try.orca.security Open in urlscan Pro
104.17.74.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pod.orca.security/Nzk2LVBCVy01NTkAAAGQbuzx_lSf_W6SQDCIK9skVOe6H_ROdCLpYjg7Cre34Rsd424T7m3Oy6liD0KqQc9zdSnj77g=
Effective URL:
https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-...
Submission: On January 03 via manual (January 3rd 2024, 4:05:05 pm UTC) from US — Scanned from DE

Summary HTTP 93 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 43 IPs in 5 countries across 31 domains to perform 93 HTTP transactions. The main IP is 104.17.74.206, located in and belongs to CLOUDFLARENET, US. The main domain is try.orca.security.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 18th 2023. Valid for: a year.

This is the only time try.orca.security was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
11	2606:4700:303... 2606:4700:3035::ac43:9a91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.94.80 104.16.94.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26d... 2600:9000:26da:8a00:8:8d2f:9e00:21	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:780... 2a02:26f0:780::210:a40a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2b1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6812:1105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.40.116 108.138.40.116	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
4	65.9.86.7 65.9.86.7	16509 (AMAZON-02) (AMAZON-02)
1	13.227.219.121 13.227.219.121	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	143.204.215.78 143.204.215.78	16509 (AMAZON-02) (AMAZON-02)
5	20.114.189.135 20.114.189.135	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:244... 2600:9000:2449:1c00:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:612... 2600:1f18:612b:4232:950e:aa8c:14aa:701	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20c... 2600:9000:20c3:a800:10:7994:d200:21	16509 (AMAZON-02) (AMAZON-02)
1	44.206.58.181 44.206.58.181	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:fa87:fff... 2a04:fa87:fffd::c000:4266	2635 (AUTOMATTIC) (AUTOMATTIC)
1	35.186.247.156 35.186.247.156	15169 (GOOGLE) (GOOGLE)
93	43

1 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

pod.orca.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

try.orca.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3035::ac43:9a91 (United States)

ASN13335 (CLOUDFLARENET, US)

dummyimage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.94.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-sj01.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:8a00:8:8d2f:9e00:21 (United States)

ASN16509 (AMAZON-02, US)

ddzuuyx7zj81k.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a40a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2b1f (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:1105 (United States)

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.40.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-116.muc50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.86.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-7.ams1.r.cloudfront.net

5f6b2d0bd0ea9d00689c778b.services.infinigrow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-121.ams54.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

796-pbw-559.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-78.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

v.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2449:1c00:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:950e:aa8c:14aa:701 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:a800:10:7994:d200:21 (United States)

ASN16509 (AMAZON-02, US)

dss6ntp5q2r0o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.206.58.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-58-181.compute-1.amazonaws.com

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffd::c000:4266 (Ireland)

ASN2635 (AUTOMATTIC, US)

go.orca.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	orca.security pod.orca.security try.orca.security go.orca.security	789 KB
11	dummyimage.com dummyimage.com — Cisco Umbrella Rank: 157025	18 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1280 v.clarity.ms — Cisco Umbrella Rank: 12483 c.clarity.ms — Cisco Umbrella Rank: 2579	29 KB
9	qualified.com js.qualified.com — Cisco Umbrella Rank: 64237 app.qualified.com — Cisco Umbrella Rank: 70147 assets.qualified.com — Cisco Umbrella Rank: 66772	881 KB
7	google.com www.google.com — Cisco Umbrella Rank: 6 analytics.google.com — Cisco Umbrella Rank: 266	34 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	487 KB
5	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 778 px4.ads.linkedin.com — Cisco Umbrella Rank: 7294	2 KB
4	infinigrow.com 5f6b2d0bd0ea9d00689c778b.services.infinigrow.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	1 KB
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 2957 api.company-target.com — Cisco Umbrella Rank: 10373	2 KB
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 12204 tag-logger.demandbase.com — Cisco Umbrella Rank: 12645	23 KB
2	google.ru www.google.ru — Cisco Umbrella Rank: 5960	562 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 2259 insight.adsrvr.org — Cisco Umbrella Rank: 1095	3 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 184	2 KB
2	cloudfront.net ddzuuyx7zj81k.cloudfront.net dss6ntp5q2r0o.cloudfront.net	28 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	188 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 9171	8 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 212	324 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 539	760 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 620	239 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 2179	392 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 1360	98 B
1	mktoresp.com 796-pbw-559.mktoresp.com	318 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1200	395 B
1	t.co t.co — Cisco Umbrella Rank: 751	377 B
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 26675	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1184	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1877	15 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	27 KB
1	marketo.com app-sj01.marketo.com — Cisco Umbrella Rank: 673543	161 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
93	31

	Domain	Requested by
12	try.orca.security	pod.orca.security try.orca.security
11	dummyimage.com	try.orca.security
7	assets.qualified.com	app.qualified.com
5	v.clarity.ms	www.clarity.ms
5	www.google.com	try.orca.security www.gstatic.com www.google.com
4	5f6b2d0bd0ea9d00689c778b.services.infinigrow.com	ddzuuyx7zj81k.cloudfront.net dss6ntp5q2r0o.cloudfront.net
4	px.ads.linkedin.com	2 redirects snap.licdn.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	c.clarity.ms	1 redirects
2	dsum-sec.casalemedia.com	1 redirects s.company-target.com
2	www.google.ru	try.orca.security
2	analytics.google.com	www.googletagmanager.com
2	www.clarity.ms	pod.orca.security www.clarity.ms
2	www.googletagmanager.com	try.orca.security www.googletagmanager.com
2	munchkin.marketo.net	try.orca.security munchkin.marketo.net
1	sentry.io	assets.qualified.com
1	go.orca.security	js.qualified.com
1	app.qualified.com	js.qualified.com
1	dss6ntp5q2r0o.cloudfront.net	ddzuuyx7zj81k.cloudfront.net
1	insight.adsrvr.org	js.adsrvr.org
1	c.bing.com	1 redirects
1	pixel.rubiconproject.com	s.company-target.com
1	partners.tremorhub.com	s.company-target.com
1	tag-logger.demandbase.com	tag.demandbase.com
1	api.company-target.com	tag.demandbase.com
1	id.rlcdn.com	try.orca.security
1	s.company-target.com	tag.demandbase.com
1	796-pbw-559.mktoresp.com	munchkin.marketo.net
1	tag.demandbase.com	pod.orca.security
1	analytics.twitter.com	try.orca.security
1	t.co	try.orca.security
1	stats.g.doubleclick.net	www.googletagmanager.com
1	px4.ads.linkedin.com	try.orca.security
1	js.adsrvr.org	www.googletagmanager.com
1	js.qualified.com	www.googletagmanager.com
1	tracking.g2crowd.com	pod.orca.security
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	ddzuuyx7zj81k.cloudfront.net	pod.orca.security
1	cdnjs.cloudflare.com	try.orca.security
1	app-sj01.marketo.com	try.orca.security
1	fonts.googleapis.com	try.orca.security
1	pod.orca.security
93	45

This site contains links to these domains. Also see Links.

Domain
policies.google.com
orca.security

Subject Issuer	Validity	Valid
pod.orca.security Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-16`	a year	crt.sh
try.orca.security Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
dummyimage.com GTS CA 1P5	`2023-11-16` - `2024-02-14`	3 months	crt.sh
app-sj01.marketo.com Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com.ru GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
services.infinigrow.com Amazon RSA 2048 M02	`2023-05-27` - `2024-06-24`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.company-target.com R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
app.qualified.com R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
go.orca.security R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2024-09-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
Frame ID: BDDFB14CC1C83CC85FB5A8D08E3BE20D
Requests: 69 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly90cnkub3JjYS5zZWN1cml0eTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=9wxnf7kl0vbt
Frame ID: 59BABE2CBDEE7DB5DEDB64B51E8B317F
Requests: 8 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 5C8AD53F53DB97C648837CF1642F06B8
Requests: 4 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=5hq4tlq&ref=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr&upid=wavfaxa&upv=1.1.0
Frame ID: 3D045955CA45E5AF1591AE5EDDF952A5
Requests: 1 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=625a92f3-fec1-449a-996a-cb1fdb17e617
Frame ID: 4B54A4412211183DE81145E859E7A1B2
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Orca LIVE: Ask the Experts

Page URL History Show full URLs

https://pod.orca.security/Nzk2LVBCVy01NTkAAAGQbuzx_lSf_W6SQDCIK9skVOe6H_ROdCLpYjg7Cre34Rsd424T7m3Oy6li... Page URL
https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q... Page URL

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

93
Requests

97 %
HTTPS

50 %
IPv6

31
Domains

45
Subdomains

43
IPs

5
Countries

2717 kB
Transfer

6502 kB
Size

38
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://orca.security/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pod.orca.security/Nzk2LVBCVy01NTkAAAGQbuzx_lSf_W6SQDCIK9skVOe6H_ROdCLpYjg7Cre34Rsd424T7m3Oy6liD0KqQc9zdSnj77g= Page URL
https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1704297899554&url=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr%26mkt_tok%3DNzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1704297899554&url=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr%26mkt_tok%3DNzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60&cookiesTest=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1704297899554&url=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr%26mkt_tok%3DNzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60&cookiesTest=true&e_ipv6=AQLLBJJxKAUlxwAAAYzQEidkpTfxBKjYNCvmMzYA9fhZUKPzwWhBV54eB-rSLXNoEKHOkzQ7ObOq

Request Chain 68

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1720022699&external_user_id=f6307d2e-4375-43d4-b245-b75c4c80e210 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1720022699&external_user_id=f6307d2e-4375-43d4-b245-b75c4c80e210&C=1

Request Chain 73

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1C950AEA6FD849EC9CAC4315A64460D0&RedC=c.clarity.ms&MXFR=0985FF4449F360D20818ECBF4DF36E2F HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1C950AEA6FD849EC9CAC4315A64460D0&MUID=1A38DFB02AF1623C1F62CC4B2B2363E7

