security-demo.extrahop.com Open in urlscan Pro
44.227.185.167 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm#%2Fmetrics%2Fdevices%2Ff1b462bbe...
Effective URL:
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Submission: On May 11 via api (May 11th 2020, 3:02:52 pm UTC) from US

Summary HTTP 128 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 128 HTTP transactions. The main IP is 44.227.185.167, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is security-demo.extrahop.com.
TLS certificate: Issued by Amazon on May 2nd 2020. Valid for: a year.

This is the only time security-demo.extrahop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 36	44.227.185.167 44.227.185.167	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
6 22	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
6	143.204.97.80 143.204.97.80	16509 (AMAZON-02) (AMAZON-02)
29	161.71.0.166 161.71.0.166	14340 (SALESFORCE) (SALESFORCE)
6 6	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
6 6	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
6	2001:4860:480... 2001:4860:4802:32::34	15169 (GOOGLE) (GOOGLE)
2	13.110.10.4 13.110.10.4	14340 (SALESFORCE) (SALESFORCE)
1	13.110.0.4 13.110.0.4	14340 (SALESFORCE) (SALESFORCE)
5	2a00:1450:400... 2a00:1450:4001:815::2010	15169 (GOOGLE) (GOOGLE)
128	11

36 44.227.185.167 (Boardman, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-185-167.us-west-2.compute.amazonaws.com

security-demo.extrahop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.97.80 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-80.fra50.r.cloudfront.net

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 161.71.0.166 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl2-ncg0-lhr3.um4-lo2.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c04::9d (Brussels, Belgium) 6 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:32::34 (United States)

ASN15169 (GOOGLE, US)

app.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.10.4 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl5-ncg0-iad3.la1-c1-ia2.salesforceliveagent.com

d.la1-c1-ia2.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.0.4 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl1-ncg0-phx3.la1-c1-ph2.salesforceliveagent.com

d.la1-c1-ph2.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pendo-static-4816620446285824.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	extrahop.com 4 redirects security-demo.extrahop.com assets.extrahop.com Failed	19 MB
29	force.com service.force.com	129 KB
22	google-analytics.com 6 redirects www.google-analytics.com	97 KB
12	pendo.io cdn.pendo.io app.pendo.io	623 KB
6	google.de www.google.de	654 B
6	google.com 6 redirects www.google.com	1 KB
6	doubleclick.net 6 redirects stats.g.doubleclick.net	900 B
5	googleapis.com pendo-static-4816620446285824.storage.googleapis.com	16 KB
5	googletagmanager.com www.googletagmanager.com	146 KB
3	salesforceliveagent.com d.la1-c1-ia2.salesforceliveagent.com Failed d.la1-c1-ph2.salesforceliveagent.com	2 KB
128	10

	Domain	Requested by
36	security-demo.extrahop.com	4 redirects security-demo.extrahop.com
29	service.force.com	www.googletagmanager.com service.force.com
22	www.google-analytics.com	6 redirects www.googletagmanager.com www.google-analytics.com security-demo.extrahop.com
6	app.pendo.io	cdn.pendo.io
6	www.google.de	security-demo.extrahop.com
6	www.google.com	6 redirects
6	stats.g.doubleclick.net	6 redirects
6	cdn.pendo.io	security-demo.extrahop.com cdn.pendo.io
5	pendo-static-4816620446285824.storage.googleapis.com	cdn.pendo.io
5	www.googletagmanager.com	security-demo.extrahop.com
2	d.la1-c1-ia2.salesforceliveagent.com	service.force.com
1	d.la1-c1-ph2.salesforceliveagent.com	service.force.com
0	assets.extrahop.com Failed	cdn.pendo.io
128	13

This site contains no links.

Subject Issuer	Validity	Valid
security.demos.extrahop.com Amazon	`2020-05-02` - `2021-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
cdn.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-06-04` - `2021-09-02`	2 years	crt.sh
*.um4.force.com DigiCert SHA2 Secure Server CA	`2018-06-24` - `2020-06-24`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
app.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-07-23` - `2021-10-13`	2 years	crt.sh
la1-c1-ia2.salesforceliveagent.com DigiCert SHA2 Secure Server CA	`2019-01-31` - `2021-01-30`	2 years	crt.sh
la1-c1-ph2.salesforceliveagent.com DigiCert SHA2 Secure Server CA	`2019-01-31` - `2021-01-30`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh

This page contains 5 frames:

Frame: https://security-demo.extrahop.com/extrahop/logout/
Frame ID: B2E712F9E30B21B5DE635C33461C17E7
Requests: 138 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Frame ID: 9502D6E2FE11DBA7A467649E6FD7A834
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Frame ID: 3A5B3F4BD1D7ED53F4DAC9A17E0E74DB
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Frame ID: 0C5898ED97A69BF2FADA569B20B2F092
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Frame ID: D14C937A1BADDE5B8C8F9E2DE6B24E68
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm Page URL
https://security-demo.extrahop.com/extrahop/logout/ HTTP 301
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm Page URL
https://security-demo.extrahop.com/extrahop/logout/ HTTP 301
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm Page URL
https://security-demo.extrahop.com/extrahop/logout/ HTTP 301
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm Page URL
https://security-demo.extrahop.com/extrahop/logout/ HTTP 301
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm Page URL

Page Statistics

128
Requests

84 %
HTTPS

58 %
IPv6

10
Domains

13
Subdomains

11
IPs

4
Countries

20575 kB
Transfer

79545 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm Page URL
https://security-demo.extrahop.com/extrahop/logout/ HTTP 301
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm Page URL
https://security-demo.extrahop.com/extrahop/logout/ HTTP 301
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm Page URL
https://security-demo.extrahop.com/extrahop/logout/ HTTP 301
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm Page URL
https://security-demo.extrahop.com/extrahop/logout/ HTTP 301
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=615629785&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MTkzOGRm&ul=en-us&de=UTF-8&dt=ExtraHop%20EDA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAj~&jid=1584330462&gjid=1677855549&cid=1408310812.1589209348&tid=UA-6551454-4&_gid=466235241.1589209348&_r=1&gtm=2wg4t0W65PJS6&z=256220374 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6551454-4&cid=1408310812.1589209348&jid=1584330462&_gid=466235241.1589209348&gjid=1677855549&_v=j82&z=256220374 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1408310812.1589209348&jid=1584330462&_v=j82&z=256220374 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1408310812.1589209348&jid=1584330462&_v=j82&z=256220374&slf_rd=1&random=1540393550

Request Chain 15

https://security-demo.extrahop.com/extrahop/logout/ HTTP 301
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Request Chain 25

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2041844669&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MTkzOGRm&ul=en-us&de=UTF-8&dt=ExtraHop%20EDA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAj~&jid=810169370&gjid=605837019&cid=1735921291.1589209352&tid=UA-6551454-4&_gid=1076771750.1589209352&_r=1&gtm=2wg4t0W65PJS6&z=1381055291 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6551454-4&cid=1735921291.1589209352&jid=810169370&_gid=1076771750.1589209352&gjid=605837019&_v=j82&z=1381055291 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1735921291.1589209352&jid=810169370&_v=j82&z=1381055291 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1735921291.1589209352&jid=810169370&_v=j82&z=1381055291&slf_rd=1&random=3987270323

Request Chain 32

https://security-demo.extrahop.com/extrahop/logout/ HTTP 301
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Request Chain 45

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1415087000&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MTkzOGRm&ul=en-us&de=UTF-8&dt=ExtraHop%20EDA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAj~&jid=291508663&gjid=763247312&cid=105308259.1589209354&tid=UA-6551454-4&_gid=507840567.1589209354&_r=1&gtm=2wg4t0W65PJS6&z=179076282 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6551454-4&cid=105308259.1589209354&jid=291508663&_gid=507840567.1589209354&gjid=763247312&_v=j82&z=179076282 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=105308259.1589209354&jid=291508663&_v=j82&z=179076282 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=105308259.1589209354&jid=291508663&_v=j82&z=179076282&slf_rd=1&random=3445701778

