fri, 25 Sep 2020 21:24:57 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/ 0
773 B 144ms
83ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: LcPu0Gvxrzbgphx75PUi.5yAT4NCMLbp
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 3V4W9G8P4MAR2J2G
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: +fWFye8q5uS/OgCq/vg9JcYgrNjYSRv/buc75xGChg/01fu4J8jWMMB3/VhhZW0NUR/nIlrZKrk=
Last-Modified: Thu, 24 Sep 2020 19:59:17 GMT
Server: AmazonS3
Date: Fri, 25 Sep 2020 21:24:57 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/T6GUPQIK5REDFO6FQ66AFC/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/T6GUPQIK5REDFO6FQ66AFC?_s=3c3bc410e277b947728ef6a58e35b490&_b=2
https://d.adroll.com/consent/check/T6GUPQIK5REDFO6FQ66AFC/?_s=3c3bc410e277b947728ef6a58e35b490&_b=2

394 B
863 B

146ms
48ms

Script
application/javascript

54.171.23.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/T6GUPQIK5REDFO6FQ66AFC/?_s=3c3bc410e277b947728ef6a58e35b490&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.23.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-23-184.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: dffc7fe2425b03d488b1794486489e0e0f7ab921d996d18ba8c57ca440e71ee2

Request headers

Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:24:57 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: application/javascript
content-length: 394

Redirect headers

status: 302
date: Fri, 25 Sep 2020 21:24:57 GMT
server: nginx/1.18.0
content-length: 105
location: https://d.adroll.com/consent/check/T6GUPQIK5REDFO6FQ66AFC/?_s=3c3bc410e277b947728ef6a58e35b490&_b=2

GET
H2 200 frame-modern.230bb7b5.js Show response
js.intercomcdn.com/ Frame 36C1 227 KB
62 KB 51ms
50ms Script
application/javascript 99.86.243.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.230bb7b5.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ae2du23r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-34.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05fdf85cbb2f896ea68c4dd52d25460aa6d4760421a27e1122d47610cd8f60fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 20:46:29 GMT
content-encoding: gzip
age: 2309
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 63182
last-modified: Fri, 25 Sep 2020 12:37:33 GMT
server: AmazonS3
etag: "2082ccdcf7c0610a0de1c7699a97fa6f"
content-type: application/javascript; charset=UTF-8
via: 1.1 b48fca327a980187d93a198e7530195c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: trhclW7w9Wz6sVXEj6uhmXtbIVqgb1BXeLroOMRDdT0Vv_uAS02dwQ==

GET
H2 200 vendor-modern.274608d1.js Show response
js.intercomcdn.com/ Frame 36C1 123 KB
38 KB 51ms
50ms Script
application/javascript 99.86.243.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.274608d1.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ae2du23r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-34.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d2bfa7c04566cc13819190ce85898b468f34b5c9526aba2992b4e4f492ecddd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 20:38:24 GMT
content-encoding: gzip
age: 2794
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 38201
last-modified: Fri, 25 Sep 2020 12:37:33 GMT
server: AmazonS3
etag: "8c230cb8afe347b04e83461d70f840d3"
content-type: application/javascript; charset=UTF-8
via: 1.1 b48fca327a980187d93a198e7530195c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: 1A6yeu3sq7aartZPGTwvZAum4tZZQfa3AWe_xE12yxKZtVdVaKjdhg==

OPTIONS
H2 204 graphql
api.noticeable.io/ Frame 0
0 422ms
375ms Other
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.noticeable.io/graphql?query=%7B%20project(id%3A%22%7B%7Bctrl.configurationService.getFirNoticeableInfo().projectId%7D%7D%22)%20%7B%20accentColor%20posts(before%3A%20%22now%22%20isDraft%3A%20false%20last%3A9%20)%20%7B%20edges%20%7B%20node%20%7B%20content%20%7B%20html%20%7D%20excerpt%20hiddenComments%20id%20labels%20%7B%20color%20name%20%7D%20publicationTime%20reactions%20slug%20title%20%7D%20%7D%20%7D%20timeline%20%7B%20customDomain%20%7B%20name%20verified%20%7D%20%7D%20widget%20%7B%20autoRefresh%20closeOnEscKey%20closeOnOutsideClick%20fetchLimit%20markAsSeenAfter%20opened%20popup%20%7B%20allowOutsideScroll%20footer%20header%20horizontalAlign%20horizontalOffset%20useDynamicAlign%20verticalAlign%20verticalOffset%20withBackdrop%20%7D%20postExcerptMaxLength%20postExcerptTarget%20texts%20%7B%20postBackLink%20postFeedbackSendButtonLabel%20postFeedbackSentMessage%20postFeedbackTextareaPlaceholder%20postReactionsTitle%20postReactionsLegendBad%20postReactionsLegendNeutral%20postReactionsLegendGood%20postViewMoreButton%20%7D%20trigger%20%7B%20displayAfter%20displayCounter%20useEyeCatching%20useSoftHide%20%7D%20useWhiteLabel%20%7D%20%7D%20%7D
Protocol: H2
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://forensics.barracudanetworks.com
Sec-Fetch-Mode: cors

Response headers

status: 204
access-control-allow-headers: authorization,content-type
access-control-allow-origin: https://forensics.barracudanetworks.com
cache-control: private
content-type: text/html
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
function-execution-id: 1kkc6e8kcwhq
server: Google Frontend
x-cloud-trace-context: 7b345ea6ab133b1ad9e7432e8723c916
x-country-code: DK
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
date: Fri, 25 Sep 2020 21:24:58 GMT
x-served-by: cache-cph20623-CPH
x-cache: MISS
x-cache-hits: 0
x-timer: S1601069098.032585,VS0,VE357
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding

OPTIONS
H2 204 graphql
api.noticeable.io/ Frame 0
0 380ms
377ms Other
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.noticeable.io/graphql?query=%7B%20project(id%3A%22%7B%7Bctrl.configurationService.getFirNoticeableInfo().projectId%7D%7D%22)%20%7B%20accentColor%20posts(before%3A%20%22now%22%20isDraft%3A%20false%20last%3A9%20)%20%7B%20edges%20%7B%20node%20%7B%20content%20%7B%20html%20%7D%20excerpt%20hiddenComments%20id%20labels%20%7B%20color%20name%20%7D%20publicationTime%20reactions%20slug%20title%20%7D%20%7D%20%7D%20timeline%20%7B%20customDomain%20%7B%20name%20verified%20%7D%20%7D%20widget%20%7B%20autoRefresh%20closeOnEscKey%20closeOnOutsideClick%20fetchLimit%20markAsSeenAfter%20opened%20popup%20%7B%20allowOutsideScroll%20footer%20header%20horizontalAlign%20horizontalOffset%20useDynamicAlign%20verticalAlign%20verticalOffset%20withBackdrop%20%7D%20postExcerptMaxLength%20postExcerptTarget%20texts%20%7B%20postBackLink%20postFeedbackSendButtonLabel%20postFeedbackSentMessage%20postFeedbackTextareaPlaceholder%20postReactionsTitle%20postReactionsLegendBad%20postReactionsLegendNeutral%20postReactionsLegendGood%20postViewMoreButton%20%7D%20trigger%20%7B%20displayAfter%20displayCounter%20useEyeCatching%20useSoftHide%20%7D%20useWhiteLabel%20%7D%20%7D%20%7D
Protocol: H2
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://forensics.barracudanetworks.com
Sec-Fetch-Mode: cors