93 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 Nzk2LVBCVy01NTkAAAGQbuzx_lSf_W6SQDCIK9skVOe6H_ROdCLpYjg7Cre34Rsd424T7m3Oy6liD0KqQc9zdSnj77g=
pod.orca.security/ 614 B
1 KB 217ms
188ms Document
text/html 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pod.orca.security/Nzk2LVBCVy01NTkAAAGQbuzx_lSf_W6SQDCIK9skVOe6H_ROdCLpYjg7Cre34Rsd424T7m3Oy6liD0KqQc9zdSnj77g=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-I/YfSwuw23GMKn7VKK/y6Vr35eV0+hBEhEI3epN5kcE=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 83fc7b05dbd39137-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-I/YfSwuw23GMKn7VKK/y6Vr35eV0+hBEhEI3epN5kcE=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
content-type: text/html;charset=UTF-8
date: Wed, 03 Jan 2024 16:04:58 GMT
referrer-policy: strict-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: b0689cc2c7d72275

GET
H2 200 Primary Request ask-the-experts.html Show response
try.orca.security/ 53 KB
11 KB 1064ms
861ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60

Requested by

Host: pod.orca.security
URL: https://pod.orca.security/Nzk2LVBCVy01NTkAAAGQbuzx_lSf_W6SQDCIK9skVOe6H_ROdCLpYjg7Cre34Rsd424T7m3Oy6liD0KqQc9zdSnj77g=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0dec0d7c01f7500babdaba71c963336cd1eb9eba6d79aa231cef234403ce107

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pod.orca.security/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 83fc7b085db93820-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 03 Jan 2024 16:04:59 GMT
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
server: cloudflare
vary: *,Accept-Encoding
x-asset-type: LP
x-content-type-options: nosniff

GET
H2 200 orca-paid-style.css
try.orca.security/rs/796-PBW-559/images/ 9 KB
2 KB 120ms
119ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/rs/796-PBW-559/images/orca-paid-style.css

Requested by

Host: try.orca.security
URL: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1f7c51769d2e8226864110d8022986354cdfe65629300094f7846035871a55b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 07 Oct 2023 03:51:23 GMT
server: cloudflare
etag: "2ce1241-23ed-60718454ca234"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 83fc7b0dcc203820-FRA
content-length: 2033
expires: Wed, 03 Jan 2024 16:05:59 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 62ms
26ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@300;400;500;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90830c8a82c1f155416a7eeb8ddf9c5b451f6f6422280ad803c52d26985d0dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 16:04:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 16:04:59 GMT

GET
H2 200 forms2.min.js Show response
try.orca.security/js/forms2/js/ 208 KB
69 KB 22ms
21ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6ff9c0c443a9050137759816c352d43e96a673bb4023c2ba231cdbed6fe6f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 18 Oct 2023 05:40:57 GMT
server: cloudflare
age: 5367
etag: "2ca1ad1-3414b-607f7156a629d"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 83fc7b0dcc233820-FRA
expires: Wed, 03 Jan 2024 20:04:59 GMT

GET
H2 200 orca-security-mac-logo.png
try.orca.security/rs/796-PBW-559/images/ 20 KB
21 KB 115ms
115ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://try.orca.security/rs/796-PBW-559/images/orca-security-mac-logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5fa8c35bd4535b3e4e547af202d5c8102e28cee127eb26cc4eff717cf205914

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Dec 2023 07:01:38 GMT
server: cloudflare
etag: "2ce11c3-5188-60bd1ec2e34eb"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 83fc7b0dcc263820-FRA
content-length: 20872
expires: Wed, 03 Jan 2024 16:05:59 GMT

GET
H2 200 ed-calendar-blue.svg
try.orca.security/rs/796-PBW-559/images/ 2 KB
728 B 116ms
116ms Image
image/svg+xml 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://try.orca.security/rs/796-PBW-559/images/ed-calendar-blue.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e2e4eb416e7053ea9860eaf56cb75213e9a6ff60a926198e723002c7d3861d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 07 Oct 2023 12:02:56 GMT
server: cloudflare
etag: W/"2ce1391-67d-6071f23362d49"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 83fc7b0dcc293820-FRA
expires: Wed, 03 Jan 2024 16:05:59 GMT

GET
H2 200 ed-pin-blue.svg
try.orca.security/rs/796-PBW-559/images/ 834 B
473 B 121ms
120ms Image
image/svg+xml 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://try.orca.security/rs/796-PBW-559/images/ed-pin-blue.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a3773de26ece9a277df2f271ffb224eb5dd97c8126dacd599ee1966ef145304

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 07 Oct 2023 12:02:56 GMT
server: cloudflare
etag: W/"2ce1392-342-6071f23363901"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 83fc7b0e8cf93820-FRA
expires: Wed, 03 Jan 2024 16:05:59 GMT

GET
H2 200 Ask-the-Experts-Reg-1200x628.png
try.orca.security/rs/796-PBW-559/images/ 677 KB
678 KB 203ms
202ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://try.orca.security/rs/796-PBW-559/images/Ask-the-Experts-Reg-1200x628.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20f6557a11338ec7c0731095af9d823a902346859feda75e8551c39bf987ead3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Tue, 28 Nov 2023 18:55:49 GMT
server: cloudflare
etag: "2ce2ab5-a933c-60b3af786d676"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 83fc7b0e8cfa3820-FRA
content-length: 693052
expires: Wed, 03 Jan 2024 16:05:59 GMT

GET
H2 200 ffffff
dummyimage.com/600x680/003d7a/ 2 KB
3 KB 80ms
22ms Image
image/png 2606:4700:3035::ac43:9a91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dummyimage.com/600x680/003d7a/ffffff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

34d4fa4809d5ecde253666bbcafb26271cfae88ed13a96b235cdbc5e5c80346a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-sol: pub_site
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 708
x-powered-by: WordOps
x-ezoic-cdn: Hit ds;mm;4c988ae004faec310cc5652b85906b13;2-375225-2;6c63ae6f-90f6-48f4-5612-e83c5a58c67c
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ezoic-excludewebp: true
referrer-policy: no-referrer, strict-origin-when-cross-origin
response: 200
last-modified: Tue, 22 Aug 2023 19:23:01 GMT
server: cloudflare
x-origin-cache-control: public, max-age=7776000
x-download-options: noopen
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUDviXjPerNqGSNFahtfQTqebwXCrt5NzZdHRNUW7HMAP2%2FvVxxkYcRvtKY2aQsjwPyEFmQBVnLgXA4pc7qjESw5X%2FazYyIDPA6E91AvtcBiIS%2B6aH8yCiqRKzHID2YivY335QyK7kdNHwqfFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
cf-ray: 83fc7b0eec962bb2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ffffff
dummyimage.com/127X50/0354bd/ 338 B
745 B 80ms
22ms Image
image/png 2606:4700:3035::ac43:9a91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dummyimage.com/127X50/0354bd/ffffff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

06fdee9b7e8864607317d331cacf8307498b519ae09aff37a792880314da47fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-sol: pub_site
display: staticcontent_sol
age: 708
x-middleton-display: staticcontent_sol
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-origin-cache-control: public, max-age=7776000
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: WordOps
x-ezoic-cdn: Hit ds;mm;b3e21bad90e814575a94faaa5412a4ef;2-375225-2;1354ae18-89be-496f-6b28-59a2ccf1b7b5
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
content-length: 338
x-xss-protection: 1; mode=block
x-ezoic-excludewebp: true
response: 200
last-modified: Mon, 18 Sep 2023 14:09:32 GMT
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prlWrgrsBYR494e0g3LcIAzimkjTdUPS%2FNlwL0pbq3g%2FBqvdgkCt5SJzRfQQvi%2BKZiKqjZl6rcvnnX7JigA%2Fk7cBxPkE4oyZ1%2BIpmsnBqk%2FuJn4zpDmSjSBV51rCumxXn3aB7%2B9iHy05%2B0dljg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 83fc7b0eec982bb2-FRA

GET
H2 200 ffffff
dummyimage.com/60x60/0043e0/ 216 B
1 KB 82ms
24ms Image
image/png 2606:4700:3035::ac43:9a91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dummyimage.com/60x60/0043e0/ffffff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

6ccdd8fa3b678f5eeae67299dc61e2cf84a4bb0eede6e5dede1b313435e2ec6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-sol: pub_site
display: staticcontent_sol
age: 708
x-middleton-display: staticcontent_sol
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-origin-cache-control: public, max-age=7776000
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: WordOps
x-ezoic-cdn: Hit ds;mm;fa178b0eeffdc14632f1e318b36fb965;2-375225-2;6ca75c2e-0c3b-48ff-5d88-867ce514ae66
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
content-length: 216
x-xss-protection: 1; mode=block
x-ezoic-excludewebp: true
response: 200
last-modified: Tue, 22 Aug 2023 19:23:00 GMT
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zf32itUpKOBVYr03NdlP8z6PJms0kSGXasUZfxKa2Lo7gnPgwUNlDn9ofRyGhXrKQ6%2FCLbkcGJfhHGaH864vYXjwi9Odw7sjnhzYW6jgQBUzFnmonTNmXzwMIhiTxsy9Xg84LaMWMUJegYXwtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 83fc7b0eec9e2bb2-FRA

GET
H2 200 012375
dummyimage.com/127x50/ffffff/ 338 B
733 B 81ms
23ms Image
image/png 2606:4700:3035::ac43:9a91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dummyimage.com/127x50/ffffff/012375