Request Chain 71

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1415087000&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MTkzOGRm&dp=%2F%3Fdelta_type%26from%3D1589176800%26interval_type%3DDT%26until%3D1589196300&ul=en-us&de=UTF-8&dt=security-demo.extrahop.com%20Extrahop%20EDA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGjAAEAj~&jid=1838417299&gjid=1801466594&cid=105308259.1589209354&tid=UA-6551454-4&_gid=2143775942.1589209356&_r=1&gtm=2wg4t0W65PJS6&z=604047209 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6551454-4&cid=105308259.1589209354&jid=1838417299&_gid=2143775942.1589209356&gjid=1801466594&_v=j82&z=604047209 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=105308259.1589209354&jid=1838417299&_v=j82&z=604047209 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=105308259.1589209354&jid=1838417299&_v=j82&z=604047209&slf_rd=1&random=3717113208

Request Chain 96

https://security-demo.extrahop.com/extrahop/logout/ HTTP 301
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Request Chain 107

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=805839847&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MTkzOGRm&ul=en-us&de=UTF-8&dt=ExtraHop%20EDA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAj~&jid=1719338410&gjid=890993350&cid=1224351881.1589209359&tid=UA-6551454-4&_gid=186858060.1589209359&_r=1&gtm=2wg4t0W65PJS6&z=1464207222 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6551454-4&cid=1224351881.1589209359&jid=1719338410&_gid=186858060.1589209359&gjid=890993350&_v=j82&z=1464207222 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1224351881.1589209359&jid=1719338410&_v=j82&z=1464207222 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1224351881.1589209359&jid=1719338410&_v=j82&z=1464207222&slf_rd=1&random=2093333978

Request Chain 131

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=265064995&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MTkzOGRm&ul=en-us&de=UTF-8&dt=ExtraHop%20EDA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAj~&jid=596955097&gjid=1134668687&cid=408480581.1589209367&tid=UA-6551454-4&_gid=106576908.1589209367&_r=1&gtm=2wg4t0W65PJS6&z=1121398636 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6551454-4&cid=408480581.1589209367&jid=596955097&_gid=106576908.1589209367&gjid=1134668687&_v=j82&z=1121398636 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=408480581.1589209367&jid=596955097&_v=j82&z=1121398636 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=408480581.1589209367&jid=596955097&_v=j82&z=1121398636&slf_rd=1&random=3980694459

128 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
security-demo.extrahop.com/extrahop/ 12 KB
13 KB 1450ms
321ms Document
text/html 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

9f9a77aca5bfcf48c15fb3a19a0cb2aa95ddb96a26220c6bf628d9b1cb22c13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: security-demo.extrahop.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: private, max-age=0
Cache-control: no-cache="set-cookie"
Content-Type: text/html; charset=utf-8
Date: Mon, 11 May 2020 15:02:27 GMT
Server: Apache
Set-Cookie: demo_e=andy.bullivant@gbj-crime.co.uk; Path=/ demo_h=MzhiZWM0MTkzOGRm; Path=/ extrahop_sessionid=apikey:qzbfN6erzi_ACvyX5et3UfTerNrV_bglDIPr74s0lQQ; Path=/ extrahop_csrftoken=TJ9fPV87RjxxLikchoo235KLulkZb2v9pTvItr5bzsCXCF362WbPuywCrw2eIt7v; Path=/; Secure; SameSite=None AWSELB=89955FC7101A4E94C6960E3539876EF63E36A1F281B143ED278A0642CA4C311CDD72FC3FBE2283E3CAEF0FDC84D56817D6D6CEE26D1E94B6CCDD647E8486A662530D3F6E65;PATH=/ AWSELBCORS=89955FC7101A4E94C6960E3539876EF63E36A1F281B143ED278A0642CA4C311CDD72FC3FBE2283E3CAEF0FDC84D56817D6D6CEE26D1E94B6CCDD647E8486A662530D3F6E65;PATH=/;SECURE;SAMESITE=None
Strict-Transport-Security: max-age=31536000
Vary: Cookie
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Length: 11900
Connection: keep-alive

GET
H/1.1 200
OK htmlgui.d734a6ae02a297577602.css
security-demo.extrahop.com/media/gui/ 2 MB
732 KB 224ms
224ms Stylesheet
text/css 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.css

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

5baf39e204422fd5fbf5e49c3efadad10352a6b17a2659eec358b7c9e989c2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 May 2020 09:26:44 GMT
Server: Apache
Etag: "b6d76-5a4cf21189d00"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: private, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 748918
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK htmlgui.d734a6ae02a297577602.js Show response
security-demo.extrahop.com/media/gui/ 13 MB
3 MB 218ms
217ms Script
application/x-javascript 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

35628a6d92974a2d1fe29ee065ccc13ffff0e64e432d2ae0630b62ca9a38c67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 May 2020 09:26:44 GMT
Server: Apache
Etag: "2ff4ca-5a4cf21189d00"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: private, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3142858
X-Xss-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 80 KB
29 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d5f64bc60d536ef00e143a4093a20a2ef132bfebf99e229306c54f6f42c85f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29797
x-xss-protection: 0
expires: Mon, 11 May 2020 15:02:28 GMT

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be2d2f18ba47452f1f31d75dc3abaa2c1e57c366825bebfcac55a554424faa5b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://security-demo.extrahop.com

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b82e3c01c34620fb5a610244cc773ad46b4b7197be81116ba22ee869a600f6d4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://security-demo.extrahop.com

Response headers

Content-Type: application/font-woff

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 1433
date: Mon, 11 May 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Mon, 11 May 2020 16:38:35 GMT

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/ 336 KB
107 KB 374ms
202ms Script
application/javascript 143.204.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/pendo.js
Requested by: Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-80.fra50.r.cloudfront.net
Software: UploadServer /
Resource Hash: 41fe23ec1ecc7daa949f5de01d745ce613f10714fc908586f906bf58f350e691

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:28 GMT
Content-Encoding: gzip
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA50-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Thu, 07 May 2020 18:07:41 GMT
Server: UploadServer
ETag: "ee7b77c5de4279e63be52c93df5b6627"
Vary: Accept-Encoding
x-goog-hash: crc32c=qhQICw==, md5=7nt3xd5CeeY75SyT31tmJw==
x-goog-generation: 1588874861321922
Via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 108439
Accept-Ranges: bytes
X-GUploader-UploadID: AAANsUn6aRUoFg95F-iitTEjRdsskii51pIR4p28Q-JfcdF_DSiDdhJNL-MPukqJ_tGGaM00nSniyXvlIj6ZL1KV0A
X-Amz-Cf-Id: 8UMq5dqD0PYix7KH2AL4fszz-7pYpdyPy5M8Scn7zHRxWhvKCVP3zg==
Expires: Mon, 11 May 2020 15:09:58 GMT

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 267ms
66ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

d9a961cb11b0be146784e3f5d274a8e80b5aab5a101d2122c6e5e3848896caf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 17:47:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Mar 2020 18:52:20 GMT
Age: 76515
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 8409
X-XSS-Protection: 1; mode=block
Expires: Mon, 11 May 2020 17:47:13 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
920 B 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 14:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1567
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Mon, 11 May 2020 15:36:21 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=615629785&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MT...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6551454-4&cid=1408310812.1589209348&jid=1584330462&_gid=466235241.1589209348&gjid=1677855549&_v=j82&z=256220374
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1408310812.1589209348&jid=1584330462&_v=j82&z=256220374
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1408310812.1589209348&jid=1584330462&_v=j82&z=256220374&slf_rd=1&random=1540393550

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1408310812.1589209348&jid=1584330462&_v=j82&z=256220374&slf_rd=1&random=1540393550

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 May 2020 15:02:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 May 2020 15:02:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1408310812.1589209348&jid=1584330462&_v=j82&z=256220374&slf_rd=1&random=1540393550
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 2 KB
2 KB 69ms
69ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

a86cfbecde921c4935f39b5fca834195cb9a2b12c2997ab08147c031b1bb668d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 09:08:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 21255
Content-Length: 979
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 11 Dec 2019 22:22:08 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 09:08:13 GMT

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 8 KB
5 KB 67ms
66ms Stylesheet
text/css 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 09:08:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 21255
Content-Length: 3946
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 22 Aug 2019 23:00:22 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 09:08:13 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 15 KB
5 KB 134ms
66ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

0d6dfddf8789a6869ae355e82e0dbc876b174697ac4828f4272d34b74aab6c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 09:08:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 21256
Content-Length: 4511
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 16 Jan 2020 22:58:44 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 09:08:12 GMT