Response headers

status: 204
access-control-allow-headers: authorization,content-type
access-control-allow-origin: https://forensics.barracudanetworks.com
cache-control: private
content-type: text/html
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
function-execution-id: tfku9nxftqum
server: Google Frontend
x-cloud-trace-context: c036ab86d1cdb8bce1b3d85dc7303bcd
x-country-code: DK
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
date: Fri, 25 Sep 2020 21:24:58 GMT
x-served-by: cache-cph20623-CPH
x-cache: MISS
x-cache-hits: 0
x-timer: S1601069098.032762,VS0,VE359
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding

OPTIONS
H2 204 graphql
api.noticeable.io/ Frame 0
0 365ms
365ms Other
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.noticeable.io/graphql?query=%7B%20project(id%3A%22%7B%7Bctrl.configurationService.getFirNoticeableInfo().projectId%7D%7D%22)%20%7B%20accentColor%20posts(before%3A%20%22now%22%20isDraft%3A%20false%20last%3A9%20)%20%7B%20edges%20%7B%20node%20%7B%20content%20%7B%20html%20%7D%20excerpt%20hiddenComments%20id%20labels%20%7B%20color%20name%20%7D%20publicationTime%20reactions%20slug%20title%20%7D%20%7D%20%7D%20timeline%20%7B%20customDomain%20%7B%20name%20verified%20%7D%20%7D%20widget%20%7B%20autoRefresh%20closeOnEscKey%20closeOnOutsideClick%20fetchLimit%20markAsSeenAfter%20opened%20popup%20%7B%20allowOutsideScroll%20footer%20header%20horizontalAlign%20horizontalOffset%20useDynamicAlign%20verticalAlign%20verticalOffset%20withBackdrop%20%7D%20postExcerptMaxLength%20postExcerptTarget%20texts%20%7B%20postBackLink%20postFeedbackSendButtonLabel%20postFeedbackSentMessage%20postFeedbackTextareaPlaceholder%20postReactionsTitle%20postReactionsLegendBad%20postReactionsLegendNeutral%20postReactionsLegendGood%20postViewMoreButton%20%7D%20trigger%20%7B%20displayAfter%20displayCounter%20useEyeCatching%20useSoftHide%20%7D%20useWhiteLabel%20%7D%20%7D%20%7D
Protocol: H2
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://forensics.barracudanetworks.com
Sec-Fetch-Mode: cors

Response headers

status: 204
access-control-allow-headers: authorization,content-type
access-control-allow-origin: https://forensics.barracudanetworks.com
cache-control: private
content-type: text/html
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
function-execution-id: g9ba8ns8dsqj
server: Google Frontend
x-cloud-trace-context: b067f42ccf2abda1bba16ab62acf4ad4
x-country-code: DK
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
date: Fri, 25 Sep 2020 21:24:58 GMT
x-served-by: cache-cph20623-CPH
x-cache: MISS
x-cache-hits: 0
x-timer: S1601069098.038295,VS0,VE347
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding

OPTIONS
H2 204 graphql
api.noticeable.io/ Frame 0
0 978ms
978ms Other
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.noticeable.io/graphql?query=%7B%20project(id%3A%22wvuqKd8pCpUmCbM2r24B%22)%20%7B%20accentColor%20posts(before%3A%20%22now%22%20isDraft%3A%20false%20last%3A9%20)%20%7B%20edges%20%7B%20node%20%7B%20content%20%7B%20html%20%7D%20excerpt%20hiddenComments%20id%20labels%20%7B%20color%20name%20%7D%20publicationTime%20reactions%20slug%20title%20%7D%20%7D%20%7D%20timeline%20%7B%20customDomain%20%7B%20name%20verified%20%7D%20%7D%20widget%20%7B%20autoRefresh%20closeOnEscKey%20closeOnOutsideClick%20fetchLimit%20markAsSeenAfter%20opened%20popup%20%7B%20allowOutsideScroll%20footer%20header%20horizontalAlign%20horizontalOffset%20useDynamicAlign%20verticalAlign%20verticalOffset%20withBackdrop%20%7D%20postExcerptMaxLength%20postExcerptTarget%20texts%20%7B%20postBackLink%20postFeedbackSendButtonLabel%20postFeedbackSentMessage%20postFeedbackTextareaPlaceholder%20postReactionsTitle%20postReactionsLegendBad%20postReactionsLegendNeutral%20postReactionsLegendGood%20postViewMoreButton%20%7D%20trigger%20%7B%20displayAfter%20displayCounter%20useEyeCatching%20useSoftHide%20%7D%20useWhiteLabel%20%7D%20%7D%20%7D
Protocol: H2
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://forensics.barracudanetworks.com
Sec-Fetch-Mode: cors

Response headers

status: 204
access-control-allow-headers: authorization,content-type
access-control-allow-origin: https://forensics.barracudanetworks.com
cache-control: private
content-type: text/html
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
function-execution-id: tfkudtwyv7fb
server: Google Frontend
x-cloud-trace-context: 1625acc76900e25fbbb654bc3ccd72db
x-country-code: DK
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
date: Fri, 25 Sep 2020 21:24:59 GMT
x-served-by: cache-cph20623-CPH
x-cache: MISS
x-cache-hits: 0
x-timer: S1601069098.041794,VS0,VE960
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding