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

2fd6a01ceec618fb89f366f1e8e1b14d421cdeccfac9b4638f7921ddf772b68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-sol: pub_site
display: staticcontent_sol
age: 708
x-middleton-display: staticcontent_sol
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-origin-cache-control: public, max-age=7776000
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: WordOps
x-ezoic-cdn: Hit ds;mm;1a2cb9928163936de645b109633a99eb;2-375225-2;ccee1819-b579-4ffe-4c6d-3f422d595ca9
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
content-length: 338
x-xss-protection: 1; mode=block
x-ezoic-excludewebp: true
response: 200
last-modified: Fri, 25 Aug 2023 19:56:03 GMT
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3%2BGBTVWW86FYp0kr2w2I0wCvYCwdLicKmMBWYb%2By3g1HYP5hajf5DBu8GCLpDfsG0kMarHHCyq1PbcN%2FPX0siLnDqrZddq1T0tjESZufMXZCOEWY%2B8ZjWH5tyh6xIKWWeYsWYaSvkTjrlfMDg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 83fc7b0eec9c2bb2-FRA

GET
H2 200 012375
dummyimage.com/127X50/ffffff/ 338 B
940 B 81ms
24ms Image
image/png 2606:4700:3035::ac43:9a91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dummyimage.com/127X50/ffffff/012375

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

2fd6a01ceec618fb89f366f1e8e1b14d421cdeccfac9b4638f7921ddf772b68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-sol: pub_site
display: staticcontent_sol
age: 708
x-middleton-display: staticcontent_sol
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-origin-cache-control: public, max-age=7776000
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: WordOps
x-ezoic-cdn: Hit ds;mm;48a2b86710528f5810d206da4327ee6e;2-375225-2;27f2280c-4cae-4e33-7386-aa7db6d18117
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
content-length: 338
x-xss-protection: 1; mode=block
x-ezoic-excludewebp: true
response: 200
last-modified: Fri, 25 Aug 2023 19:56:03 GMT
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SL2UJJuNkZSkMhrisQsAyxOq3WBWK7Uwe8fHix0k4iJSi9wTH42i%2B7gsBGfE96Bo7GIZTbBSeqi8MhDNW6UnR6Qbhqn2u7v4TEq6VcR73Vn2I11g1NO1eTiiEyfDoCr0FXc4xf3W%2FkMf6G9ZhA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 83fc7b0eec992bb2-FRA

GET
H2 200 000000
dummyimage.com/100x100/dce3ed/ 271 B
670 B 80ms
23ms Image
image/png 2606:4700:3035::ac43:9a91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dummyimage.com/100x100/dce3ed/000000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

20dc7ba628270aecec258cebe60d11abf2ed04ed9859fee9d5034d765a73ffd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-sol: pub_site
display: staticcontent_sol
age: 708
x-middleton-display: staticcontent_sol
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-origin-cache-control: public, max-age=7776000
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: WordOps
x-ezoic-cdn: Hit ds;mm;3c6b9b93f22f3d621905591613615008;2-375225-2;1351ee53-9a4f-4f88-5ed8-cf764438155f
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
content-length: 271
x-xss-protection: 1; mode=block
x-ezoic-excludewebp: true
response: 200
last-modified: Fri, 25 Aug 2023 19:56:02 GMT
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xxb8JvzGnxonBvCGKTyNmhHwZ9cxgSMXqnOBvH6hqWcZLuqXiSp2zyzIiKtqDTY1VXqMqLcPmAbaRMWVTV7KrAYVP7iLvBOqPEzq20fq6%2BhY4aHBLO%2FNqD2o%2B7Tm6Egxkhe7%2FuRosg1d1J91Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 83fc7b0eec9b2bb2-FRA

GET
H2 200 B3B8C4
dummyimage.com/700x550/EEF3F9/ 2 KB
2 KB 22ms
22ms Image
image/png 2606:4700:3035::ac43:9a91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dummyimage.com/700x550/EEF3F9/B3B8C4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

dd1cf9d3a43c05512a950acdd3f32b31a5950bace403a7da5fc667da813a5699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-sol: pub_site
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 708
x-powered-by: WordOps
x-ezoic-cdn: Hit ds;mm;bd0e16b3e43fced66d2ea524c1550513;2-375225-2;c9b3cde9-23c8-4ff2-5e4a-f17f89110634
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ezoic-excludewebp: true
referrer-policy: no-referrer, strict-origin-when-cross-origin
response: 200
last-modified: Wed, 16 Aug 2023 02:43:04 GMT
server: cloudflare
x-origin-cache-control: public, max-age=7776000
x-download-options: noopen
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qe85KreQSKOFsyhK9VOQ78yYpejCCNRSXwGERB%2BKjlO%2FMoZclwJxybcFZ2sToQ7LUZsIOENj%2B%2B87krRRYP46QcFK9rd0tsMocb0cAzsXYgJsnb4ZAb47TZug3wZ9ZNiGLyRNRbJDHvGuwLxquw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
cf-ray: 83fc7b0efca22bb2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ffffff
dummyimage.com/1200x276/003d7a/ 4 KB
4 KB 23ms
22ms Image
image/png 2606:4700:3035::ac43:9a91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dummyimage.com/1200x276/003d7a/ffffff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

6b9fc7f48346fff0a81b784c75f9f7cd083e7696cee799f689d3a1ef2ba61185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-sol: pub_site
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 708
x-powered-by: WordOps
x-ezoic-cdn: Hit ds;mm;741ecc1d4ec7f505d909d49b1ca684aa;2-375225-2;8bb25d99-6b40-4a15-7ea2-44cf6fac3f48
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ezoic-excludewebp: true
referrer-policy: no-referrer, strict-origin-when-cross-origin
response: 200
last-modified: Fri, 25 Aug 2023 19:56:03 GMT
server: cloudflare
x-origin-cache-control: public, max-age=7776000
x-download-options: noopen
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OX83o%2BL3lJV2h6vb5beomsQSYk8LOv%2BjGqMX%2BvlKHO5nFfD4lriAlcffIusPR2Q059ndm6SiujoaS2pugk9qPvR7uJe1saWLQwjf7Kf%2BZCDEwLPOJhHjXGiu3vmgyU10xMuWsRHC1fhY41W%2FJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
cf-ray: 83fc7b0efca42bb2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 000000
dummyimage.com/150x60/dce3ed/ 411 B
1 KB 34ms
33ms Image
image/png 2606:4700:3035::ac43:9a91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dummyimage.com/150x60/dce3ed/000000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

e1df4a668c9d9f46284afd78bda153461c00df51b94b2000140adf9848993d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-sol: pub_site
display: staticcontent_sol
age: 708
x-middleton-display: staticcontent_sol
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-origin-cache-control: public, max-age=7776000
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: WordOps
x-ezoic-cdn: Hit ds;mm;2e33c15faa4364833c0d24ec959290b4;2-375225-2;09d24b32-290a-439c-7854-4a021eba6515
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
content-length: 411
x-xss-protection: 1; mode=block
x-ezoic-excludewebp: true
response: 200
last-modified: Fri, 25 Aug 2023 19:56:03 GMT
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STQN7wC85LMX7oxyfwwKTrilYKQp5yK1YvF8CK%2BCAeaKuVKKbP%2BGQmn5F7LONSJlYvDOpa1Z5YaBzJJvtQ2SU%2FbMQ1%2FaPBXAZEHNv9Fl%2BZlbCB6v9JK9SIcg6hiMGdHq1%2BGIe80KVBI5aDGVBw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 83fc7b0f0caa2bb2-FRA

GET
H2 200 000000
dummyimage.com/60x60/dce3ed/ 216 B
614 B 31ms
31ms Image
image/png 2606:4700:3035::ac43:9a91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dummyimage.com/60x60/dce3ed/000000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

2d72c2cef8772691c992100fe6327a6ea490db2226588e2eef2119be786c72a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-sol: pub_site
display: staticcontent_sol
age: 708
x-middleton-display: staticcontent_sol
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-origin-cache-control: public, max-age=7776000
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: WordOps
x-ezoic-cdn: Hit ds;mm;df5aa4ffaf18c89cadeaa581b27176cf;2-375225-2;243bebbb-96ae-4780-6f52-8f2657592b3e
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
content-length: 216
x-xss-protection: 1; mode=block
x-ezoic-excludewebp: true
response: 200
last-modified: Tue, 22 Aug 2023 19:26:56 GMT
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=neDD%2F106JTVUzIE5XZcnzKrJ95EPP9dPGyhv8W7Cx4CfmSrJwLlPpkfFsbzCzL3TnH4cVpjSlcq2gC%2BvTgObh1qTpvVIq1jAnAeumWI909f%2F17Tfo4xXXkCICtQJqe0ijrlZk3g3EuZMfLmGdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 83fc7b0f0cab2bb2-FRA

GET
H2 200 ffffff
dummyimage.com/460x573/003d7a/ 2 KB
2 KB 32ms
31ms Image
image/png 2606:4700:3035::ac43:9a91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dummyimage.com/460x573/003d7a/ffffff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