POST
H/1.1 200
OK /
security-demo.extrahop.com/a/ 108 B
877 B 219ms
219ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: a828630
X-CSRFToken: l0zJqZOSzZpiLVppiispKnBOliO0ldNvRaVc4vLWh8uICi8j3QfcbQnFitwfSEpR
X-Gen-Id: 1589209349473
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:30 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0, no-cache="set-cookie"
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 107
X-Xss-Protection: 1; mode=block

GET
H/1.1

200
OK

Cookie set / Show response
security-demo.extrahop.com/extrahop/
Redirect Chain

https://security-demo.extrahop.com/extrahop/logout/
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

12 KB
12 KB

280ms
280ms

Document
text/html

44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

6f56dfda63497c7f13274d97c1443c6c861e1bd755bba218ff53d63196d4e2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: security-demo.extrahop.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: AWSELB=89955FC7101A4E94C6960E3539876EF63E36A1F281B143ED278A0642CA4C311CDD72FC3FBEBE68DB86FCF9E0815A0F0F9AE7875B8E1B4E48515E38F4B4EB07D79C85945033; AWSELBCORS=89955FC7101A4E94C6960E3539876EF63E36A1F281B143ED278A0642CA4C311CDD72FC3FBEBE68DB86FCF9E0815A0F0F9AE7875B8E1B4E48515E38F4B4EB07D79C85945033
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm#%2Fmetrics%2Fdevices%2Ff1b462bbe8bd481fbb20d3460596c948.fa163ef2a0730000%2Fnetwork%3Fdelta_type%26from%3D1589183550%26interval_type%3DDT%26until%3D1589208750

Response headers

Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Date: Mon, 11 May 2020 15:02:30 GMT
Server: Apache
Set-Cookie: demo_e=andy.bullivant@gbj-crime.co.uk; Path=/ demo_h=MzhiZWM0MTkzOGRm; Path=/ extrahop_sessionid=apikey:tjXFl2949xs1VOeLWsaDPWR4giQ2QeuHwyJWvouRU6I; Path=/ extrahop_csrftoken=9kaDwEuxmAw1cPB7hv35gHzEouKkZMUgvUwjqrQ3LXh3iL1QccH39xPhWdnAtoCq; Path=/; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000
Vary: Cookie
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Length: 11900
Connection: keep-alive

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Mon, 11 May 2020 15:02:30 GMT
Location: /extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Content-Length: 103
Connection: keep-alive

GET
H/1.1 200
OK htmlgui.d734a6ae02a297577602.css
security-demo.extrahop.com/media/gui/ 2 MB
732 KB 221ms
220ms Stylesheet
text/css 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.css

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

5baf39e204422fd5fbf5e49c3efadad10352a6b17a2659eec358b7c9e989c2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 May 2020 09:26:44 GMT
Server: Apache
Etag: "b6d76-5a4cf21189d00"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: private, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 748918
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK htmlgui.d734a6ae02a297577602.js Show response
security-demo.extrahop.com/media/gui/ 13 MB
3 MB 227ms
227ms Script
application/x-javascript 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

35628a6d92974a2d1fe29ee065ccc13ffff0e64e432d2ae0630b62ca9a38c67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 May 2020 09:26:44 GMT
Server: Apache
Etag: "2ff4ca-5a4cf21189d00"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: private, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3142858
X-Xss-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 80 KB
29 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d5f64bc60d536ef00e143a4093a20a2ef132bfebf99e229306c54f6f42c85f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29797
x-xss-protection: 0
expires: Mon, 11 May 2020 15:02:31 GMT

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be2d2f18ba47452f1f31d75dc3abaa2c1e57c366825bebfcac55a554424faa5b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://security-demo.extrahop.com

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b82e3c01c34620fb5a610244cc773ad46b4b7197be81116ba22ee869a600f6d4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://security-demo.extrahop.com

Response headers

Content-Type: application/font-woff

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 1436
date: Mon, 11 May 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Mon, 11 May 2020 16:38:35 GMT

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/ 336 KB
107 KB 56ms
55ms Script
application/javascript 143.204.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/pendo.js
Requested by: Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-80.fra50.r.cloudfront.net
Software: UploadServer /
Resource Hash: 41fe23ec1ecc7daa949f5de01d745ce613f10714fc908586f906bf58f350e691

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:28 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Age: 3
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Thu, 07 May 2020 18:07:41 GMT
Server: UploadServer
ETag: "ee7b77c5de4279e63be52c93df5b6627"
Vary: Accept-Encoding
x-goog-hash: crc32c=qhQICw==, md5=7nt3xd5CeeY75SyT31tmJw==
x-goog-generation: 1588874861321922
Via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 108439
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-GUploader-UploadID: AAANsUn6aRUoFg95F-iitTEjRdsskii51pIR4p28Q-JfcdF_DSiDdhJNL-MPukqJ_tGGaM00nSniyXvlIj6ZL1KV0A
X-Amz-Cf-Id: hPIbf9DAsqJ1ZeeT1S8CRrBUS25pKQG9LBmEf33clNpL58UOfAiPpA==
Expires: Mon, 11 May 2020 15:09:58 GMT

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 67ms
67ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

d9a961cb11b0be146784e3f5d274a8e80b5aab5a101d2122c6e5e3848896caf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 22:11:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Mar 2020 18:52:20 GMT
Age: 60654
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 8409
X-XSS-Protection: 1; mode=block
Expires: Mon, 11 May 2020 22:11:37 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
920 B 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 14:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1570
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Mon, 11 May 2020 15:36:21 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2041844669&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0M...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6551454-4&cid=1735921291.1589209352&jid=810169370&_gid=1076771750.1589209352&gjid=605837019&_v=j82&z=1381055291
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1735921291.1589209352&jid=810169370&_v=j82&z=1381055291
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1735921291.1589209352&jid=810169370&_v=j82&z=1381055291&slf_rd=1&random=3987270323

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1735921291.1589209352&jid=810169370&_v=j82&z=1381055291&slf_rd=1&random=3987270323

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 May 2020 15:02:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 May 2020 15:02:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1735921291.1589209352&jid=810169370&_v=j82&z=1381055291&slf_rd=1&random=3987270323
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
6ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=2041844669&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MTkzOGRm&dp=%2F%3Ffrom%3D1589176800%26interval_type%3DDT%26until%3D1589196300&ul=en-us&de=UTF-8&dt=ExtraHop%20EDA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEAj~&jid=&gjid=&cid=1735921291.1589209352&tid=UA-6551454-4&_gid=1076771750.1589209352&gtm=2wg4t0W65PJS6&z=346543227

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 05:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3229979
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 2 KB
2 KB 68ms
67ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

a86cfbecde921c4935f39b5fca834195cb9a2b12c2997ab08147c031b1bb668d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 11:29:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 12807
Content-Length: 979
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 11 Dec 2019 22:22:08 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 11:29:05 GMT

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 8 KB
5 KB 67ms
66ms Stylesheet
text/css 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 13:08:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 6827
Content-Length: 3946
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 22 Aug 2019 23:00:22 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 13:08:45 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 15 KB
5 KB 63ms
62ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

0d6dfddf8789a6869ae355e82e0dbc876b174697ac4828f4272d34b74aab6c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 20:51:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 65448
Content-Length: 4511
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 16 Jan 2020 22:58:44 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Mon, 11 May 2020 20:51:44 GMT

POST
H/1.1 200
OK /
security-demo.extrahop.com/a/ 108 B
877 B 222ms
222ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: 0b011bd
X-CSRFToken: BAo2jMiLXryjZIMvw6yeuYpjSQ68aW4gXaKIdzEhmOjl5EcerNccnOFWqzJoEyMq
X-Gen-Id: 1589209352912
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:33 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0, no-cache="set-cookie"
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 107
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set esw.html
service.force.com/embeddedservice/5.0/ Frame 9502 0
0 69ms
68ms Document
text/html 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: service.force.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Response headers

Date: Mon, 11 May 2020 15:02:33 GMT
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Set-Cookie: BrowserId=cTvUzpOYEeqoN2XFoKAkSw; domain=.force.com; path=/; expires=Tue, 11-May-2021 15:02:33 GMT; Max-Age=31536000
Expires: Tue, 12 May 2020 15:02:33 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1

200
OK

Cookie set / Show response
security-demo.extrahop.com/extrahop/
Redirect Chain

https://security-demo.extrahop.com/extrahop/logout/
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