GET
DATA 200
OK truncated
/ 43 KB
43 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Origin: https://forensics.barracudanetworks.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 400 graphql Show response
api.noticeable.io/ 159 B
449 B 381ms
381ms XHR
application/json 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.noticeable.io/graphql?query=%7B%20project(id%3A%22%7B%7Bctrl.configurationService.getFirNoticeableInfo().projectId%7D%7D%22)%20%7B%20accentColor%20posts(before%3A%20%22now%22%20isDraft%3A%20false%20last%3A9%20)%20%7B%20edges%20%7B%20node%20%7B%20content%20%7B%20html%20%7D%20excerpt%20hiddenComments%20id%20labels%20%7B%20color%20name%20%7D%20publicationTime%20reactions%20slug%20title%20%7D%20%7D%20%7D%20timeline%20%7B%20customDomain%20%7B%20name%20verified%20%7D%20%7D%20widget%20%7B%20autoRefresh%20closeOnEscKey%20closeOnOutsideClick%20fetchLimit%20markAsSeenAfter%20opened%20popup%20%7B%20allowOutsideScroll%20footer%20header%20horizontalAlign%20horizontalOffset%20useDynamicAlign%20verticalAlign%20verticalOffset%20withBackdrop%20%7D%20postExcerptMaxLength%20postExcerptTarget%20texts%20%7B%20postBackLink%20postFeedbackSendButtonLabel%20postFeedbackSentMessage%20postFeedbackTextareaPlaceholder%20postReactionsTitle%20postReactionsLegendBad%20postReactionsLegendNeutral%20postReactionsLegendGood%20postViewMoreButton%20%7D%20trigger%20%7B%20displayAfter%20displayCounter%20useEyeCatching%20useSoftHide%20%7D%20useWhiteLabel%20%7D%20%7D%20%7D
Requested by: Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 53b971502ad1d18dd723905eef37fb51779d82a7f85ecc179e14c7f3faa13252

Request headers

accept: application/json
Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
authorization: Apikey {{ctrl.configurationService.getFirNoticeableInfo().accessToken}}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Fri, 25 Sep 2020 21:24:58 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
status: 400
access-control-max-age: 86400
x-served-by: cache-cph20623-CPH
server: Google Frontend
x-timer: S1601069098.408077,VS0,VE363
etag: W/"9f-ljaxkhSCrbSJAXUAW+y3g1L88j4"
vary: Accept-Encoding, x-fh-requested-host, accept-encoding
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://forensics.barracudanetworks.com
x-cloud-trace-context: d8680cc70cd0a7c24a500b183897833d
cache-control: private
function-execution-id: tfku2ff5v0km
accept-ranges: bytes, bytes
access-control-allow-headers: undefined
x-cache-hits: 0

GET graphql
api.noticeable.io/ 0
0

GET
H2 200 graphql Show response
api.noticeable.io/ 47 KB
9 KB 546ms
546ms XHR
application/json 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.noticeable.io/graphql?query=%7B%20project(id%3A%22wvuqKd8pCpUmCbM2r24B%22)%20%7B%20accentColor%20posts(before%3A%20%22now%22%20isDraft%3A%20false%20last%3A9%20)%20%7B%20edges%20%7B%20node%20%7B%20content%20%7B%20html%20%7D%20excerpt%20hiddenComments%20id%20labels%20%7B%20color%20name%20%7D%20publicationTime%20reactions%20slug%20title%20%7D%20%7D%20%7D%20timeline%20%7B%20customDomain%20%7B%20name%20verified%20%7D%20%7D%20widget%20%7B%20autoRefresh%20closeOnEscKey%20closeOnOutsideClick%20fetchLimit%20markAsSeenAfter%20opened%20popup%20%7B%20allowOutsideScroll%20footer%20header%20horizontalAlign%20horizontalOffset%20useDynamicAlign%20verticalAlign%20verticalOffset%20withBackdrop%20%7D%20postExcerptMaxLength%20postExcerptTarget%20texts%20%7B%20postBackLink%20postFeedbackSendButtonLabel%20postFeedbackSentMessage%20postFeedbackTextareaPlaceholder%20postReactionsTitle%20postReactionsLegendBad%20postReactionsLegendNeutral%20postReactionsLegendGood%20postViewMoreButton%20%7D%20trigger%20%7B%20displayAfter%20displayCounter%20useEyeCatching%20useSoftHide%20%7D%20useWhiteLabel%20%7D%20%7D%20%7D
Requested by: Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 70740754e54accd6e0c5165f6719bcff79ea6b1152307f37a1781b16046894a9

Request headers

accept: application/json
Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
authorization: Apikey ijvUg4rB5tpMfmRksCpt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Fri, 25 Sep 2020 21:24:59 GMT
content-encoding: gzip
x-ratelimit-limit: 999999
x-powered-by: Express
x-cache: MISS
status: 200
x-ratelimit-remaining: 499999
content-length: 8840
x-served-by: cache-cph20623-CPH
server: Google Frontend
x-timer: S1601069099.020485,VS0,VE527
etag: W/"bcc1-Ifa5j3qXfTgPzLbZ31N4lWP9cvE"
vary: Origin, Accept-Encoding,cookie,need-authorization, x-fh-requested-host, accept-encoding
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://forensics.barracudanetworks.com
x-cloud-trace-context: df7ae7d67472feca119ccf2f3fd92e0e
cache-control: public, max-age=150, s-maxage=300
function-execution-id: 1kkczxjy80e0
x-ratelimit-reset: Fri Sep 25 2020 21:24:59 GMT+0000 (Coordinated Universal Time)
access-control-max-age: 86400
accept-ranges: bytes
x-orig-accept-language: en-US
access-control-allow-headers: undefined
x-country-code: DK
x-cache-hits: 0

GET
H2 200 logo-fir-d331fa11ede00225c56662a24494be75.svg Show response
forensics.barracudanetworks.com/static/ 23 KB
6 KB 61ms
60ms XHR
image/svg+xml 99.86.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forensics.barracudanetworks.com/static/logo-fir-d331fa11ede00225c56662a24494be75.svg

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-54.vie50.r.cloudfront.net

Software

Resource Hash

0fdde643e04ed9dda3bb7d2874b400266873c444a2299aff273d14c04bf24046

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
x-xsrf-token: qPrXYlMF-7e6yMFXFvooBID5aTfO01W9Zrgo
X-Client-Version: d7e2eb12f31d744804a783bb2788b2804020dac3-7122
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 19:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1649391
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
last-modified: Mon, 31 Aug 2020 14:30:07 GMT
x-frame-options: SAMEORIGIN
etag: W/"5b54-17444ecd998"
x-download-options: noopen
strict-transport-security: max-age=31536000
content-type: image/svg+xml
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: GCBfDtH-n63ttr2CMFfYYOiez-WgeuflWrpKKIqyFdWT4WrYm0J6Mg==

GET
H2 200 header_forensics-7c0ea9e56724f5e0fb13fa00d1001119.jpg
forensics.barracudanetworks.com/static/ 150 KB
150 KB 61ms
60ms Image
image/jpeg 99.86.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forensics.barracudanetworks.com/static/header_forensics-7c0ea9e56724f5e0fb13fa00d1001119.jpg

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/static/vendor-27077869e2226307bffd.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-54.vie50.r.cloudfront.net

Software

Resource Hash

77a99918e6ea500249bc179e71ea8577cc5d3b44dfbbcd8540f20b440e5f8d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://forensics.barracudanetworks.com/static/vendor-27077869e2226307bffd.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 05:48:01 GMT
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 401816
x-cache: Hit from cloudfront
status: 200
content-length: 153155
last-modified: Mon, 31 Aug 2020 14:30:07 GMT
x-frame-options: SAMEORIGIN
etag: W/"25643-17444ecd998"
x-download-options: noopen
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: n0XVYAnkOFCfPX0DEqukLOtjCVss2464YBDZIhTD2JalE1ejoB2zLw==