959f366383adf082d033eb0d01371545db1664e3e1cdbb999d1a15844318cd8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-sol: pub_site
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 708
x-powered-by: WordOps
x-ezoic-cdn: Hit ds;mm;e0acb01f42a88c931035aa516563db0b;2-375225-2;9673d904-f3b8-4e88-4960-3eaaff420ed0
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ezoic-excludewebp: true
referrer-policy: no-referrer, strict-origin-when-cross-origin
response: 200
last-modified: Fri, 25 Aug 2023 19:56:03 GMT
server: cloudflare
x-origin-cache-control: public, max-age=7776000
x-download-options: noopen
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcN4NlaG6w7qWuqOI0jM68fCKdFiEyLh14%2FZoIR%2BBtk6dzySCeMTSVtKVbXQD6wMgyf%2BpZeh6LmRqIk01tDOYnl9qlug6JTjPWYkYud%2BxibqrYkc4SSKqGNS1CbGaoeiuDdhz7iHfFqCsJbpSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
cf-ray: 83fc7b0f0cac2bb2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 forms2.js Show response
app-sj01.marketo.com/js/forms2/js/ 571 KB
161 KB 198ms
44ms Script
application/x-javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj01.marketo.com/js/forms2/js/forms2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

facafb17cfda23c65c3af3e0f2fd75b4b18dd674d7a89e110376454777f7ee1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63113904
last-modified: Wed, 18 Oct 2023 04:36:45 GMT
server: cloudflare
cf-cache-status: HIT
age: 1028
etag: "2fe1aa3-8eb7d-607f62fc6f6c9"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 83fc7b0f79b735fa-FRA
expires: Wed, 03 Jan 2024 20:04:59 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/ 85 KB
27 KB 61ms
36ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://try.orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3153947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27437
last-modified: Tue, 01 Aug 2023 17:19:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93eb6-6b2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QkgQNKqjMECuQDef7IYCXuz5HJsepMmEMX0am2TrrP2SdILzFQApHAn9Q2Hw8YoJ5O2R1zmNeTPAIBiSF4mD7RfhmeiPPoe3IAUPX%2FqypAYGTtIWtfuoBpfmitF81KbbYWd3k6RszRZo%2B%2BKAwANUvyN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fc7b0ebfdf2bd1-FRA
expires: Mon, 23 Dec 2024 16:04:59 GMT

GET
H2 200 video-script.js Show response
try.orca.security/rs/796-PBW-559/images/ 1 KB
535 B 124ms
121ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/rs/796-PBW-559/images/video-script.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c633c1291b7e6f9c7d88f6b0e495605592f136e3fc52b0994a9b4c31d36a806

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 07 Oct 2023 03:51:24 GMT
server: cloudflare
etag: "2ce1242-40a-6071845561fec"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 83fc7b0e8d023820-FRA
content-length: 428
expires: Wed, 03 Jan 2024 16:05:59 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// 1 KB
2 KB 56ms
18ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: try.orca.security
URL: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 16:04:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 stripmkttok.js Show response
try.orca.security/js/ 2 KB
807 B 28ms
26ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/js/stripmkttok.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 26 Sep 2023 22:55:04 GMT
server: cloudflare
age: 701
etag: "2624f5-602-6064af724e200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 83fc7b0e8d063820-FRA
content-length: 678
expires: Wed, 03 Jan 2024 20:04:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
94 KB 93ms
43ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e4d45fd157ef978cf83bc3b984a2d9caaeabcbb5daa9569ff81e41cdc0d8a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95963
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jan 2024 16:04:59 GMT

GET
H2 200 xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v15/ 24 KB
24 KB 74ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 09:01:13 GMT
x-content-type-options: nosniff
age: 111826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24376
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 09:01:13 GMT

GET
H2 200 getForm Show response
try.orca.security/index.php/form/ 6 KB
2 KB 76ms
76ms XHR
application/javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://try.orca.security/index.php/form/getForm?munchkinId=796-PBW-559&form=1433
Requested by: Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16601ba0511c883d6d1e2ca5b07cf464a6e525e8e18bdfbaa5461301278096b0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 83fc7b0ebd393820-FRA
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 forms2.css
try.orca.security/js/forms2/css/ 13 KB
3 KB 30ms
30ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/js/forms2/css/forms2.css

Requested by

Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 26 Sep 2023 22:55:04 GMT
server: cloudflare
age: 5368
etag: "a37da-3437-6064af724e200"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 83fc7b0f2dc13820-FRA
content-length: 2623
expires: Wed, 03 Jan 2024 20:04:59 GMT

GET
H2 200 forms2-theme-simple.css
try.orca.security/js/forms2/css/ 826 B
326 B 31ms
31ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/js/forms2/css/forms2-theme-simple.css

Requested by

Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 26 Sep 2023 22:55:04 GMT
server: cloudflare
age: 701
etag: "2ca0ab3-33a-6064af724e200"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 83fc7b0f3dc33820-FRA
content-length: 242
expires: Wed, 03 Jan 2024 20:04:59 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 84ms
36ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaCallback

Requested by

Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b361afff7a5fba7013336b3b7b39599b0e9ed6390cc4c97bd974a46c8b30c6cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 03 Jan 2024 16:04:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
93 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZJX9BKF7WR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0cc7d2b930db9ab093dc8512705a91b100bec2c547d1fb7b3d1b73795a2f6d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95530
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 16:04:59 GMT

GET
H2 200 attributionSnippet.js Show response
ddzuuyx7zj81k.cloudfront.net/1.0.0/ 6 KB
2 KB 100ms
23ms Script
application/javascript 2600:9000:26da:8a00:8:8d2f:9e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ddzuuyx7zj81k.cloudfront.net/1.0.0/attributionSnippet.js
Requested by: Host: pod.orca.security
URL: https://pod.orca.security/Nzk2LVBCVy01NTkAAAGQbuzx_lSf_W6SQDCIK9skVOe6H_ROdCLpYjg7Cre34Rsd424T7m3Oy6liD0KqQc9zdSnj77g=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:8a00:8:8d2f:9e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a26c6b08f043efef7e236eb6464e096f0d0a995c35c5f6074d4cc1c695cbe9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: BzkI61eYFyewX6x0l7i6i82MeoDOtTMn
content-encoding: gzip
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 10:36:26 GMT
last-modified: Mon, 18 Jul 2022 15:25:15 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 19714
etag: W/"03d2c7ecc77b0dbf04fecc51b018a287"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: fLlDGiEklcCNy8eM7C56eExAk4sA5rnBvfUA15E-4PYXuw_nYfvvtg==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 42 KB
15 KB 66ms
15ms Script
application/javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 13:09:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=60328
accept-ranges: bytes
content-length: 15541

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 73ms
14ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230073-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/ 3 KB
2 KB 135ms
58ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/?random=1704297899486&cv=11&fst=1704297899486&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v812157982&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr%26mkt_tok%3DNzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60&ref=https%3A%2F%2Fpod.orca.security%2F&hn=www.googleadservices.com&frm=0&tiba=Orca%20LIVE%3A%20Ask%20the%20Experts&auid=1696553896.1704297899&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba28bec45afd5a0fc3e92ef350143457574e74cb0bebd0c1a1d8650ad9b10713

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1450
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3724.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 472ms
420ms Script
text/javascript 2606:4700:4400::6812:2b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/3724.js?p=https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60&e=

Requested by

Host: pod.orca.security
URL: https://pod.orca.security/Nzk2LVBCVy01NTkAAAGQbuzx_lSf_W6SQDCIK9skVOe6H_ROdCLpYjg7Cre34Rsd424T7m3Oy6liD0KqQc9zdSnj77g=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
x-xss-protection: 1; mode=block
x-request-id: 655b7b02-baef-43ec-8b94-6121ceae28fd
x-runtime: 0.003501
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
cf-ray: 83fc7b10290b35ec-FRA

GET
H2 200 qualified.js Show response
js.qualified.com/ 327 KB
101 KB 486ms
442ms Script
text/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=gndr1NireXGRNRuC

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6df4914fa2d677542a8e8d2ae7dfa76149843c0269f017cf4464530a467a0aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
via: 1.1 spaces-router (devel)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 43959b82-957b-7449-82a4-7ea1acffd123
pragma: no-cache
x-runtime: 0.030022
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e6df4914fa2d677542a8e8d2ae7dfa76"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 83fc7b102ca091fc-FRA
expires: Wed, 03 Jan 2024 20:04:59 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 121ms
20ms Script
application/x-javascript 108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 05:33:53 GMT
Content-Encoding: gzip
Via: 1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Dec 2023 01:34:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 37867
ETag: W/"b7474eac210849250426a8f6a39d00f3"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: QDPZB6helS5nXU7maLeIVV9ZwuUGreu5XhL5AmFpHmXVwdbVPS08HA==

GET
H2 200 jjtdo160k2 Show response
www.clarity.ms/tag/ 1018 B
1 KB 156ms
114ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jjtdo160k2
Requested by: Host: pod.orca.security
URL: https://pod.orca.security/Nzk2LVBCVy01NTkAAAGQbuzx_lSf_W6SQDCIK9skVOe6H_ROdCLpYjg7Cre34Rsd424T7m3Oy6liD0KqQc9zdSnj77g=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a025bdc063386dca726e3a434ae97e6cb593a37cfad979b8462fb8313ff3c656

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: -1
date: Wed, 03 Jan 2024 16:04:59 GMT
x-azure-ref: 20240103T160459Z-7pqh8e1f5t7gfb5tdwn5ybdg4n000000015g00000000s4m3
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1018
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 505 KB
203 KB 75ms
18ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaCallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://try.orca.security/
Origin: https://try.orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 14:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 14:22:46 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1704297899554&url=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1704297899554&url=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1704297899554&url=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaig...