12 KB
12 KB

286ms
286ms

Document
text/html

44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

b9e1ff193265fb9f738d784a545868042635126ccc3165e189523326f552753c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: security-demo.extrahop.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: AWSELB=89955FC7101A4E94C6960E3539876EF63E36A1F281B143ED278A0642CA4C311CDD72FC3FBE2283E3CAEF0FDC84D56817D6D6CEE26D1E94B6CCDD647E8486A662530D3F6E65; AWSELBCORS=89955FC7101A4E94C6960E3539876EF63E36A1F281B143ED278A0642CA4C311CDD72FC3FBE2283E3CAEF0FDC84D56817D6D6CEE26D1E94B6CCDD647E8486A662530D3F6E65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm#/?from=1589176800&interval_type=DT&until=1589196300

Response headers

Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Date: Mon, 11 May 2020 15:02:33 GMT
Server: Apache
Set-Cookie: demo_e=andy.bullivant@gbj-crime.co.uk; Path=/ demo_h=MzhiZWM0MTkzOGRm; Path=/ extrahop_sessionid=apikey:qzbfN6erzi_ACvyX5et3UfTerNrV_bglDIPr74s0lQQ; Path=/ extrahop_csrftoken=35F1DXCnZd88gorKoOasIL6oMhxY0kYkXTVIebLCtleLIQisEFMSgpctmBRrWW94; Path=/; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000
Vary: Cookie
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Length: 11900
Connection: keep-alive

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Mon, 11 May 2020 15:02:33 GMT
Location: /extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Content-Length: 103
Connection: keep-alive

GET
H/1.1 200
OK invite.esw.min.js
service.force.com/embeddedservice/5.0/client/ 19 KB
5 KB 63ms
62ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 09:08:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 21260
Content-Length: 4543
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 11 Dec 2019 22:22:08 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 09:08:13 GMT

GET Settings.jsonp
d.la1-c1-ia2.salesforceliveagent.com/chat/rest/Visitor/ 0
0

GET
H/1.1 200
OK inert.min.js
service.force.com/embeddedservice/5.0/utils/ 8 KB
3 KB 66ms
66ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 20:52:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 Jan 2020 02:11:04 GMT
Age: 65423
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 2484
X-XSS-Protection: 1; mode=block
Expires: Mon, 11 May 2020 20:52:10 GMT

GET
H/1.1 200
OK htmlgui.d734a6ae02a297577602.css
security-demo.extrahop.com/media/gui/ 2 MB
732 KB 262ms
261ms Stylesheet
text/css 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.css

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

5baf39e204422fd5fbf5e49c3efadad10352a6b17a2659eec358b7c9e989c2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 May 2020 09:26:44 GMT
Server: Apache
Etag: "b6d76-5a4cf21189d00"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: private, max-age=0, no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 748918
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK htmlgui.d734a6ae02a297577602.js Show response
security-demo.extrahop.com/media/gui/ 13 MB
3 MB 218ms
218ms Script
application/x-javascript 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

35628a6d92974a2d1fe29ee065ccc13ffff0e64e432d2ae0630b62ca9a38c67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 May 2020 09:26:44 GMT
Server: Apache
Etag: "2ff4ca-5a4cf21189d00"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: private, max-age=0, no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3142858
X-Xss-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 80 KB
29 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d5f64bc60d536ef00e143a4093a20a2ef132bfebf99e229306c54f6f42c85f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29797
x-xss-protection: 0
expires: Mon, 11 May 2020 15:02:34 GMT

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be2d2f18ba47452f1f31d75dc3abaa2c1e57c366825bebfcac55a554424faa5b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://security-demo.extrahop.com

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b82e3c01c34620fb5a610244cc773ad46b4b7197be81116ba22ee869a600f6d4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://security-demo.extrahop.com

Response headers

Content-Type: application/font-woff

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 1439
date: Mon, 11 May 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Mon, 11 May 2020 16:38:35 GMT

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/ 336 KB
107 KB 55ms
54ms Script
application/javascript 143.204.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/pendo.js
Requested by: Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-80.fra50.r.cloudfront.net
Software: UploadServer /
Resource Hash: 41fe23ec1ecc7daa949f5de01d745ce613f10714fc908586f906bf58f350e691

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:28 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Age: 6
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Thu, 07 May 2020 18:07:41 GMT
Server: UploadServer
ETag: "ee7b77c5de4279e63be52c93df5b6627"
Vary: Accept-Encoding
x-goog-hash: crc32c=qhQICw==, md5=7nt3xd5CeeY75SyT31tmJw==
x-goog-generation: 1588874861321922
Via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 108439
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-GUploader-UploadID: AAANsUn6aRUoFg95F-iitTEjRdsskii51pIR4p28Q-JfcdF_DSiDdhJNL-MPukqJ_tGGaM00nSniyXvlIj6ZL1KV0A
X-Amz-Cf-Id: JR9a1VL7BM3Q5MLPIKYUwNTit88VtSwjlJfnZPP6fNgVEa3C2NGZLQ==
Expires: Mon, 11 May 2020 15:09:58 GMT

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 67ms
66ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

d9a961cb11b0be146784e3f5d274a8e80b5aab5a101d2122c6e5e3848896caf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 22:11:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Mar 2020 18:52:20 GMT
Age: 60657
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 8409
X-XSS-Protection: 1; mode=block
Expires: Mon, 11 May 2020 22:11:37 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
921 B 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 14:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1573
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Mon, 11 May 2020 15:36:21 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1415087000&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0M...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6551454-4&cid=105308259.1589209354&jid=291508663&_gid=507840567.1589209354&gjid=763247312&_v=j82&z=179076282
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=105308259.1589209354&jid=291508663&_v=j82&z=179076282
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=105308259.1589209354&jid=291508663&_v=j82&z=179076282&slf_rd=1&random=3445701778

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=105308259.1589209354&jid=291508663&_v=j82&z=179076282&slf_rd=1&random=3445701778

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 May 2020 15:02:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 May 2020 15:02:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=105308259.1589209354&jid=291508663&_v=j82&z=179076282&slf_rd=1&random=3445701778
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
97 B 7ms
6ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=1415087000&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MTkzOGRm&dp=%2F%3Ffrom%3D1589176800%26interval_type%3DDT%26until%3D1589196300&ul=en-us&de=UTF-8&dt=ExtraHop%20EDA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEAj~&jid=&gjid=&cid=105308259.1589209354&tid=UA-6551454-4&_gid=507840567.1589209354&gtm=2wg4t0W65PJS6&z=52312640

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 05:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3229982
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 2 KB
2 KB 71ms
70ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

a86cfbecde921c4935f39b5fca834195cb9a2b12c2997ab08147c031b1bb668d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 09:08:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 21261
Content-Length: 979
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 11 Dec 2019 22:22:08 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 09:08:13 GMT

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 8 KB
5 KB 67ms
66ms Stylesheet
text/css 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 20:52:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 23:00:22 GMT
Age: 65426
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 3946
X-XSS-Protection: 1; mode=block
Expires: Mon, 11 May 2020 20:52:08 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 15 KB
5 KB 63ms
62ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

0d6dfddf8789a6869ae355e82e0dbc876b174697ac4828f4272d34b74aab6c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 10:08:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 17622
Content-Length: 4511
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 16 Jan 2020 22:58:44 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 10:08:52 GMT

POST
H/1.1 200
OK / Show response
security-demo.extrahop.com/a/ 2 KB
1021 B 248ms
248ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

f943b6ff41b51ed4b7966a62bf95ff78cecc69caa38d458c838cf6ed4c0b12cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: a61c3c3
X-CSRFToken: NBvUK2cBbq6jEe5z1j6Q4HoJ2OiDKtaqHpLBlglQFycW6GWhhaIgCluOC8C6G5la
X-Gen-Id: 1589209354986
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:35 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 646
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set esw.html
service.force.com/embeddedservice/5.0/ Frame 3A5B 0
0 69ms
68ms Document
text/html 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: service.force.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Response headers