GET
H2 200 logo_barracuda_primary_reversed-3e946cce99c63b983a7a2a08bc6ff32f.svg Show response
forensics.barracudanetworks.com/static/ 7 KB
3 KB 61ms
60ms XHR
image/svg+xml 99.86.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forensics.barracudanetworks.com/static/logo_barracuda_primary_reversed-3e946cce99c63b983a7a2a08bc6ff32f.svg

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-54.vie50.r.cloudfront.net

Software

Resource Hash

d5dceb988688592f0261c4d7b7e6d4622988e55b098c61852adc2cb2a56c7420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://forensics.barracudanetworks.com/signup
x-xsrf-token: qPrXYlMF-7e6yMFXFvooBID5aTfO01W9Zrgo
X-Client-Version: d7e2eb12f31d744804a783bb2788b2804020dac3-7122
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 05:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401817
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
last-modified: Mon, 31 Aug 2020 14:30:07 GMT
x-frame-options: SAMEORIGIN
etag: W/"1c13-17444ecd998"
x-download-options: noopen
strict-transport-security: max-age=31536000
content-type: image/svg+xml
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: yTRkfp9RwDmktrAFOCUUDqZ0WipCQ0bVElD9UnuCh97CiwlXrJVcEA==

GET
H2 200 element_secondary_fir_for-dark-backgrounds-5ac4e12e8431e24f75df06e1760badfe.svg Show response
forensics.barracudanetworks.com/static/ 21 KB
6 KB 59ms
59ms XHR
image/svg+xml 99.86.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forensics.barracudanetworks.com/static/element_secondary_fir_for-dark-backgrounds-5ac4e12e8431e24f75df06e1760badfe.svg

Requested by

Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.54 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-54.vie50.r.cloudfront.net

Software

Resource Hash

f18b6621fa60b7b8b18e12b62ca41557ea64258c13b49662a0a57ccc1ce28d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://forensics.barracudanetworks.com/signup
x-xsrf-token: qPrXYlMF-7e6yMFXFvooBID5aTfO01W9Zrgo
X-Client-Version: d7e2eb12f31d744804a783bb2788b2804020dac3-7122
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 05:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317554
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
last-modified: Mon, 31 Aug 2020 14:30:07 GMT
x-frame-options: SAMEORIGIN
etag: W/"53d5-17444ecd998"
x-download-options: noopen
strict-transport-security: max-age=31536000
content-type: image/svg+xml
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: lpYPHd0fwqyPocq8EXoEVAHdet_02xdOyuHKTXOWw2mnDnzPWcIB2g==

GET
H3-Q050

200

activityi;dc_pre=COzw8ZafhewCFcTiuwgdDG4OgA;src=6496512;type=ukbat0;cat=decte0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7709491152134.465
6496512.fls.doubleclick.net/ Frame 4EFA
Redirect Chain

https://6496512.fls.doubleclick.net/activityi;src=6496512;type=ukbat0;cat=decte0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7709491152134.465?
https://6496512.fls.doubleclick.net/activityi;dc_pre=COzw8ZafhewCFcTiuwgdDG4OgA;src=6496512;type=ukbat0;cat=decte0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7709491152134.465?

0
0

129ms
78ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6496512.fls.doubleclick.net/activityi;dc_pre=COzw8ZafhewCFcTiuwgdDG4OgA;src=6496512;type=ukbat0;cat=decte0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7709491152134.465?

Requested by

Host:
URL: webpack-internal:///./node_modules/jquery/dist/jquery.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6496512.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COzw8ZafhewCFcTiuwgdDG4OgA;src=6496512;type=ukbat0;cat=decte0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7709491152134.465?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://forensics.barracudanetworks.com/signup
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmYozM9UvGqIBGzdiasgufbNNUd_qp7U3Nt9GfpKpM6p7x187Svm6Fq4DUf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 25 Sep 2020 21:24:58 GMT
expires: Fri, 25 Sep 2020 21:24:58 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 512
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 25 Sep 2020 21:24:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6496512.fls.doubleclick.net/activityi;dc_pre=COzw8ZafhewCFcTiuwgdDG4OgA;src=6496512;type=ukbat0;cat=decte0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7709491152134.465?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 36C1 3 KB
2 KB 907ms
484ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.230bb7b5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

b2831bf8b8e4a5c18863dc10573e3f1d69a985f1921c888a6c6c586e6f4b2b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 25 Sep 2020 21:24:58 GMT
content-encoding: gzip
x-ami-version: ami-04c2e890c97f274a5
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000d1hjmsoumvajmh44g
x-runtime: 0.233172
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"b2831bf8b8e4a5c18863dc10573e3f1d"
x-ratelimit-remaining: 19999
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://forensics.barracudanetworks.com
x-intercom-version: 2306e69b0f3b030c93af857a4b2269565628adea
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1601069100
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H/1.1

200
OK

67KGJPTPU5CEJF7HLAFHW3.js Show response
s.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/
Redirect Chain

https://d.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_...
https://s.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/67KGJPTPU5CEJF7HLAFHW3.js

5 KB
3 KB

42ms
42ms

Script
text/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/67KGJPTPU5CEJF7HLAFHW3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f888db85e8c6d27c30f3b7771065fb975bd59455fa245d3b456b94725ae940f7

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: TcBMys.xE5WoRwphsLZwE3JQ30iJZALt
Content-Encoding: gzip
ETag: "a165c18ee8a17e6b94ede8094d90c48f"
x-amz-request-id: 0D1A7FD5218E40BB
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1821
x-amz-id-2: rkK/9pkhuG0tEAloh9fE9bL+NQofzA+CL80iRF4OXh8CELu9AIeUn1kg0qUeSulADigdRQHOTvQ=
Last-Modified: Wed, 29 Jul 2020 15:00:46 GMT
Server: AmazonS3
Date: Fri, 25 Sep 2020 21:24:58 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

date: Fri, 25 Sep 2020 21:24:58 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: *
x-segment-eid: 67KGJPTPU5CEJF7HLAFHW3
location: https://s.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/67KGJPTPU5CEJF7HLAFHW3.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: EVDJK3NJVNGOVI5VCRVBAG
x-segment-name: *
x-advertisable-eid: T6GUPQIK5REDFO6FQ66AFC
x-conversion-currency

POST
H/1.1 200
OK 43396c0e54 Show response
bam.nr-data.net/resources/1/ 36 B
231 B 219ms
219ms XHR
text/plain 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/43396c0e54?a=20004106&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=2766&ref=https://forensics.barracudanetworks.com/&st=1601069095385
Requested by: Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 14d4e967a74df2a7905ee909a3fcafa1161e21752934b500e1d5a4b23867246d