0
267 B

230ms
185ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1704297899554&url=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr%26mkt_tok%3DNzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60&cookiesTest=true&e_ipv6=AQLLBJJxKAUlxwAAAYzQEidkpTfxBKjYNCvmMzYA9fhZUKPzwWhBV54eB-rSLXNoEKHOkzQ7ObOq
Requested by: Host: try.orca.security
URL: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:05:00 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 862D05BD59AD4EB99CB9EB0EAB73E642 Ref B: AMS04EDGE3319 Ref C: 2024-01-03T16:05:00Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYODMbtMV9bPX0sWWZjDQ==

Redirect headers

date: Wed, 03 Jan 2024 16:04:59 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F40689DB88624727B418D9B9DFC5FE10 Ref B: FRAEDGE1718 Ref C: 2024-01-03T16:04:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1704297899554&url=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr%26mkt_tok%3DNzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60&cookiesTest=true&e_ipv6=AQLLBJJxKAUlxwAAAYzQEidkpTfxBKjYNCvmMzYA9fhZUKPzwWhBV54eB-rSLXNoEKHOkzQ7ObOq
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYODMbpx11OEqOlTFp1+g==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
697 B 190ms
158ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://try.orca.security/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 343EA1CB0A484BBB9252E1F1A82E5BAC Ref B: FRAEDGE1718 Ref C: 2024-01-03T16:04:59Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://try.orca.security
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYODMbmpK42nM1vOUe3ag==

POST
H2 204 collect
analytics.google.com/g/ 0
255 B 79ms
18ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ZJX9BKF7WR&gtm=45je3bt0v892696919z8812157982&_p=1704297899282&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1821220454.1704297900&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1704297899&sct=1&seg=0&dl=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr%26mkt_tok%3DNzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60&dr=https%3A%2F%2Fpod.orca.security%2F&dt=Orca%20LIVE%3A%20Ask%20the%20Experts&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Other&tfd=1518
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZJX9BKF7WR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 16:04:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.orca.security
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 58ms
20ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZJX9BKF7WR&cid=1821220454.1704297900&gtm=45je3bt0v892696919z8812157982&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZJX9BKF7WR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 16:04:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.orca.security
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ru/ads/ 42 B
408 B 73ms
38ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ru/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZJX9BKF7WR&cid=1821220454.1704297900&gtm=45je3bt0v892696919z8812157982&aip=1&dma=0&gcd=11l1l1l1l1&z=911265433

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 16:04:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 357ms
332ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=906c1d17-82db-4503-a05a-84a22f42b59c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd8b3cb8-97de-4e39-abcd-510eb9b37241&tw_document_href=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr%26mkt_tok%3DNzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4qyy&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time: 111
date: Wed, 03 Jan 2024 16:04:59 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: bacc2d80402e5a6e
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 9349d520d428d1b552f3348cca5b595738666f816804e8bdb2d6cc3156175041
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 221ms
189ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=906c1d17-82db-4503-a05a-84a22f42b59c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd8b3cb8-97de-4e39-abcd-510eb9b37241&tw_document_href=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr%26mkt_tok%3DNzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4qyy&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time: 180
date: Wed, 03 Jan 2024 16:04:59 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 60448aac90944888
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: d571434ca90225c7f055689de67ad8db78ab573b766f8e531fa65a5e8d337d7e
content-length: 43

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 13ms
12ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 16:04:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Fri, 12 Apr 2024 16:04:59 GMT

POST
H2 200 setcookie2 Show response
5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/ 15 B
559 B 467ms
433ms Fetch
application/json 65.9.86.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/setcookie2
Requested by: Host: ddzuuyx7zj81k.cloudfront.net
URL: https://ddzuuyx7zj81k.cloudfront.net/1.0.0/attributionSnippet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-7.ams1.r.cloudfront.net
Software: /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://try.orca.security/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Jan 2024 16:05:00 GMT
via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amzn-trace-id: Root=1-659585ac-1985665e6802ef3a4a9c8961;Sampled=0;lineage=ccf2bc8d:0
x-amzn-requestid: ca39b459-fb84-4e4e-af25-cec2dd40c5f8
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://try.orca.security
access-control-allow-credentials: true
x-amz-apigw-id: Q-HS_Fm1PHcEPAQ=
content-length: 15
x-amz-cf-id: tFDIEWfYQKN3lTIthrKHkEBzWHbaadRfQGZwFfPLet7hMr0K_UUY1w==

OPTIONS
H2 204 setcookie2
5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/ Frame 0
0 490ms
440ms Preflight 65.9.86.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/setcookie2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-7.ams1.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://try.orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin: https://try.orca.security
access-control-max-age: 43200
date: Wed, 03 Jan 2024 16:05:00 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
x-amz-apigw-id: Q-HS7EG9vHcEO3A=
x-amz-cf-id: c4xgAFT94IP-hSwu21FCjV6JX5S-MLQJuV6_DT60TN7zGexbkfRp0g==
x-amz-cf-pop: AMS1-C1
x-amzn-requestid: 813c1283-4437-4671-94d8-85084e8b3b2f
x-amzn-trace-id: Root=1-659585ac-7b126627374026c05dadfdba;Sampled=0;lineage=ccf2bc8d:0
x-cache: Miss from cloudfront

GET
H2 200 59d4f40d1d34663b.min.js Show response
tag.demandbase.com/ 86 KB
23 KB 62ms
16ms Script
application/javascript 13.227.219.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/59d4f40d1d34663b.min.js

Requested by

Host: pod.orca.security
URL: https://pod.orca.security/Nzk2LVBCVy01NTkAAAGQbuzx_lSf_W6SQDCIK9skVOe6H_ROdCLpYjg7Cre34Rsd424T7m3Oy6liD0KqQc9zdSnj77g=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-121.ams54.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f57912e5ca5395c763a74e47de727e2f952be5193ab72ee47269e477a423f158

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: H2Q_Klwj349iIDJ78zoBji2NbLhI6YWZ
content-encoding: gzip
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 15:15:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS54-C1
age: 3000
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 11 Dec 2023 18:36:33 GMT
server: AmazonS3
etag: W/"2930ab2593ea3b1af33b24a1f1f4ea33"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: ertbFa_xMczIHfyVj865615W_lf7drf5vdH9WYfggQIsKwwfzm9pJA==

GET
H2 200 /
www.google.com/pagead/1p-user-list/653025264/ 42 B
327 B 30ms
30ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/653025264/?random=1704297899486&cv=11&fst=1704297600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v812157982&u_w=1600&u_h=1200&url=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr%26mkt_tok%3DNzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60&ref=https%3A%2F%2Fpod.orca.security%2F&frm=0&tiba=Orca%20LIVE%3A%20Ask%20the%20Experts&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_hhE2rg7LVTuGaCUeiSVp-JJC7vwXCg&random=2557399643&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 16:04:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ru/pagead/1p-user-list/653025264/ 42 B
154 B 30ms
30ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ru/pagead/1p-user-list/653025264/?random=1704297899486&cv=11&fst=1704297600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v812157982&u_w=1600&u_h=1200&url=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr%26mkt_tok%3DNzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60&ref=https%3A%2F%2Fpod.orca.security%2F&frm=0&tiba=Orca%20LIVE%3A%20Ask%20the%20Experts&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_hhE2rg7LVTuGaCUeiSVp-JJC7vwXCg&random=2557399643&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 16:04:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 22ms
22ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jjtdo160k2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: br
last-modified: Tue, 02 Jan 2024 08:59:32 GMT
etag: W/"0x8DC0B71233A1338"
vary: Accept-Encoding
x-azure-ref: 20240103T160459Z-7pqh8e1f5t7gfb5tdwn5ybdg4n000000015g00000000s4ma
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8f5a9dd1-801e-0048-3d5a-3d33ec000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H/1.1 200
OK visitWebPage
796-pbw-559.mktoresp.com/webevents/ 2 B
318 B 584ms
97ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://796-pbw-559.mktoresp.com/webevents/visitWebPage?_mchNc=1704297899665&_mchCn=ask-the-experts&_mchId=796-PBW-559&_mchTk=_mch-orca.security-1704297899664-29026&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60&_mchWs=j1RR&_mchHo=try.orca.security&_mchPo=&_mchRu=%2Fask-the-experts.html&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fpod.orca.security%2F&_mchQp=utm_source%3Dorcaemail__-__utm_medium%3Demail__-__utm_campaign%3D24-q1-orca-live-experts-jan-wbr__-__mkt_tok%3DNzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 16:05:00 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 1a4f8f96-23b9-400e-a5cd-3eb5a716b864

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 59BA 41 KB
25 KB 59ms
59ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly90cnkub3JjYS5zZWN1cml0eTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=9wxnf7kl0vbt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f016de8140d213aab5f938927cd13e5b9295ffcd42a878f1e061bdc82ce56ca2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OG_CTgPjExijF_cylsDM1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://try.orca.security/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OG_CTgPjExijF_cylsDM1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 16:04:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sync Show response
s.company-target.com/s/ Frame 5C8A 634 B
968 B 191ms
100ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/59d4f40d1d34663b.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 45766d43610439311ec26ec7ead8bcaaba7639fa12ce2ec467a8a586a52245e2

Request headers

Referer: https://try.orca.security/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 16:04:59 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 71ms
25ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: try.orca.security
URL: https://try.orca.security/ask-the-experts.html?utm_source=orcaemail&utm_medium=email&utm_campaign=24-q1-orca-live-experts-jan-wbr&mkt_tok=Nzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 468 B
971 B 91ms
48ms XHR
application/json 143.204.215.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Fpod.orca.security%2F&page=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr%26mkt_tok%3DNzk2LVBCVy01NTkAAAGQbuzx_osgg6PUGKPO0WFH8jq9Zfys-R8jUiiRglOKAENfAtdrj8-dDyEUBz8F2YOy8rTQQo2BgXiermBtIedayiQHfeokRKisZM2UY60&page_title=Orca%20LIVE%3A%20Ask%20the%20Experts
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/59d4f40d1d34663b.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-78.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 61434002c4db83b8a01a7fcb9094e996d920710b6b1c0bbf76374f857f67961a

Request headers

Referer: https://try.orca.security/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
request-id: f299f498-6dee-43f2-941b-5007e830f956
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://try.orca.security
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: O3mqqiwHclxhfUzSWexzvDKxKGKpc8TdniLjzDMD_I1hv6O73dDgkA==
expires: Tue, 02 Jan 2024 16:04:59 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 59BA 55 KB
24 KB 44ms
17ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly90cnkub3JjYS5zZWN1cml0eTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=9wxnf7kl0vbt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:44:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 15:44:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 59BA 505 KB
203 KB 47ms
20ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 14:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 14:22:46 GMT