Date: Mon, 11 May 2020 15:02:35 GMT
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Set-Cookie: BrowserId=cm_oYpOYEeqXOK_bpS9pKA; domain=.force.com; path=/; expires=Tue, 11-May-2021 15:02:35 GMT; Max-Age=31536000
Expires: Tue, 12 May 2020 15:02:35 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H2 200 eafa532f-80b5-4b73-42d2-dbc5e34761d5
app.pendo.io/data/ptm.gif/ 42 B
283 B 210ms
131ms Image
image/gif 2001:4860:4802:32::34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.pendo.io/data/ptm.gif/eafa532f-80b5-4b73-42d2-dbc5e34761d5?v=2.52.0_prod&ct=1589209355439&jzb=eJzlk91v0zAUxf8XI_qUJU7SpB9SNUDdl0S6aRQQIGQ5idOa2nHk3JSlU__3XY8NbZNAmvYGb7Xvue7vnKN8uybQN4JMiSxFDbLqiUdya362wjKQGidhMp5EdBInyTCmHtnKVoKxTJa4lO3W8uvnjGbLze785FLjMi8K09VwO687pTzSWYXSNUDTToOgFUVnJfQHpdDGF1dg-do0fmF0cH8IDsWM12Xv57gvt7yG10O6yn8cFBaJUOp3m8F69vTPXwWHlTV65oDDUTqmdCBrEHbLFXMmZ_PlAMmk-qWYpDGlCNxY07Rkek2MKtkjd-ziaDE_Z0t2lR7vuiwrKgBceG4Ce48Az8-c-tP748X87Mt4FW1o129OUV1ZrsXt8LLKT05HqtFHNtXvLnauiR4Esg3DeO_9bkoL4H9tKfqXW7pz5n7-yZzQXDozj-nePGFDoeL1quMrF6qo2ccPBKu6Swbfx0PDLX4Vbx9elRycPgwDmgQRjRzcVthWmhqvIz-JfMqQtnSPvbT3Sfigd2V4-f_27tzfex6NMJeXhhvH6f77Dd1OpTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:35 GMT
via: 1.1 google
x-content-type-options: nosniff
status: 200
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

GET
H2 200 eafa532f-80b5-4b73-42d2-dbc5e34761d5 Show response
app.pendo.io/data/guide.js/ 153 KB
28 KB 523ms
449ms Script
application/javascript 2001:4860:4802:32::34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.pendo.io/data/guide.js/eafa532f-80b5-4b73-42d2-dbc5e34761d5?jzb=eJx1kF9L-zAUhr9LxF5tSVrdfluhTEEQL4agkx94U87a4xqXPyU9KW6y774UcejAu7wnT5LnzSfrVafI-Yea5Wy5b9Tr_6Vcrrb7x_snw0YMqsoFS8O2DVqPWPA6kg1R2-VCdFgFr2g3rtE4jh_koXEtr5wR30EssABb7_g6nlc9WLq8lpv1-7jyymBEedgmTXH-9oVYvHlninQym6f_pjMpE2UJfQ-6pF2Lxd0qiWJKfxHz6ZWU0dcgQQ0ELD9VG5bqj3poQA19fgvenOlFUIPdBNhgZNGWL8_scPqbeH8MLXi0dPtzFD0GPk2FnIhMZoNfj75TzsZxxicZl2XrXc0OhyNYn4MT&v=2.52.0_prod&ct=1589209355444

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

da6661d387b46f0e2703040fed55c7227c411b250c067f03b5ee9f0ee912edca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
via: 1.1 google

GET
H/1.1 200
OK invite.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 19 KB
5 KB 63ms
63ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

d1f6eeee08f53dab5f281b34a66dbffa0e7a588fdc68d665986b9ad419e4539e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 09:08:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 21262
Content-Length: 4543
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 11 Dec 2019 22:22:08 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 09:08:13 GMT

POST
H/1.1 200
OK / Show response
security-demo.extrahop.com/a/ 2 KB
918 B 240ms
240ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

e70b0e085fe0d3f23aaec34005c728ca4d88de40601ad7675ec205b66a3b3610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: a61c3c3
X-CSRFToken: NBvUK2cBbq6jEe5z1j6Q4HoJ2OiDKtaqHpLBlglQFycW6GWhhaIgCluOC8C6G5la
X-Gen-Id: 1589209354986
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:35 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 543
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Settings.jsonp Show response
d.la1-c1-ia2.salesforceliveagent.com/chat/rest/Visitor/ 166 B
558 B 358ms
358ms Script
text/javascript 13.110.10.4
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c1-ia2.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[57380000000Gnf8]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=57280000000CbQd&org_id=00D80000000LnBG&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.10.4 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg0-iad3.la1-c1-ia2.salesforceliveagent.com

Software

Resource Hash

f6e68d62be9f3adce527ca64b94c9401dad46b894a3e2e6845a0b9f01021e13e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 8 KB
3 KB 63ms
62ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

ac20136402e1daf9eb019c6b2d21f58dd940c9ba59d42ae2e2ab235021327cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 10:08:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 Jan 2020 02:11:04 GMT
Age: 17623
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 2484
X-XSS-Protection: 1; mode=block
Expires: Tue, 12 May 2020 10:08:52 GMT

POST
H/1.1 200
OK / Show response
security-demo.extrahop.com/a/ 393 B
605 B 232ms
231ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

cf85f2a292268973e8f1c603b83cf66fc3ad8b7f7dacc27dfb6fc99688711cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: a61c3c3
X-CSRFToken: NBvUK2cBbq6jEe5z1j6Q4HoJ2OiDKtaqHpLBlglQFycW6GWhhaIgCluOC8C6G5la
X-Gen-Id: 1589209354986
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:35 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 230
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Availability.jsonp Show response
d.la1-c1-ph2.salesforceliveagent.com/chat/rest/Visitor/ 142 B
540 B 887ms
188ms Script
text/javascript 13.110.0.4
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c1-ph2.salesforceliveagent.com/chat/rest/Visitor/Availability.jsonp?sid=undefined&r=874&Availability.prefix=Visitor&Availability.ids=[57380000000Gnf8]&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=57280000000CbQd&org_id=00D80000000LnBG&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.4 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-phx3.la1-c1-ph2.salesforceliveagent.com

Software

Resource Hash

56fc27e98e2a1b4a6d69b2db6f69d16f5b3a854deb69c0a25532f2b061b79b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

POST
H/1.1 403
Forbidden allmetrics Show response
security-demo.extrahop.com/a/ 0
736 B 219ms
218ms XHR
text/html 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/allmetrics

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-CSRFToken: NBvUK2cBbq6jEe5z1j6Q4HoJ2OiDKtaqHpLBlglQFycW6GWhhaIgCluOC8C6G5la
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:36 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Strict-Transport-Security: max-age=31536000
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=0, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
security-demo.extrahop.com/a/ 108 B
877 B 222ms
221ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

193c6411cfe063576d6a15b558bcd6a02fab0c76c2a3942ff4133960ae396829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: a61c3c3
X-CSRFToken: NBvUK2cBbq6jEe5z1j6Q4HoJ2OiDKtaqHpLBlglQFycW6GWhhaIgCluOC8C6G5la
X-Gen-Id: 1589209354986
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:36 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0, no-cache="set-cookie"
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 107
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
security-demo.extrahop.com/a/ 108 B
877 B 437ms
218ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

193c6411cfe063576d6a15b558bcd6a02fab0c76c2a3942ff4133960ae396829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: a61c3c3
X-CSRFToken: NBvUK2cBbq6jEe5z1j6Q4HoJ2OiDKtaqHpLBlglQFycW6GWhhaIgCluOC8C6G5la
X-Gen-Id: 1589209354986
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:36 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0, no-cache="set-cookie"
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 107
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
security-demo.extrahop.com/a/ 108 B
877 B 443ms
221ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

193c6411cfe063576d6a15b558bcd6a02fab0c76c2a3942ff4133960ae396829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: a61c3c3
X-CSRFToken: NBvUK2cBbq6jEe5z1j6Q4HoJ2OiDKtaqHpLBlglQFycW6GWhhaIgCluOC8C6G5la
X-Gen-Id: 1589209354986
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:36 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0, no-cache="set-cookie"
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 107
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
security-demo.extrahop.com/a/ 108 B
871 B 634ms
218ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

193c6411cfe063576d6a15b558bcd6a02fab0c76c2a3942ff4133960ae396829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: a61c3c3
X-CSRFToken: NBvUK2cBbq6jEe5z1j6Q4HoJ2OiDKtaqHpLBlglQFycW6GWhhaIgCluOC8C6G5la
X-Gen-Id: 1589209354986
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:36 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0, no-cache="set-cookie"
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 101
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
security-demo.extrahop.com/a/ 108 B
877 B 570ms
218ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