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://forensics.barracudanetworks.com
Access-Control-Allow-Credentials: true
Content-Length: 36
Content-Type: text/plain; charset=ISO-8859-1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d.adroll.com
URL: https://d.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&pv=14795488698.360847&cookie=&adroll_s_ref=&keyw=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: iDBTrTv0T0IraDd8zXvPjxgw/QHHQXCvlzBFtzkGyE1qBSfQ+GPr4lGAiJs6fiFAQuP6wRmH150r4vnj4/ngIQ==
x-fb-trip-id: 2087493949
x-frame-options: DENY
date: Fri, 25 Sep 2020 21:24:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
3 KB 31ms
31ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&pv=14795488698.360847&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NM.EHVfGEDu2TYFqb1osrv1zRII373EC
Content-Encoding: gzip
ETag: "15441b08d0c4f93b1dd5f533cd361cd8"
x-amz-request-id: E2F067B4E9F95C64
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2039
x-amz-id-2: zahNXUrZcHvPMHZ5OZzeA/pmU+ThIaY+/c27IjCJ/f8DH693VdK16PYXiwNkUgRleJPaNozozcA=
Last-Modified: Mon, 03 Feb 2020 20:32:06 GMT
Server: AmazonS3
Date: Fri, 25 Sep 2020 21:24:58 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&advertisable=T6GUPQIK5REDFO6FQ66AFC
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=GXi8E06Lns5z-Lmagx5vNw
https://d.adroll.com/cm/g/in

42 B
536 B

48ms
48ms

Image
image/gif

54.171.23.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.23.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-23-184.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:24:58 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:24:58 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/aol,index,l,outbrain,pubmatic,n,taboola,triplelift,r/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsig...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
1010 B

158ms
39ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 25 Sep 2020 21:24:57 GMT
X-lat: Pug23045:0:238
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:24:58 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
cache-control: no-store, no-cache, must-revalidate
content-length: 220

GET
H2

200

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&advertisable=T6GUPQIK5REDFO6FQ66AFC
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
500 B

48ms
48ms

Image
image/gif

54.171.23.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.23.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-23-184.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:24:58 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

Redirect headers

date: Fri, 25 Sep 2020 21:24:58 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&advertisable=T6GUPQIK5REDFO6FQ66AFC
https://x.bidswitch.net/sync?dsp_id=44&user_id=MTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc

43 B
411 B

34ms
34ms

Image
image/gif

52.59.64.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.64.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-64-254.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 25 Sep 2020 21:24:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Fri, 25 Sep 2020 21:24:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&advertisable=T6GUPQIK5REDFO6FQ66AFC
https://ib.adnxs.com/setuid?entity=172&code=MTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc

43 B
1 KB

65ms
65ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Sep 2020 21:24:58 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.238:80
AN-X-Request-Uuid: 2c1f4f8c-3e80-4b3f-afd1-2e8c715317e9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Sep 2020 21:24:58 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid: aba38152-7935-4c08-bc1e-2f0c4528d3bf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMTk3OGJjMTM0ZThiOWVjZTczZjhiOTlhODMxZTZmMzc
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&advertisable=T6GUPQIK5REDFO6FQ66AFC
https://us-u.openx.net/w/1.0/sd?id=537103138&val=1978bc134e8b9ece73f8b99a831e6f37
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=1978bc134e8b9ece73f8b99a831e6f37

43 B
180 B

69ms
69ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=1978bc134e8b9ece73f8b99a831e6f37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:24:58 GMT
via: 1.1 google
server: OXGW/16.193.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 25 Sep 2020 21:24:58 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=1978bc134e8b9ece73f8b99a831e6f37
alt-svc: clear
content-length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=a56cfe2c2857d0675a54e6c3b2738838-1601069098145&arrfrr=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&xid_ch=f&advertisable=T6GUPQIK5REDFO6FQ66AFC&go...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=GXi8E06Lns5z-Lmagx5vNw
https://d.adroll.com/cm/g/in

42 B
536 B

48ms
47ms

Image
image/gif

54.171.23.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.23.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-23-184.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:24:58 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 21:24:58 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1770934679791682 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 64ms
63ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1770934679791682?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8edcdc2b4685cade3288170abcd5fc7309452d8610c311666dd9d3ca39c4e3e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 2G6Tmnd4cq4Tj/hjnWHXU1OQY0PODz2JHoLESh7LEMR3bAuWJ2Bj5igPwTXYqBUOC05ECBlBp6bbnSKZdAEcqQ==
x-fb-trip-id: 2087493949
x-frame-options: DENY
date: Fri, 25 Sep 2020 21:24:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1770934679791682&ev=PageView&dl=https%3A%2F%2Fforensics.barracudanetworks.com%2Fsignup&rl=&if=false&ts=1601069098360&cd[segment_eid]=2CRCSIBBINE2BI4FT33HVW%2C67KGJPTPU5CEJF7HLAFHW3&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=29&fbp=fb.1.1601069098359.1144211877&it=1601069098265&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 21:24:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 25 Sep 2020 21:24:58 GMT

POST
H/1.1 200
OK 43396c0e54 Show response
bam.nr-data.net/events/1/ 24 B
198 B 120ms
120ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/43396c0e54?a=20004106&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=4192&ref=https://forensics.barracudanetworks.com/
Requested by: Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://forensics.barracudanetworks.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

GET
H2 200 vendors~app-modern.b0811783.js Show response
js.intercomcdn.com/ Frame 36C1 245 KB
75 KB 44ms
43ms Script
application/javascript 99.86.243.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app-modern.b0811783.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.230bb7b5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-34.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7ae7f6116a6ec205d0958e4718aba9aa23af267bf6268bdc65bac1920de5c16

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 20:38:29 GMT
content-encoding: gzip
age: 2797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 76433
last-modified: Fri, 25 Sep 2020 12:37:33 GMT
server: AmazonS3
etag: "1bb36ecd9eb179503c933fc002bdfe80"
content-type: application/javascript; charset=UTF-8
via: 1.1 b48fca327a980187d93a198e7530195c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: nE2uaiiNE2UZpeJaIQKcAgS70xuxgoEbxmoiKqYEwk_poECRIUsg-A==

GET
H2 200 app-modern.cc61fc0a.js Show response
js.intercomcdn.com/ Frame 36C1 67 KB
20 KB 54ms
54ms Script
application/javascript 99.86.243.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app-modern.cc61fc0a.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.230bb7b5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-34.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc3cd056f02dad0eee62a21618b98a6d278448116d77b07fb34e97c84387e4b7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 20:38:29 GMT
content-encoding: gzip
age: 2797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 19804
last-modified: Fri, 25 Sep 2020 12:37:33 GMT
server: AmazonS3
etag: "3cfec32d75a2a2df28522c0fefdf36ac"
content-type: application/javascript; charset=UTF-8
via: 1.1 b48fca327a980187d93a198e7530195c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: OzwCwgcYnhIndOZIE6zv5mdSXPdfZTBQzKsjxfa6A-1l7ws3kl5AMg==