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
297 B 409ms
210ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://try.orca.security/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://try.orca.security
Date: Wed, 03 Jan 2024 16:05:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
420 B 163ms
103ms XHR
text/html 2600:9000:2449:1c00:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=O3mqqiwHclxhfUzSWexzvDKxKGKpc8TdniLjzDMD_I1hv6O73dDgkA==&api-version=v2
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/59d4f40d1d34663b.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:1c00:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Wed, 03 Jan 2024 12:28:11 GMT
via: 1.1 0bdea9339f79fea2216fd97b3f7856f2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P6
age: 13009
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 9oHMip_KrokawWkLXYDSTSU4VqjUf29D_6PULYYKzmuPhpf5QpLFkw==

GET
H3 200 Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js Show response
www.google.com/js/bg/ Frame 59BA 17 KB
7 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly90cnkub3JjYS5zZWN1cml0eTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=9wxnf7kl0vbt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 07:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6850
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Dec 2024 07:40:52 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 59BA 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 158885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 08 Jan 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 59BA 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 491883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Dec 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 59BA 15 KB
15 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 157648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 59BA 102 B
135 B 22ms
22ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly90cnkub3JjYS5zZWN1cml0eTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=9wxnf7kl0vbt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 03 Jan 2024 16:04:59 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5C8A
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1720022699&external_user_id=f6307d2e-4375-43d4-b245-b75c4c80e210
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1720022699&external_user_id=f6307d2e-4375-43d4-b245-b75c4c80e210&C=1

43 B
338 B

32ms
32ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1720022699&external_user_id=f6307d2e-4375-43d4-b245-b75c4c80e210&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 16:05:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tl7w8ebgZbhU%2FKn4L%2F9NrD2rPkenWOc%2FuXhtveAp%2Fa6yZr9QB9IiI9BJNDuKKA9iz2RPlAn3Ot14YnqJPWUXISLrjHn7M0dVIImdoEsMLwuzYOT81Qnnr0Gyo6hMqKMAUmA4lgFYMrolYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83fc7b133a093633-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 16:05:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRZeWYeLqHhlpFcDIetMGMRoyfQ75yX83VkWeoyGEjr8b5uX8Abv5z3ezqKLAvftU11%2Fj28OQrs9IHxo%2FMaoC3PbxypMIS3sAHwYfM61wfSs3yT5zUMtTmRWq0sOzTREsdPaZWBYtAT%2BYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=18&expiry=1720022699&external_user_id=f6307d2e-4375-43d4-b245-b75c4c80e210&C=1
cache-control: no-cache
cf-ray: 83fc7b12f9993633-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 5C8A 43 B
392 B 501ms
170ms Image
image/gif 2600:1f18:612b:4232:950e:aa8c:14aa:701
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=f6307d2e-4375-43d4-b245-b75c4c80e210
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:950e:aa8c:14aa:701 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 03 Jan 2024 16:05:00 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 5C8A 0
239 B 46ms
9ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=f6307d2e-4375-43d4-b245-b75c4c80e210&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
144 B 196ms
195ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://try.orca.security/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 16:05:00 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 75CBDDDD23B04C20BB269468FC44A018 Ref B: FRAEDGE1718 Ref C: 2024-01-03T16:05:00Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://try.orca.security
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYODMb0QJs6rhUwgFNBSg==

POST
H/1.1 204
No Content collect
v.clarity.ms/ 0
297 B 100ms
99ms Ping
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://try.orca.security/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://try.orca.security
Date: Wed, 03 Jan 2024 16:05:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1C950AEA6FD849EC9CAC4315A64460D0&RedC=c.clarity.ms&MXFR=0985FF4449F360D20818ECBF4DF36E2F
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1C950AEA6FD849EC9CAC4315A64460D0&MUID=1A38DFB02AF1623C1F62CC4B2B2363E7

42 B
441 B

33ms
32ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1C950AEA6FD849EC9CAC4315A64460D0&MUID=1A38DFB02AF1623C1F62CC4B2B2363E7
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 16:05:00 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
server: Microsoft-IIS/10.0
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 16:05:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 12595160907C45E8823C869AD0F34899 Ref B: FRAEDGE2020 Ref C: 2024-01-03T16:05:00Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1C950AEA6FD849EC9CAC4315A64460D0&MUID=1A38DFB02AF1623C1F62CC4B2B2363E7
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 3D04 0
60 B 119ms
36ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=5hq4tlq&ref=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr&upid=wavfaxa&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://try.orca.security/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Wed, 03 Jan 2024 16:05:00 GMT
server: Kestrel

GET
H2 200 infinigrow.js Show response
dss6ntp5q2r0o.cloudfront.net/2.9.0/ 74 KB
25 KB 85ms
17ms Script
application/javascript 2600:9000:20c3:a800:10:7994:d200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dss6ntp5q2r0o.cloudfront.net/2.9.0/infinigrow.js
Requested by: Host: ddzuuyx7zj81k.cloudfront.net
URL: https://ddzuuyx7zj81k.cloudfront.net/1.0.0/attributionSnippet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:a800:10:7994:d200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:28:26 GMT
content-encoding: gzip
via: 1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront)
last-modified: Sun, 24 Jun 2018 15:14:02 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 33517
etag: W/"2f70fa2239343e20deb5c199873fbed1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 1dmcZKI9vP8wdl0emsN6AQ_1CbOxIyIvSkzYGwARaE_I2Cam-zsbjg==

OPTIONS
H2 204 tp2
5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/com.snowplowanalytics.snowplow/ Frame 0
0 434ms
433ms Preflight 65.9.86.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-7.ams1.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://try.orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin: https://try.orca.security
access-control-max-age: 43200
date: Wed, 03 Jan 2024 16:05:01 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
x-amz-apigw-id: Q-HTFHHLvHcEgiw=
x-amz-cf-id: bXQqyqJ09ifoXw7j4xEpUDuBAP2vq16Lm70f0CKmKCi0cFeJMZqqSQ==
x-amz-cf-pop: AMS1-C1
x-amzn-requestid: 282be1c9-8eaa-4e08-ae84-31b7c2adbe38
x-amzn-trace-id: Root=1-659585ad-1f1ae9ee593ec8060d4db97a;Sampled=0;lineage=ccf2bc8d:0
x-cache: Miss from cloudfront

POST
H2 200 tp2 Show response
5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/com.snowplowanalytics.snowplow/ 2 B
696 B 443ms
441ms XHR
text/plain 65.9.86.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: dss6ntp5q2r0o.cloudfront.net
URL: https://dss6ntp5q2r0o.cloudfront.net/2.9.0/infinigrow.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-7.ams1.r.cloudfront.net
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://try.orca.security/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 16:05:01 GMT
via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 2
x-amzn-remapped-server: akka-http/10.0.9
x-amz-cf-pop: AMS1-C1
x-amzn-requestid: 33db003b-8a3b-4d56-9c26-d6d3401fe1a5
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
x-amz-apigw-id: Q-HTJFp0PHcEf9g=
content-length: 2
x-amzn-trace-id: Root=1-659585ad-182f42bf19eabc94154c5e9b;Sampled=0;lineage=ccf2bc8d:0
vary: Origin
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://try.orca.security
access-control-allow-credentials: true
x-amzn-remapped-date: Wed, 03 Jan 2024 16:05:01 GMT
x-amz-cf-id: NG3-0ZTWmyYndf2-0W7WEH4-guoeft5FWthWWQhmLkx974F9z2P7ZA==

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
297 B 203ms
202ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://try.orca.security/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://try.orca.security
Date: Wed, 03 Jan 2024 16:05:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK messenger Show response
app.qualified.com/w/1/gndr1NireXGRNRuC/ Frame 4B54 6 KB
3 KB 706ms
246ms Document
text/html 44.206.58.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=625a92f3-fec1-449a-996a-cb1fdb17e617

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=gndr1NireXGRNRuC

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

44.206.58.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-206-58-181.compute-1.amazonaws.com

Software

Resource Hash

6e5273dcd3531e23f32dd5b206bbe574f09e09e27292f8b6c62da7711033b9d2

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://try.orca.security/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Length: 1777
Content-Security-Policy
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Jan 2024 16:05:01 GMT
Etag: W/"6e5273dcd3531e23f32dd5b206bbe574"
Link: <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (devel)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: c61bda16-c094-e937-9f3f-c27611767954
X-Runtime: 0.033611
X-Xss-Protection: 1; mode=block

GET
H2 404 dc.js
go.orca.security/dcjs/898611/14/ 0
0 178ms
161ms Script
text/html 2a04:fa87:fffd::c000:4266
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://go.orca.security/dcjs/898611/14/dc.js
Requested by: Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=gndr1NireXGRNRuC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4266 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ZJX9BKF7WR&gtm=45je3bt0v892696919z8812157982&_p=1704297899282&gcd=11l1l1l1l1&dma=0&cid=1821220454.1704297900&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&sid=1704297899&sct=1&seg=0&dl=https%3A%2F%2Ftry.orca.security%2Fask-the-experts.html%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D24-q1-orca-live-experts-jan-wbr&dr=https%3A%2F%2Fpod.orca.security%2F&dt=Orca%20LIVE%3A%20Ask%20the%20Experts&_s=2&tfd=3436
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZJX9BKF7WR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://try.orca.security/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 16:05:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.orca.security
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 messenger-94e6eccc.chunk.css
assets.qualified.com/packs/css/vendors~widget/sandboxed/ Frame 4B54 35 KB
7 KB 28ms
25ms Stylesheet
text/css 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:05:01 GMT
x-amz-version-id: XvZWQCYWoLS9Gr0QamUrxZt4M_6itGwe
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: BJPE4TJYBEG03KD9
age: 660
x-amz-server-side-encryption: AES256
x-amz-id-2: hZNfEqGMuWLAA7kYQ9yPiE15IDlor1YO1fowgVi54YyhfQc+lRn8qbb+FPXur2dgMYMWDE6eSsc=
last-modified: Wed, 29 Nov 2023 02:17:16 GMT
server: cloudflare
etag: W/"a788ecf510f83ee517cbaf79306145dd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 83fc7b1eeb0b91fc-FRA
expires: Wed, 03 Jan 2024 20:05:01 GMT