193c6411cfe063576d6a15b558bcd6a02fab0c76c2a3942ff4133960ae396829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: a61c3c3
X-CSRFToken: NBvUK2cBbq6jEe5z1j6Q4HoJ2OiDKtaqHpLBlglQFycW6GWhhaIgCluOC8C6G5la
X-Gen-Id: 1589209354986
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:36 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0, no-cache="set-cookie"
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 107
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
security-demo.extrahop.com/a/ 108 B
877 B 576ms
221ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

193c6411cfe063576d6a15b558bcd6a02fab0c76c2a3942ff4133960ae396829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: a61c3c3
X-CSRFToken: NBvUK2cBbq6jEe5z1j6Q4HoJ2OiDKtaqHpLBlglQFycW6GWhhaIgCluOC8C6G5la
X-Gen-Id: 1589209354986
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:36 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0, no-cache="set-cookie"
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 107
X-Xss-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8c5178e4585c26dd382cb281b45526aa61d0bb2560a93f5dbb71f683c00e51b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 96 KB
96 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://security-demo.extrahop.com

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6acd990ab8fc3f8b16c977a22e12a7c79bf8a3edd9f2164fe283ad5e880ecf88

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://security-demo.extrahop.com

Response headers

Content-Type: application/font-woff

GET
H/1.1 401
Unauthorized categories Show response
security-demo.extrahop.com/api/v1/events/ 38 B
377 B 632ms
223ms Fetch
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/api/v1/events/categories

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

0f7fb07132188251e2f0cd92b2bc5b47c041b4ec55c0cfbefe5e135b12edf643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-CSRFToken: NBvUK2cBbq6jEe5z1j6Q4HoJ2OiDKtaqHpLBlglQFycW6GWhhaIgCluOC8C6G5la
Authorization: Cookie
X-Gen-Id: 1589209354998
X-Instance-Id: a61c3c3

Response headers

Date: Mon, 11 May 2020 15:02:36 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Length: 38
X-Xss-Protection: 1; mode=block

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1415087000&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0M...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6551454-4&cid=105308259.1589209354&jid=1838417299&_gid=2143775942.1589209356&gjid=1801466594&_v=j82&z=604047209
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=105308259.1589209354&jid=1838417299&_v=j82&z=604047209
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=105308259.1589209354&jid=1838417299&_v=j82&z=604047209&slf_rd=1&random=3717113208

42 B
109 B

18ms
16ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=105308259.1589209354&jid=1838417299&_v=j82&z=604047209&slf_rd=1&random=3717113208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 May 2020 15:02:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 May 2020 15:02:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=105308259.1589209354&jid=1838417299&_v=j82&z=604047209&slf_rd=1&random=3717113208
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
92 B 7ms
6ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=1415087000&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MTkzOGRm&dp=%2Foverview&ul=en-us&de=UTF-8&dt=security-demo.extrahop.com%20Extrahop%20EDA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGjAAEAj~&jid=&gjid=&cid=105308259.1589209354&tid=UA-6551454-4&_gid=2143775942.1589209356&gtm=2wg4t0W65PJS6&z=1234142722

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 05:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3229984
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
98 B 6ms
6ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=1415087000&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MTkzOGRm&dp=%2Foverview%3Fdelta_type%26from%3D1589176800%26interval_type%3DDT%26until%3D1589196300&ul=en-us&de=UTF-8&dt=security-demo.extrahop.com%20Extrahop%20EDA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGjAAEAj~&jid=&gjid=&cid=105308259.1589209354&tid=UA-6551454-4&_gid=2143775942.1589209356&gtm=2wg4t0W65PJS6&z=801385917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 05:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3229984
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 278 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4bdda3e8f233d168b44b172fb330b566896d282985d8ad94633ddaaf37ba95

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET /
security-demo.extrahop.com/extrahop/logout/ 0
0

GET
H2 200 eafa532f-80b5-4b73-42d2-dbc5e34761d5
app.pendo.io/data/ptm.gif/ 42 B
107 B 132ms
132ms Image
image/gif 2001:4860:4802:32::34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.pendo.io/data/ptm.gif/eafa532f-80b5-4b73-42d2-dbc5e34761d5?v=2.52.0_prod&ct=1589209356294&jzb=eJzVkt9qszAAxd8lY15Zjda_BSmMbm1h3UYpG9vHKFHTmpkYidHOlr57ox-92dV2MeguzTknnvMj_w5AtiUGI0A5SoEOYsF3FRZrSZg6tdwgtGE4dD3LdnTQkIpILtYkVYHFPiNvLwu4WOX7x-mSqTBKEl4XsteLmlId1IIqayZlWY1Ms8JJLYhsBylm3MCfUqCMl0bCmXn-MMc4QkXaGrHKkwYV8tqB2_hjkAjVSFmNOtey6OvPr8xxiqlE626NthGcRV13y_cCCDVSSCwaRHs1mqw0VZLQ_47QG0KoupeClxUYHXoQ5_m-bx11IFE87xY_3989TOavwdbOYd3mM5XaCMRwLy438XTm05LdCo_dPO07lq3E6sqh4x_1b3P2vMvmzBuFkuDdryKzQ-cHyAL3byC74Cfqusf3E96bV3g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:36 GMT
via: 1.1 google
x-content-type-options: nosniff
status: 200
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

GET
H2 200 eafa532f-80b5-4b73-42d2-dbc5e34761d5 Show response
app.pendo.io/data/guide.js/ 153 KB
28 KB 279ms
279ms Script
application/javascript 2001:4860:4802:32::34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.pendo.io/data/guide.js/eafa532f-80b5-4b73-42d2-dbc5e34761d5?jzb=eJx1kE9L80AQh7_Lijm12U20tS2EKggvHoqglRe8hGkyNmv3T9hMoq30u3eiWLTgbWfmmd3ntx-i040mH-5KMROLXaWf_y_UYrnZ3f97sGIgoCh866gfu9aYgWiDYbIiqpuZlA0WbdC0HZZofYzvFKDydVx4K78LOccMXLmNV7yvO3B0fqnWq9dhEbRFRuN2E1XZ6dtn0ncYOo1v8xINQU7bGqOX4G2WjCbT5Go8USrSjhgC8znNbpcRu2rzRUzHF0pxBIsEJRCI2TFtf9R_JEYLuo_42_n6xJhBA27dwhqZRZc_PYr98bv4fi5qCOjo5meLPXo-SaQayVSlvR_HbLR33E7jURqrvA6-FPv9AfA7its&v=2.52.0_prod&ct=1589209356299

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

9fb0874a18ed610a3e5b610b286066e3c10a69733d3298484232777cfba7142a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
via: 1.1 google

POST
H/1.1 401
Unauthorized search Show response
security-demo.extrahop.com/api/v1/events/ 38 B
377 B 744ms
229ms Fetch
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/api/v1/events/search

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

0f7fb07132188251e2f0cd92b2bc5b47c041b4ec55c0cfbefe5e135b12edf643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: a61c3c3
X-CSRFToken: NBvUK2cBbq6jEe5z1j6Q4HoJ2OiDKtaqHpLBlglQFycW6GWhhaIgCluOC8C6G5la
Authorization: Cookie
X-Gen-Id: 1589209354998
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:36 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Length: 38
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK /
security-demo.extrahop.com/a/ 108 B
476 B 719ms
222ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: a61c3c3
X-CSRFToken: NBvUK2cBbq6jEe5z1j6Q4HoJ2OiDKtaqHpLBlglQFycW6GWhhaIgCluOC8C6G5la
X-Gen-Id: 1589209354986
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:36 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 101
X-Xss-Protection: 1; mode=block

GET /
security-demo.extrahop.com/extrahop/logout/ 0
0

GET
H/1.1 200
OK guide.css
cdn.pendo.io/agent/releases/2.52.0/ 16 KB
4 KB 54ms
53ms Stylesheet
text/css 143.204.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/releases/2.52.0/guide.css?ct=1589209356595
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/pendo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-80.fra50.r.cloudfront.net
Software: UploadServer /
Resource Hash: ecc37e01ea37e3b466592107b3d727fe4a0b4d0bbdca98a65016c41192218396