POST
H/1.1 200
OK 43396c0e54 Show response
bam.nr-data.net/resources/1/ 0
174 B 420ms
419ms XHR
text/plain 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/43396c0e54?a=20004106&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=12769&ref=https://forensics.barracudanetworks.com/&st=1601069095385&ptid=718cfff9-0001-be06-9ad0-0174c727a548
Requested by: Host: forensics.barracudanetworks.com
URL: https://forensics.barracudanetworks.com/?c=lll0l01al01al3l4l010al015al2l010al04allll016al1l08al016al1l015al1l010al1l013al04al019a.l01al0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://forensics.barracudanetworks.com/signup
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://forensics.barracudanetworks.com
Access-Control-Allow-Credentials: true
Content-Length: 0
Content-Type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.noticeable.io
URL: https://api.noticeable.io/graphql?query=%7B%20project(id%3A%22%7B%7Bctrl.configurationService.getFirNoticeableInfo().projectId%7D%7D%22)%20%7B%20accentColor%20posts(before%3A%20%22now%22%20isDraft%3A%20false%20last%3A9%20)%20%7B%20edges%20%7B%20node%20%7B%20content%20%7B%20html%20%7D%20excerpt%20hiddenComments%20id%20labels%20%7B%20color%20name%20%7D%20publicationTime%20reactions%20slug%20title%20%7D%20%7D%20%7D%20timeline%20%7B%20customDomain%20%7B%20name%20verified%20%7D%20%7D%20widget%20%7B%20autoRefresh%20closeOnEscKey%20closeOnOutsideClick%20fetchLimit%20markAsSeenAfter%20opened%20popup%20%7B%20allowOutsideScroll%20footer%20header%20horizontalAlign%20horizontalOffset%20useDynamicAlign%20verticalAlign%20verticalOffset%20withBackdrop%20%7D%20postExcerptMaxLength%20postExcerptTarget%20texts%20%7B%20postBackLink%20postFeedbackSendButtonLabel%20postFeedbackSentMessage%20postFeedbackTextareaPlaceholder%20postReactionsTitle%20postReactionsLegendBad%20postReactionsLegendNeutral%20postReactionsLegendGood%20postViewMoreButton%20%7D%20trigger%20%7B%20displayAfter%20displayCounter%20useEyeCatching%20useSoftHide%20%7D%20useWhiteLabel%20%7D%20%7D%20%7D

Domain: api.noticeable.io
URL: https://api.noticeable.io/graphql?query=%7B%20project(id%3A%22%7B%7Bctrl.configurationService.getFirNoticeableInfo().projectId%7D%7D%22)%20%7B%20accentColor%20posts(before%3A%20%22now%22%20isDraft%3A%20false%20last%3A9%20)%20%7B%20edges%20%7B%20node%20%7B%20content%20%7B%20html%20%7D%20excerpt%20hiddenComments%20id%20labels%20%7B%20color%20name%20%7D%20publicationTime%20reactions%20slug%20title%20%7D%20%7D%20%7D%20timeline%20%7B%20customDomain%20%7B%20name%20verified%20%7D%20%7D%20widget%20%7B%20autoRefresh%20closeOnEscKey%20closeOnOutsideClick%20fetchLimit%20markAsSeenAfter%20opened%20popup%20%7B%20allowOutsideScroll%20footer%20header%20horizontalAlign%20horizontalOffset%20useDynamicAlign%20verticalAlign%20verticalOffset%20withBackdrop%20%7D%20postExcerptMaxLength%20postExcerptTarget%20texts%20%7B%20postBackLink%20postFeedbackSendButtonLabel%20postFeedbackSentMessage%20postFeedbackTextareaPlaceholder%20postReactionsTitle%20postReactionsLegendBad%20postReactionsLegendNeutral%20postReactionsLegendGood%20postViewMoreButton%20%7D%20trigger%20%7B%20displayAfter%20displayCounter%20useEyeCatching%20useSoftHide%20%7D%20useWhiteLabel%20%7D%20%7D%20%7D

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 22:06:05	Name: IDE Value: AHWqTUmYozM9UvGqIBGzdiasgufbNNUd_qp7U3Nt9GfpKpM6p7x187Svm6Fq4DUf
.barracudanetworks.com/	1970-01-19 12:54:33	Name: intercom-session-ae2du23r Value:
.barracudanetworks.com/	1970-01-19 19:13:19	Name: intercom-id-ae2du23r Value: c708c29f-9b92-4381-9608-e12c2676b359
.barracudanetworks.com/	1970-01-19 12:45:55	Name: _gid Value: GA1.2.854215900.1601069097
.barracudanetworks.com/	1970-01-19 14:54:05	Name: _fbp Value: fb.1.1601069098359.1144211877
.forensics.barracudanetworks.com/	1970-01-19 21:30:05	Name: __ar_v4 Value: %7CT6GUPQIK5REDFO6FQ66AFC%3A20200925%3A1%7CEVDJK3NJVNGOVI5VCRVBAG%3A20200925%3A1%7C67KGJPTPU5CEJF7HLAFHW3%3A20200925%3A1
.barracudanetworks.com/	1970-01-19 12:44:29	Name: _gat Value: 1
.barracudanetworks.com/	1970-01-19 12:54:33	Name: koa.cuda.sid Value: hMbD7Lau1-mmaHTC1dpxkIQH1SCExN4J
.barracudanetworks.com/	1970-01-20 06:15:41	Name: _ga Value: GA1.2.442679856.1601069097
.forensics.barracudanetworks.com/	1970-01-19 21:30:26	Name: __adroll_fpc Value: a56cfe2c2857d0675a54e6c3b2738838-1601069098145
.barracudanetworks.com/	1970-01-19 21:30:05	Name: mp_1320f2411f85edb0c4282e94ff8abaf8_mixpanel Value: %7B%22distinct_id%22%3A%20%22174c7279d9b7ec-0cd0aaec0ad48f-1b396256-1d4c00-174c7279d9c86e%22%2C%22%24device_id%22%3A%20%22174c7279d9b7ec-0cd0aaec0ad48f-1b396256-1d4c00-174c7279d9c86e%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.barracudanetworks.com/	1970-01-19 12:54:33	Name: koa.cuda.sid.sig Value: 3Bhcp6xpb8FGRg-BtegTfcfVH3g
forensics.barracudanetworks.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN.sig Value: FVXQrh6lfPW_MF4THv4J5MA2rWY
forensics.barracudanetworks.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: qPrXYlMF-7e6yMFXFvooBID5aTfO01W9Zrgo