GET
H2 200 messenger-ea37ea0f.chunk.css
assets.qualified.com/packs/css/widget/sandboxed/ Frame 4B54 5 KB
1 KB 23ms
20ms Stylesheet
text/css 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:05:01 GMT
x-amz-version-id: 1x6aIuGrk4W48SkG3ho7F3AzA2sHlUAu
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 6B8EWMR1XK68A5GX
age: 1216
x-amz-server-side-encryption: AES256
x-amz-id-2: ZDPkKMPUAeEa99LBsaCeSM38MTB7AwDwSko8KqTNOnUfEH5CgC3r1jadbL2scGKHSy/ZPhScv5g=
last-modified: Sat, 30 Dec 2023 01:58:34 GMT
server: cloudflare
etag: W/"22d5f23e695250d3c5a5b1e76a015c5e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 83fc7b1eeb0d91fc-FRA
expires: Wed, 03 Jan 2024 20:05:01 GMT

GET
H2 200 messenger~runtime-12a4356b25dc00e21009.js Show response
assets.qualified.com/packs/js/widget/sandboxed/ Frame 4B54 2 KB
2 KB 22ms
17ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-12a4356b25dc00e21009.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=625a92f3-fec1-449a-996a-cb1fdb17e617
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04ae340fe641b50225a136fd975a06038932d2edf3262afb992437e330be9fe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:05:02 GMT
x-amz-version-id: Xq3f50_hfPTjyXqDSDM1ZaGlvLgN5WaA
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 4KMXAMVRZXW68JWR
age: 5100
x-amz-server-side-encryption: AES256
x-amz-id-2: 8AXhstN7sguATOExXUFtlAJwZOqtS3ICCWEum7h5LJEOuZhCJYyOK6DDWRzId6wTN4VLwRl3x1U=
last-modified: Mon, 11 Dec 2023 20:26:04 GMT
server: cloudflare
etag: W/"a7878e62f4e53c14b2f5dffdb6cf33bc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 83fc7b208caa91fc-FRA
expires: Wed, 03 Jan 2024 20:05:02 GMT

GET
H2 200 messenger-31335017914d2051e5ff.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/ Frame 4B54 1 MB
368 KB 26ms
22ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-31335017914d2051e5ff.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=625a92f3-fec1-449a-996a-cb1fdb17e617
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e867417807eb77eec9f30f3bc0c450159e17ad00a9e9f3af7b4bc63c08b3922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:05:02 GMT
x-amz-version-id: wSsebgh4.nJMdgDvh3P0M.0WHItuI7We
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: HGNSCQAG03XSZ83W
age: 1973
x-amz-server-side-encryption: AES256
x-amz-id-2: Te2cxjcajzFyEHb25J9JUKBDl//hZWBGgXXr6XhbOH/aMfLNgUp5GPO39e5P9UQlYwrxmslOTUY=
last-modified: Sat, 30 Dec 2023 01:58:39 GMT
server: cloudflare
etag: W/"3cb93ee01fcc5153e00dbb1fc831f350"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 83fc7b208cac91fc-FRA
expires: Wed, 03 Jan 2024 20:05:02 GMT

GET
H2 200 messenger-09c8471ea8155fff4d8c.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame 4B54 872 KB
199 KB 22ms
20ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-09c8471ea8155fff4d8c.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=625a92f3-fec1-449a-996a-cb1fdb17e617
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce9e35cab058efe7fba1d3bfcb58bd156ba6520790b972dc8240172061d5a5a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:05:02 GMT
x-amz-version-id: WWDuWgxshDQmVRzZZ55NRS5Pil_2BdmB
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: ZX7HZX93FC3CNBWQ
age: 515
x-amz-server-side-encryption: AES256
x-amz-id-2: N5r9aVl5iufN4/hp+h+cEAtsVUri3m84evfDPGz48pVhJl/5pcnEJyBdPxI97hVAjIWOtC6AGQQDju7aUfCAFff2+E1KiM/F
last-modified: Tue, 02 Jan 2024 19:51:11 GMT
server: cloudflare
etag: W/"d8d87cbe8b1c870612b7485f3f0e3376"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 83fc7b208cae91fc-FRA
expires: Wed, 03 Jan 2024 20:05:02 GMT

GET
H2 200 Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame 4B54 97 KB
97 KB 62ms
23ms Font
font/woff2 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=625a92f3-fec1-449a-996a-cb1fdb17e617
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:05:02 GMT
x-amz-version-id: E6YIfM36rydnMaf4sGSvJLBNDyS.ADNG
cf-cache-status: HIT
x-amz-request-id: T318VWP84NWYB8N1
age: 2897012
x-amz-server-side-encryption: AES256
content-length: 98868
x-amz-id-2: izCCEidg+4aPasBFcOg/yTcmOYbKkVN0h+GeoIm/YRox05v27bE5y3nAHGEF4I5YbA0IvUqj19Y=
last-modified: Thu, 30 Nov 2023 23:59:22 GMT
server: cloudflare
etag: "dc131113894217b5031000575d9de002"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 83fc7b20c94965d0-FRA
expires: Thu, 02 Jan 2025 22:05:02 GMT

GET
H2 200 Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame 4B54 103 KB
104 KB 82ms
43ms Font
font/woff2 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=625a92f3-fec1-449a-996a-cb1fdb17e617
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:05:02 GMT
x-amz-version-id: _rRYa2sPGNB5athLTFbmNGewSIAAC_sF
cf-cache-status: HIT
x-amz-request-id: QSYAJGG94K88EMD2
age: 3068847
x-amz-server-side-encryption: AES256
content-length: 105804
x-amz-id-2: t9E0NxiZoUz7nV2Ww/KQWxQGcxoOZzqmSsKRl28vqBbqpj18pboGFM0O24erxLHbDylU6T42ODE=
last-modified: Wed, 29 Nov 2023 02:17:21 GMT
server: cloudflare
etag: "007ad31a53f4ab3f58ee74f2308482ce"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 83fc7b20c94b65d0-FRA
expires: Thu, 02 Jan 2025 22:05:02 GMT

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
297 B 105ms
100ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://try.orca.security/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://try.orca.security
Date: Wed, 03 Jan 2024 16:05:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H2 200 / Show response
sentry.io/api/1332833/envelope/ Frame 4B54 2 B
324 B 169ms
116ms Fetch
application/json 35.186.247.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1