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 14:57:59 GMT
Content-Encoding: gzip
Content-Type: text/css
Age: 386
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Mon, 04 May 2020 18:17:34 GMT
Server: UploadServer
ETag: "79ebf9d034d448be5a3e5511f22b1af5"
Vary: Accept-Encoding
x-goog-hash: crc32c=lKQ+Eg==, md5=eev50DTUSL5aPlUR8isa9Q==
x-goog-generation: 1588616254088297
Via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: no-cache
x-goog-stored-content-length: 2742
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-GUploader-UploadID: AAANsUn72ho9BcEVub4ihVPGEz1Nxfa_x4RzGtuxr5xsdMQcTMfMpN2XYZ573AOYGZW9evYChZqnaL131f2q_0iOrw
X-Amz-Cf-Id: 43l0XZirXj3mJZCmA0CSwx63rp_AO65e7t4A3h1FYvorZKZmXJZN2w==
Expires: Tue, 11 May 2021 14:56:10 GMT

GET
H2 200 guide.-323232.1569524281829.css
pendo-static-4816620446285824.storage.googleapis.com/ 6 KB
7 KB 172ms
134ms Stylesheet
text/css 2a00:1450:4001:815::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pendo-static-4816620446285824.storage.googleapis.com/guide.-323232.1569524281829.css?ct=1589209356595
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/pendo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 244aef99b0ebfc3695ac8bfa3fa964e86c12657737030d84a5ec6da5e59dc3f6

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:36 GMT
x-guploader-uploadid: AAANsUnkRuxtDS0QvNOfCSEPMh9cF9ioPNO29PQVkMY_N0_i67EKzT7z9XJagps_7fCRyN-PL2rIIO54qQlYEZXz5g
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6604
last-modified: Thu, 26 Sep 2019 18:58:02 GMT
server: UploadServer
etag: "e472efff7ca9110caa2434c428b5a868"
x-goog-hash: crc32c=g2gAIw==, md5=5HLv/3ypEQyqJDTEKLWoaA==
x-goog-generation: 1569524282627961
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 6604
accept-ranges: bytes
content-type: text/css
expires: Mon, 11 May 2020 16:02:36 GMT

GET
H2 200 QOeEhLICcwGPbptQVVeAb8sdaPE.guide.js Show response
pendo-static-4816620446285824.storage.googleapis.com/guide-content/pvwdOtnPXv2gzp3Jp7C56LmJNsE/dNKzSgII52oNVLcAciGiffnfNdU/ 29 KB
5 KB 171ms
136ms Script
application/javascript 2a00:1450:4001:815::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pendo-static-4816620446285824.storage.googleapis.com/guide-content/pvwdOtnPXv2gzp3Jp7C56LmJNsE/dNKzSgII52oNVLcAciGiffnfNdU/QOeEhLICcwGPbptQVVeAb8sdaPE.guide.js
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/pendo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 868f89c9d598d3a429bc3a42061a11000cfc79ac42168416835ab4ec08698608

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:36 GMT
content-encoding: gzip
x-guploader-uploadid: AAANsUly7DglAuqPduZ0X4e-p_LVg_09UbqwOPkGwBJAY-x9OQmE4tq9RnH168u8aF1tuy1oDs4OeskwuRC6g7A45A
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4978
last-modified: Thu, 26 Sep 2019 18:58:05 GMT
server: UploadServer
etag: "50b6b97164d2053ec319a95e7494ab06"
vary: Accept-Encoding
x-goog-hash: crc32c=YzKDxQ==, md5=ULa5cWTSBT7DGaledJSrBg==
x-goog-generation: 1569524285375436
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 4978
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Mon, 11 May 2020 16:02:36 GMT

GET
H2 200 G4dotjb1WDaOMHYsb0FY5oYwm2E.guide.css
pendo-static-4816620446285824.storage.googleapis.com/guide-content/pvwdOtnPXv2gzp3Jp7C56LmJNsE/dNKzSgII52oNVLcAciGiffnfNdU/ 6 KB
1 KB 180ms
145ms Stylesheet
text/css 2a00:1450:4001:815::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pendo-static-4816620446285824.storage.googleapis.com/guide-content/pvwdOtnPXv2gzp3Jp7C56LmJNsE/dNKzSgII52oNVLcAciGiffnfNdU/G4dotjb1WDaOMHYsb0FY5oYwm2E.guide.css
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/pendo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 23f4f64cfb709301d77975b9f006c5cc7717d86c6977d80618980b7458b6e1f6

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:36 GMT
content-encoding: gzip
x-guploader-uploadid: AAANsUlXEicWRsJqrKusJ0L-D7mRi8y7s0MHhdrheFPLvi1F3eQTTaGMFYq06ub5jgM2EdG-M1wsiWP31ZjQF5oEbQ
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1242
last-modified: Tue, 12 Feb 2019 05:28:58 GMT
server: UploadServer
etag: "b4556c544db2241281106738f78ba7fb"
vary: Accept-Encoding
x-goog-hash: crc32c=e708Nw==, md5=tFVsVE2yJBKBEGc494un+w==
x-goog-generation: 1549949338904036
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 1242
accept-ranges: bytes
content-type: text/css; charset=utf-8
expires: Mon, 11 May 2020 16:02:36 GMT

GET /
security-demo.extrahop.com/extrahop/logout/ 0
0

GET hub-security_warp.svg
assets.extrahop.com/images/heroes/ 0
0

GET
H2 200 launcherBadge_pendo_73ff6ff4830f332e3baabf8d58b97baa
pendo-static-4816620446285824.storage.googleapis.com/ 1019 B
1 KB 136ms
134ms Image
image/png 2a00:1450:4001:815::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pendo-static-4816620446285824.storage.googleapis.com/launcherBadge_pendo_73ff6ff4830f332e3baabf8d58b97baa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 21bad4f6fb5b0f9144368353dd1d1caa7fccfbc224398664d9a32b1e4e320f62

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:36 GMT
x-guploader-uploadid: AAANsUl8TfLrLKVyHX4fNNrPaahJGDqUWKeJh8IotqJaS164q-pkFsvCo14UsixCNL1XiUBsWu6FaUJhGrBls9adjg
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1019
last-modified: Thu, 26 Mar 2020 20:42:11 GMT
server: UploadServer
etag: "c29c0dfa9bd45a8f22711149b0fb94e2"
x-goog-hash: crc32c=WbIf/g==, md5=wpwN+pvUWo8icRFJsPuU4g==
x-goog-generation: 1585255331184385
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 1019
accept-ranges: bytes
content-type: image/png
expires: Mon, 11 May 2020 16:02:36 GMT

GET tour-compass.svg
assets.extrahop.com/images/online-demo/ 0
0

GET attack-guide-thumb.png
assets.extrahop.com/images/online-demo/ 0
0

GET revealx-guide-thumb.png
assets.extrahop.com/images/online-demo/ 0
0

GET /
security-demo.extrahop.com/extrahop/ 0
0

GET
H/1.1

200
OK

Cookie set / Show response
security-demo.extrahop.com/extrahop/
Redirect Chain

https://security-demo.extrahop.com/extrahop/logout/
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

12 KB
13 KB

315ms
314ms

Document
text/html

44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

88356349d291440f627c616ef43db6cbf0beaf4d0c896ed43a7f692279cb9f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: security-demo.extrahop.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm#/overview?delta_type&from=1589176800&interval_type=DT&until=1589196300

Response headers

Cache-Control: private, max-age=0
Cache-control: no-cache="set-cookie"
Content-Type: text/html; charset=utf-8
Date: Mon, 11 May 2020 15:02:37 GMT
Server: Apache
Set-Cookie: demo_e=andy.bullivant@gbj-crime.co.uk; Path=/ demo_h=MzhiZWM0MTkzOGRm; Path=/ extrahop_sessionid=apikey:tjXFl2949xs1VOeLWsaDPWR4giQ2QeuHwyJWvouRU6I; Path=/ extrahop_csrftoken=6nJMFLN7MxlfDDrPfFS7Itj4LyGErHmwGUqfou0lVd0owB3Vgt2zG49tvC8WKpD2; Path=/; Secure; SameSite=None AWSELB=89955FC7101A4E94C6960E3539876EF63E36A1F281B143ED278A0642CA4C311CDD72FC3FBEBE68DB86FCF9E0815A0F0F9AE7875B8E1B4E48515E38F4B4EB07D79C85945033;PATH=/ AWSELBCORS=89955FC7101A4E94C6960E3539876EF63E36A1F281B143ED278A0642CA4C311CDD72FC3FBEBE68DB86FCF9E0815A0F0F9AE7875B8E1B4E48515E38F4B4EB07D79C85945033;PATH=/;SECURE;SAMESITE=None
Strict-Transport-Security: max-age=31536000
Vary: Cookie
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Length: 11900
Connection: keep-alive