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://cdn.noticeable.io/v1/libs/noticeable-widget/noticeable-widget.html-78.js(Line 327) Message: Error while fetching widget data
console-api	error	URL: https://cdn.noticeable.io/v1/libs/noticeable-widget/noticeable-widget.html-78.js(Line 327) Message: Context creation failed: Your access token is invalid. Check for typos or create a new one.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6496512.fls.doubleclick.net
ads.yahoo.com
api-iam.intercom.io
api-js.mixpanel.com
api.noticeable.io
bam.nr-data.net
cdn.mxpnl.com
cdn.noticeable.io
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
forensics.barracudanetworks.com
ib.adnxs.com
js-agent.newrelic.com
js.intercomcdn.com
s.adroll.com
simage2.pubmatic.com
stats.g.doubleclick.net
us-u.openx.net
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
x.bidswitch.net
api.noticeable.io
151.101.114.110
151.101.65.195
162.247.242.20
185.33.220.145
185.64.190.80
216.58.207.66
216.58.208.38
23.210.248.216
2600:1901:0:498c::
2606:4700:3032::681c:17e1
2a00:1288:f03d:1fa::2000
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:821::200e
2a00:1450:400c:c0c::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.186.241.51
35.244.159.8
52.59.64.254
54.171.23.184
63.32.63.32
99.83.219.81
99.86.243.34
99.86.243.54
99.86.7.67
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
05fdf85cbb2f896ea68c4dd52d25460aa6d4760421a27e1122d47610cd8f60fd
0964c4e3ba6e9ecccfd82b71f94f92e439953a2e3da66bc41ddd940f38254bd3
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0986106ad61613a45632ebfe76ff00fc0c826a4dc1fdd8662a6b744328b0525e
0bf40ee26cfe25f9d8934b411303c0053ef4ea67452da25cee0ce7d36e62adad
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0fdde643e04ed9dda3bb7d2874b400266873c444a2299aff273d14c04bf24046
106a3aead2f61a9984733d2008b79755106d7939c66ee3fe1a0d962fa0ad7ca8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f58097610edb84caeafe66f6112b9c2b067feeb074455fd2e3742491a46e19
1227d7f97d9f3cf4e1b3a0d4b6ea19606c4ceee09e902752353548759823ccb8
131c031cc8ad2550b44cc9397ec6629f6ae4b2f91e747487ac397c5b59f8a98e
14d4e967a74df2a7905ee909a3fcafa1161e21752934b500e1d5a4b23867246d
1753e2d36090cb31e46260a1a641fbd315e980ca27a5121e95fe977227b68668
17c3421958cc3922187bdd429dca2e152d0ccae6407fcef327784d860e0340f0
1bbd7a631d4f6bf9a051fa11db12c123c0ee9427ce26a760e0767860a14fdb2c
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
1fe524b19f8cff1117242affb16d5879e9a1f2d0a0bc2e38d6206c6740d5480c
204dd6eb709404c007f38041a76e06e8f1fd1d1bdfa5c97c1532bc77644274c0
22a9ed976e125a23a61f1119b6e455327b218bc218b8d34db4db0e3145dc4b75
2492772bacac2d8985416dd8d85b560550607d57c130708a9685588f58ae1e34
250a772484496e278a79fbf6582d3a45746d60245e20be31d1dfad8d31f7909f
265c4895160f0dfe4c8d3b7fbd690d49bee3fdb912d92661dce69ae25ce41c49
295fd0985be73716f8e05af964493849debd69409cc362f4f61a603ea826fc8e
2bf5accc71b9ab97a812bd9bf34483945254afabb9ea04427c8e432de5b26c2f
31d7bea9f14666e61a9e80245465915dc3a03a9b0dfefa0d2b2b2f7e9956da52
35e512db77e11b957c51d220ff4333bfc59933ccc1d405d00f331bd8404c0740
3700d985e7d8b2df3fb8667a5066c6b1ecf25570740faca670ebc9675918ee87
379e351aa7dac1b3a9a24fa0b9033cb992d58e454b07ba71db8a635dddfcb09f
3a078ea93f7c0b51d761e718b4d5888f5a82e771c58ceb14914cc5c4752527e8
3e58c9df5cfe4169657ffb656a22bd6eba38cc7140e8d242877ad3755864039a
4232e3c12b3860ed86f62ab38ee1a711ba7393218593d61cefa8100c28afdd6f
42cf21f8674ffbd3d62802288fd99ddbc39b262b625a7284e53338764a6bdabf
47839fdbbb4c63ad88eb777d1dc2a3709291e07509cc9266882c31a568b318ce
497197245f2b0f397e3ad89de0ca05a4478831524c64a5b96eead1522291fa5b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd105f02796087b78488ae8a5469f1afceefbaf84487d1961abe2441eed9f66
4d2bfa7c04566cc13819190ce85898b468f34b5c9526aba2992b4e4f492ecddd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53b971502ad1d18dd723905eef37fb51779d82a7f85ecc179e14c7f3faa13252
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56ef4e5dbaf70c79b995351b2a2af9fa09a0e22a4a880e20fdb97e3a68e0c07d
56fc393c993fcd39882f3e431873b3d101d9b10a351ccc3b3aa9c0de04113067
5b49f107642adfb7dceac0b2d963055e6dfb397085c94b0591cd2c2fe5b04123
5e23396b56d99957ae53b9122a1f9f7c13ae51fb4f081c346caa25414c13b7ed
5f6452c043799a1b404eeda4cccae9ece6c5c6065b8760c89704b768e36739bc
5f65a0f11dfb663a620dde743cab6c8434307b9aedea52c0f4c3f9ba52e5d706
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
606a36bdf75365109ca3dfc9a2f6711b91e2e72319fec152b0308b0d0486c195
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
60e58270918165cd68ab1069ac7a589d6cd78496c9d8b9523131f9b01d097205
641af876ae8f6fa1f4e08d8620c706fdcf28a1caaea4006811a07ce7f340fb14
65d20dc5f2eb478778e6403ff50560ce98c2901137f90ff006272ee0e1dedcdd
69f14c8b3c19829ee0525c9928cd11951fa456523f7a06a9dd8b450319e96f36
6adaef0370c385b70af292410347b8e5af65c07b7b4de4c278d2919c608207aa
6b0d23dd5b46e873c00e9784daecbde6b3897257c9e8c397376a0988d4d0670a
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
6c9fe191776a8dee7599d608cbf86e937477a9f3ccb5f6ffb61c9bdce619f410