Requested by

Host: assets.qualified.com
URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-31335017914d2051e5ff.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.247.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.qualified.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 16:05:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
297 B 110ms
110ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://try.orca.security/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://try.orca.security
Date: Wed, 03 Jan 2024 16:05:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pod.orca.security/	1970-01-20 17:24:59	Name: __cf_bm Value: Hkm6rjFcEXXlkXFXsaUdeSLfyWDpFa0Gi4O0sxTaB3o-1704297898-1-AQUMY/lVdnK+X+I4koVMjL2M3upwxn8ZSCPibe6XTyHDBGte4UiqhoMBg33SRbSnnWYTmOMU4NWwGEKGl75kpoI=
try.orca.security/	1969-12-31 23:59:59	Name: BIGipServerab57web-nginx-app_https Value: !OApa2eMtIS4JSO+kCIQPm+cqSAXSEVFFmZd4pOO7PPM/dTT/wJ/taWh0VEYjL19BaRO043FSfBd7MNI=
.try.orca.security/	1970-01-20 17:24:59	Name: __cf_bm Value: 8aSJV4hzYFiwAr45joN0.6djFRsJcALWloxIc5wb7d8-1704297899-1-ARbsSEQlFf5BF/6ukMM5VEkYZ0FZPx7KmUSeAve2+OPL+oye+45noDl2uQjIDQ5POeXrx//SlHqAo346wXQl1w8=
.orca.security/	1970-01-20 19:34:33	Name: _gcl_au Value: 1.1.1696553896.1704297899
.app-sj01.marketo.com/	1970-01-20 17:24:59	Name: __cf_bm Value: Dkh0EsN4Xscyk1VemEXoFFaRChYqvPaza8Ur.JD5x_8-1704297899-1-AaUonWFLLu/ZbtpGc0Ebti/yPj9e7k1/8RlKznHugyR3WZO1WOSWOwJ/X3K9WlC0zAlDgf6Q/eQR50RBbWd8BU4=
.orca.security/	1970-01-21 03:00:57	Name: _ga Value: GA1.1.1821220454.1704297900
.doubleclick.net/	1970-01-20 17:24:58	Name: test_cookie Value: CheckForPermission
www.clarity.ms/	1970-01-21 02:10:33	Name: CLID Value: 25a94a5279764d5e941ad15335edd3b2.20240103.20250102
.orca.security/	1970-01-21 03:00:57	Name: _mkto_trk Value: id:796-PBW-559&token:_mch-orca.security-1704297899664-29026
.orca.security/	1970-01-21 02:10:33	Name: _clck Value: 118sys4%7C2%7Cfi3%7C0%7C1463
.linkedin.com/	1970-01-20 19:34:33	Name: li_sugr Value: 9e563862-a5a5-46b8-a581-3d3d72686963
.linkedin.com/	1970-01-21 02:10:33	Name: bcookie Value: "v=2&1247dbfb-6376-4827-899b-650d557e754f"
.linkedin.com/	1970-01-20 17:26:24	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2823:u=1:x=1:i=1704297899:t=1704384299:v=2:sig=AQETgKHRxPf-JQjNDyVou12UuQFVm871"
.twitter.com/	1970-01-21 03:00:57	Name: personalization_id Value: "v1_VEnDGi6yI3zg5Jtk3ge1/w=="
.company-target.com/	1970-01-21 03:00:57	Name: tuuid Value: f6307d2e-4375-43d4-b245-b75c4c80e210
.company-target.com/	1970-01-21 03:00:57	Name: tuuid_lu Value: 1704297899\|ix:0\|mctv:0\|rp:0
tracking.g2crowd.com/	1970-01-20 17:45:07	Name: _session_id Value: 4dd40ca72b44eeee1843a8706d14688d
.g2crowd.com/	1970-01-20 17:24:59	Name: __cf_bm Value: 61VCELSVctXQ9zZINWED_DT6oDmDSn1PGDJad0.uoaQ-1704297899-1-AVq2y07kjQaCN61OvX58utKAY2CVEPJy7s0eBOZpF6btBxF/BbYWen/pBV0HSM5BOEaOoJn/9sM+v2/zk4KUAsg=
.linkedin.com/	1970-01-20 21:44:09	Name: li_gc Value: MTswOzE3MDQyOTc4OTk7MjswMjEkRuuZIfXjXeNeSGRDpOUeuUaxaxST/vJp+/YslDfyng==
.t.co/	1970-01-21 03:00:57	Name: muc_ads Value: d89f5429-8f2a-4864-ba23-a83cc96979de
.casalemedia.com/	1970-01-21 02:10:33	Name: CMID Value: ZZWFrKCLRD89Rwr0S3GGNwAA
.casalemedia.com/	1970-01-20 19:34:33	Name: CMPS Value: 2194
.casalemedia.com/	1970-01-20 19:34:33	Name: CMPRO Value: 2194
.orca.security/	1970-01-21 03:00:57	Name: __q_state_gndr1NireXGRNRuC Value: eyJ1dWlkIjoiNjI1YTkyZjMtZmVjMS00NDlhLTk5NmEtY2IxZmRiMTdlNjE3IiwiY29va2llRG9tYWluIjoib3JjYS5zZWN1cml0eSJ9
.tremorhub.com/	1970-01-21 02:10:54	Name: tvid Value: f40f14eaadb34b30a6fabff273cd2b1a
.tremorhub.com/	1970-01-21 03:00:57	Name: tv_UIDM Value: f6307d2e-4375-43d4-b245-b75c4c80e210
.5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/	1970-01-20 17:25:01	Name: __ig_cookies Value: true
.bing.com/	1970-01-21 02:46:33	Name: MUID Value: 1A38DFB02AF1623C1F62CC4B2B2363E7
.c.bing.com/	1970-01-20 17:35:02	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:46:33	Name: SRM_B Value: 1A38DFB02AF1623C1F62CC4B2B2363E7
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:46:33	Name: MUID Value: 1A38DFB02AF1623C1F62CC4B2B2363E7
.c.clarity.ms/	1970-01-20 17:35:02	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:24:58	Name: ANONCHK Value: 0
.orca.security/	1970-01-20 17:24:59	Name: _sp_ses.8996 Value: *
.orca.security/	1970-01-21 03:00:57	Name: _sp_id.8996 Value: 2c10c2f5-72f8-4f43-bd16-442e4f0db94a.1704297901.1.1704297901.1704297901.4fe2adf5-8bda-4010-837f-ca01ae1f2a51
.orca.security/	1970-01-20 17:26:24	Name: _clsk Value: 3eivlv%7C1704297901045%7C2%7C1%7Cv.clarity.ms%2Fcollect
.orca.security/	1970-01-21 03:00:57	Name: _ga_ZJX9BKF7WR Value: GS1.1.1704297899.1.1.1704297901.58.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://go.orca.security/dcjs/898611/14/dc.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-I/YfSwuw23GMKn7VKK/y6Vr35eV0+hBEhEI3epN5kcE=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f6b2d0bd0ea9d00689c778b.services.infinigrow.com
796-pbw-559.mktoresp.com
analytics.google.com
analytics.twitter.com
api.company-target.com
app-sj01.marketo.com
app.qualified.com
assets.qualified.com
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
ddzuuyx7zj81k.cloudfront.net
dss6ntp5q2r0o.cloudfront.net
dsum-sec.casalemedia.com
dummyimage.com
fonts.googleapis.com
fonts.gstatic.com
go.orca.security
googleads.g.doubleclick.net
id.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
js.qualified.com
munchkin.marketo.net
partners.tremorhub.com
pixel.rubiconproject.com
pod.orca.security
px.ads.linkedin.com
px4.ads.linkedin.com
s.company-target.com
sentry.io
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag-logger.demandbase.com
tag.demandbase.com
tracking.g2crowd.com
try.orca.security
v.clarity.ms
www.clarity.ms
www.google.com
www.google.ru
www.googletagmanager.com
www.gstatic.com
104.16.94.80
104.17.72.206
104.17.74.206
104.18.36.155
104.244.42.131
104.244.42.133
108.138.40.116
13.107.42.14
13.227.219.121
143.204.215.78
146.75.116.157
15.197.193.217
192.28.144.124
20.114.189.135
2001:4860:4802:32::181
2600:1f18:612b:4232:950e:aa8c:14aa:701
2600:9000:20c3:a800:10:7994:d200:21
2600:9000:2449:1c00:1d:8d6d:3b40:93a1
2600:9000:26da:8a00:8:8d2f:9e00:21
2606:4700:3035::ac43:9a91
2606:4700:4400::6812:2b1f
2606:4700::6811:190e
2606:4700::6812:1105
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:400c:c07::9d
2a02:26f0:780::210:a40a
2a04:fa87:fffd::c000:4266
34.96.71.22
35.186.247.156
35.244.174.68
44.206.58.181
65.9.86.7
68.219.88.97
69.173.144.139
88.221.60.75
04ae340fe641b50225a136fd975a06038932d2edf3262afb992437e330be9fe4
06fdee9b7e8864607317d331cacf8307498b519ae09aff37a792880314da47fa
071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb
0cc7d2b930db9ab093dc8512705a91b100bec2c547d1fb7b3d1b73795a2f6d54
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
16601ba0511c883d6d1e2ca5b07cf464a6e525e8e18bdfbaa5461301278096b0
1a3773de26ece9a277df2f271ffb224eb5dd97c8126dacd599ee1966ef145304
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20dc7ba628270aecec258cebe60d11abf2ed04ed9859fee9d5034d765a73ffd2
20f6557a11338ec7c0731095af9d823a902346859feda75e8551c39bf987ead3
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d72c2cef8772691c992100fe6327a6ea490db2226588e2eef2119be786c72a8
2e2e4eb416e7053ea9860eaf56cb75213e9a6ff60a926198e723002c7d3861d5
2e4d45fd157ef978cf83bc3b984a2d9caaeabcbb5daa9569ff81e41cdc0d8a26
2fd6a01ceec618fb89f366f1e8e1b14d421cdeccfac9b4638f7921ddf772b68c
34d4fa4809d5ecde253666bbcafb26271cfae88ed13a96b235cdbc5e5c80346a
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e867417807eb77eec9f30f3bc0c450159e17ad00a9e9f3af7b4bc63c08b3922
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45766d43610439311ec26ec7ead8bcaaba7639fa12ce2ec467a8a586a52245e2
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61434002c4db83b8a01a7fcb9094e996d920710b6b1c0bbf76374f857f67961a
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6b9fc7f48346fff0a81b784c75f9f7cd083e7696cee799f689d3a1ef2ba61185
6ccdd8fa3b678f5eeae67299dc61e2cf84a4bb0eede6e5dede1b313435e2ec6e
6e5273dcd3531e23f32dd5b206bbe574f09e09e27292f8b6c62da7711033b9d2
6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7c633c1291b7e6f9c7d88f6b0e495605592f136e3fc52b0994a9b4c31d36a806
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
90830c8a82c1f155416a7eeb8ddf9c5b451f6f6422280ad803c52d26985d0dff
959f366383adf082d033eb0d01371545db1664e3e1cdbb999d1a15844318cd8a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a025bdc063386dca726e3a434ae97e6cb593a37cfad979b8462fb8313ff3c656
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a26c6b08f043efef7e236eb6464e096f0d0a995c35c5f6074d4cc1c695cbe9b0
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a5fa8c35bd4535b3e4e547af202d5c8102e28cee127eb26cc4eff717cf205914
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0dec0d7c01f7500babdaba71c963336cd1eb9eba6d79aa231cef234403ce107
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b361afff7a5fba7013336b3b7b39599b0e9ed6390cc4c97bd974a46c8b30c6cb
ba28bec45afd5a0fc3e92ef350143457574e74cb0bebd0c1a1d8650ad9b10713
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
ce9e35cab058efe7fba1d3bfcb58bd156ba6520790b972dc8240172061d5a5a1
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
dd1cf9d3a43c05512a950acdd3f32b31a5950bace403a7da5fc667da813a5699
e1df4a668c9d9f46284afd78bda153461c00df51b94b2000140adf9848993d4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6df4914fa2d677542a8e8d2ae7dfa76149843c0269f017cf4464530a467a0aa
e6ff9c0c443a9050137759816c352d43e96a673bb4023c2ba231cdbed6fe6f52
eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f016de8140d213aab5f938927cd13e5b9295ffcd42a878f1e061bdc82ce56ca2
f1f7c51769d2e8226864110d8022986354cdfe65629300094f7846035871a55b
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f57912e5ca5395c763a74e47de727e2f952be5193ab72ee47269e477a423f158
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
facafb17cfda23c65c3af3e0f2fd75b4b18dd674d7a89e110376454777f7ee1f

try.orca.security Open in urlscan Pro 104.17.74.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

97 %HTTPS

50 %IPv6

31 Domains

45 Subdomains

43 IPs

5 Countries

2717 kBTransfer

6502 kBSize

38 Cookies

3 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

try.orca.security Open in urlscan Pro
104.17.74.206 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

97 %
HTTPS

50 %
IPv6

31
Domains

45
Subdomains

43
IPs

5
Countries

2717 kB
Transfer

6502 kB
Size

38
Cookies

93 HTTP transactions
0 data transactions