6fa0b93dcc79d1ef847f9bc6650fed0dae8fd91d138ad82b39e534e39391e004
70740754e54accd6e0c5165f6719bcff79ea6b1152307f37a1781b16046894a9
726b38955fee459d146e99676dc2881e71b611a0127f7ac8ce97ac7d1820eb2c
75af2196a7dae8306b63d992f0ce058c7e51e7e49347d7147ea6fd61f57a980d
7786933b47c91ecf487c12be824f20e94522b9a0559d1bda56a92fac29471697
77a99918e6ea500249bc179e71ea8577cc5d3b44dfbbcd8540f20b440e5f8d2c
77ba0fb17ca8a7e1d6de055af4bc7399afd92b9ac80ed0dcd86720e66c42a6d9
793918660b7cd4136bc87888bb6b9d0bfd1dffac25410ca43d472bcfe43e7ae9
7a89548cb86a4c788e144fd14a535bc787418646bc0ca01f4e32519e56a011d8
7f3ed53279a8da1ed394cec205e6bcfefa5b5a97509dba76d139f0991c22fca5
8084305b38728773ea9a079012d98f9068ce25a4ed825508d3af3ca78f3c2660
80b13f9906ad825abf4647a435a9bc09b6f8c6f9359736b4270651265c9372aa
8125e84ab238ed3c54231e245e130ed3032df6c8bbe31181d91605fc4bb6cbf0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85531c36e82dae479860e689c0050db2c5027996d7aaf25530b6d11bd599b5ff
8690ea2be06ef5035c8273c9fbe4a858339110c411b4521445d4d910eff521ed
8698ca5b62de65ad1496e1e5d8e6e164098244aca63adaddaab43d5ca4dae52a
976371449ae6b1a8ba47bb13dcaa1158c14f3ace788800424158d4e6e3750244
97d93c7a81fd0240c6ca48a10d5e64ea1b9518a9dde8a3b908a0f2ed3ef3fc53
9b1517d858de6410033adcc3adb854eef6a0a9c36a7f3a1cfd515a495073e121
9c3c61e9cb28c1c163436406e98059b498ee1194546b17872575986eb7ad67e0
9e66df8345b8b1c2476b9260e6c694b3dabf456dbd0dd642778c808c45b0aa9e
a876f8af5282933197c51d545faf30517c022206b5918551905f3faa2bfafaeb
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
aa60be2116deef425c5716cbb8bb9471593fba6b3016142d1be607f2c335c5cf
ae6e251293164ee5b8a1e90b3621c741a2540db54774d6aa555f576b72229c44
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b14cccc4f0ce549a5ebe46667fbc49e0834ce99caccf69424579d1634fcfe855
b1f3c215dc1a24acdda56737c226b6d898180c2a7b951133355854bf5f9cbb24
b2831bf8b8e4a5c18863dc10573e3f1d69a985f1921c888a6c6c586e6f4b2b72
b817bfaaf1a5743f386113549c26e00620b276458afc4e5bbbbe4ab20e1eccb1
bb8908772f477b25de8d69afd70f2f5ff969797c407ba4e05df9a582ed3fce95
bc5120ac1632fdbc76b6090b88a37e5a85d562976ac7ed418f389b9f66a596ba
c01b9e996022acc94f30f6a38bb6732cda8f7d89ea530167bb360c7672515ca0
c0695b640b8ba188cda50553695c7bd53568b0526b97a344380a726f51c04101
c0c04f35e4b0fa1456824dde34c108b3538787704495ccb4a0ef0802d2adb366
c3894a4aa9bf2e139c77ef0579a8005f76d2acd8eea43d546ad00dbdbf2d370f
c8eeebde264331b200fec3d52f7c678ff055c41d27a0d1e380f0808942c90119
ca722fa47b01887a994f5155b942a8a2015cdf85c633117ad023b1c87a68a82e
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d33c87ba0ce8f68360157726a32263d53c09bb0e78c7553dcc63197c0929ae57
d5dceb988688592f0261c4d7b7e6d4622988e55b098c61852adc2cb2a56c7420
d7ae7f6116a6ec205d0958e4718aba9aa23af267bf6268bdc65bac1920de5c16
d7af3e117bca06c69087ddf636e1911a8c36144e0374d5b75399cb3df8f7a67e
d85abf6342ab7e31c6c1ce8546d81ead68a72ce3447e72ac1494053c1f5b2a8e
d8edcdc2b4685cade3288170abcd5fc7309452d8610c311666dd9d3ca39c4e3e
dd1aabe83c42857f51120c2515a4eaa05c0b9e04cd661a68a9e96674f0cc9427
dffc7fe2425b03d488b1794486489e0e0f7ab921d996d18ba8c57ca440e71ee2
e1e0145fdb090253ce375cc6346e21c20a94af844dfdd76952f76884c2c7e464
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f9351dbae4e358df3ac36e163b2512bbeb8b01ed864f3f3caf233e4b353a3a
e8aed2231497c0fddace130dc8eb6f536e4bd86f692b25ee00416321c816fb68
e8c97fc9b7fa1f9a6aa974602f8ac67ab7ca091dc2a3654fbcc89af57aaed484
e986347fae4cd3e188d0285b8c175fbda863568def399a7cc63663dc65eda556
e9d184f39dc95a4e654c54c8b1871b4a343642e556d7a5da269fcb7c7b19896b
ea9d2c45cb2ef275db3ec9856eeed09b96b873f64c9576d78580be373bc0e4a1
ed26bf16258f35d19150534a90f5752f9ae8dbe7c0cb40fbfbd2113543291f30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18b6621fa60b7b8b18e12b62ca41557ea64258c13b49662a0a57ccc1ce28d6c
f3840ccf57f97a47b55f8f7f5a51174fa6ca00d2b81334c19c70f36f4f6dd192
f465d88ef19c7592b95c00a870994c828aa970bb2c5ceba3ec8605e95d930506
f586cf76931991f2c6fb5e4ef5adc15e5d43f1678fe6ed11e1ee1adec68a6f4d
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f712d6ffc84ad65ca312ed9569e096844b1b17dff08487320541f79dc6284511
f888db85e8c6d27c30f3b7771065fb975bd59455fa245d3b456b94725ae940f7
faa9c80b0fc1a018cc15055adb5ab4900a5cb72e559985b069bedacd93fa17f7
fc3cd056f02dad0eee62a21618b98a6d278448116d77b07fb34e97c84387e4b7
fdca8d11e708c0766214c02bb9340c500ce9360502e46124140f1c89b65d9a19
fe0f4e83bda0a71b5ac10b326ab68b52b9feb1d8c1ba4e2807523692edc6d139
ff4460fccd65e471cf1af46da8c20b5d14e88cce41a1199cf6932dcc0faf6354

forensics.barracudanetworks.com Open in urlscan Pro 99.86.243.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

63 Requests

97 %HTTPS

39 %IPv6

24 Domains

29 Subdomains

26 IPs

6 Countries

5884 kBTransfer

26025 kBSize

14 Cookies

1 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 80 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

forensics.barracudanetworks.com Open in urlscan Pro
99.86.243.54 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

97 %
HTTPS

39 %
IPv6

24
Domains

29
Subdomains

26
IPs

6
Countries

5884 kB
Transfer

26025 kB
Size

14
Cookies

63 HTTP transactions
80 data transactions