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Mon, 11 May 2020 15:02:37 GMT
Location: /extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Content-Length: 103
Connection: keep-alive

POST /
security-demo.extrahop.com/a/ 0
0

GET
H/1.1 200
OK htmlgui.d734a6ae02a297577602.css
security-demo.extrahop.com/media/gui/ 2 MB
732 KB 230ms
229ms Stylesheet
text/css 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.css

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

5baf39e204422fd5fbf5e49c3efadad10352a6b17a2659eec358b7c9e989c2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 May 2020 09:26:44 GMT
Server: Apache
Etag: "b6d76-5a4cf21189d00"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: private, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 748918
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK htmlgui.d734a6ae02a297577602.js Show response
security-demo.extrahop.com/media/gui/ 13 MB
3 MB 272ms
271ms Script
application/x-javascript 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

35628a6d92974a2d1fe29ee065ccc13ffff0e64e432d2ae0630b62ca9a38c67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 May 2020 09:26:44 GMT
Server: Apache
Etag: "2ff4ca-5a4cf21189d00"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: private, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3142858
X-Xss-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 80 KB
29 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d5f64bc60d536ef00e143a4093a20a2ef132bfebf99e229306c54f6f42c85f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29797
x-xss-protection: 0
expires: Mon, 11 May 2020 15:02:38 GMT

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be2d2f18ba47452f1f31d75dc3abaa2c1e57c366825bebfcac55a554424faa5b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://security-demo.extrahop.com

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b82e3c01c34620fb5a610244cc773ad46b4b7197be81116ba22ee869a600f6d4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://security-demo.extrahop.com

Response headers

Content-Type: application/font-woff

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 1443
date: Mon, 11 May 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Mon, 11 May 2020 16:38:35 GMT

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/ 336 KB
107 KB 54ms
54ms Script
application/javascript 143.204.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/pendo.js
Requested by: Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-80.fra50.r.cloudfront.net
Software: UploadServer /
Resource Hash: 41fe23ec1ecc7daa949f5de01d745ce613f10714fc908586f906bf58f350e691

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:28 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Age: 10
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Thu, 07 May 2020 18:07:41 GMT
Server: UploadServer
ETag: "ee7b77c5de4279e63be52c93df5b6627"
Vary: Accept-Encoding
x-goog-hash: crc32c=qhQICw==, md5=7nt3xd5CeeY75SyT31tmJw==
x-goog-generation: 1588874861321922
Via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 108439
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-GUploader-UploadID: AAANsUn6aRUoFg95F-iitTEjRdsskii51pIR4p28Q-JfcdF_DSiDdhJNL-MPukqJ_tGGaM00nSniyXvlIj6ZL1KV0A
X-Amz-Cf-Id: xSsooONKHjPsLxhCdKGlyHOx_kxaMOpAnIDH-61AQiDwaTuxTBEprg==
Expires: Mon, 11 May 2020 15:09:58 GMT

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 64ms
63ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

d9a961cb11b0be146784e3f5d274a8e80b5aab5a101d2122c6e5e3848896caf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 22:11:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Mar 2020 18:52:20 GMT
Age: 60661
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 8409
X-XSS-Protection: 1; mode=block
Expires: Mon, 11 May 2020 22:11:37 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
925 B 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 14:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1577
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Mon, 11 May 2020 15:36:21 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=805839847&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MT...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6551454-4&cid=1224351881.1589209359&jid=1719338410&_gid=186858060.1589209359&gjid=890993350&_v=j82&z=1464207222
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1224351881.1589209359&jid=1719338410&_v=j82&z=1464207222
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1224351881.1589209359&jid=1719338410&_v=j82&z=1464207222&slf_rd=1&random=2093333978

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1224351881.1589209359&jid=1719338410&_v=j82&z=1464207222&slf_rd=1&random=2093333978

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 May 2020 15:02:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 May 2020 15:02:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=1224351881.1589209359&jid=1719338410&_v=j82&z=1464207222&slf_rd=1&random=2093333978
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
101 B 16ms
16ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=805839847&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MTkzOGRm&dp=%2F%3Ffrom%3D1589176800%26interval_type%3DDT%26until%3D1589196300&ul=en-us&de=UTF-8&dt=ExtraHop%20EDA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEAj~&jid=&gjid=&cid=1224351881.1589209359&tid=UA-6551454-4&_gid=186858060.1589209359&gtm=2wg4t0W65PJS6&z=1297642214

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 05:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3229986
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 2 KB
2 KB 63ms
62ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

a86cfbecde921c4935f39b5fca834195cb9a2b12c2997ab08147c031b1bb668d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 13:08:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Dec 2019 22:22:08 GMT
Age: 6833
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 979
X-XSS-Protection: 1; mode=block
Expires: Tue, 12 May 2020 13:08:45 GMT

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 8 KB
5 KB 64ms
63ms Stylesheet
text/css 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 10:21:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 16867
Content-Length: 3946
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 22 Aug 2019 23:00:22 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 10:21:31 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 15 KB
5 KB 67ms
67ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

0d6dfddf8789a6869ae355e82e0dbc876b174697ac4828f4272d34b74aab6c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 09:08:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 21266
Content-Length: 4511
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 16 Jan 2020 22:58:44 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 09:08:12 GMT

POST
H/1.1 200
OK /
security-demo.extrahop.com/a/ 108 B
877 B 372ms
372ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: 7e3db13
X-CSRFToken: tVNBheYhnDDLPDr1drvNpxSOgKVcgwxW3su40XbvwjiUIB37efFfn8Id0OnuzeOs
X-Gen-Id: 1589209363522
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:44 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0, no-cache="set-cookie"
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 107
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set esw.html
service.force.com/embeddedservice/5.0/ Frame 0C58 0
0 69ms
69ms Document
text/html 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: service.force.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Response headers

Date: Mon, 11 May 2020 15:02:44 GMT
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Set-Cookie: BrowserId=d64SHpOYEeq2fTdY83eLBg; domain=.force.com; path=/; expires=Tue, 11-May-2021 15:02:44 GMT; Max-Age=31536000
Expires: Tue, 12 May 2020 15:02:44 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
security-demo.extrahop.com/extrahop/
Redirect Chain

https://security-demo.extrahop.com/extrahop/logout/
https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

12 KB
12 KB

342ms
342ms

Document
text/html

44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

f4cf366e60c7338abd40057c12d3524feb7307277a254d79f6bd804741fa8606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: security-demo.extrahop.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: AWSELB=89955FC7101A4E94C6960E3539876EF63E36A1F281B143ED278A0642CA4C311CDD72FC3FBE2283E3CAEF0FDC84D56817D6D6CEE26D1E94B6CCDD647E8486A662530D3F6E65; AWSELBCORS=89955FC7101A4E94C6960E3539876EF63E36A1F281B143ED278A0642CA4C311CDD72FC3FBE2283E3CAEF0FDC84D56817D6D6CEE26D1E94B6CCDD647E8486A662530D3F6E65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm#/?from=1589176800&interval_type=DT&until=1589196300

Response headers

Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Date: Mon, 11 May 2020 15:02:44 GMT
Server: Apache
Set-Cookie: demo_e=andy.bullivant@gbj-crime.co.uk; Path=/ demo_h=MzhiZWM0MTkzOGRm; Path=/ extrahop_sessionid=apikey:qzbfN6erzi_ACvyX5et3UfTerNrV_bglDIPr74s0lQQ; Path=/ extrahop_csrftoken=czKzewV9JqxujhY8UPsN5uyIfX0YxGGomPeoLMZrhkUgDCxq6XuUf19OHmp5bSjj; Path=/; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000
Vary: Cookie
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Length: 11900
Connection: keep-alive

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Mon, 11 May 2020 15:02:44 GMT
Location: /extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Content-Length: 103
Connection: keep-alive

GET
H/1.1 200
OK invite.esw.min.js
service.force.com/embeddedservice/5.0/client/ 19 KB
5 KB 63ms
62ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 11:29:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 12819
Content-Length: 4543
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 11 Dec 2019 22:22:08 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 11:29:05 GMT

GET
H/1.1 200
OK Settings.jsonp
d.la1-c1-ia2.salesforceliveagent.com/chat/rest/Visitor/ 166 B
558 B 399ms
134ms Script
text/javascript 13.110.10.4
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.10.4 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg0-iad3.la1-c1-ia2.salesforceliveagent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.min.js
service.force.com/embeddedservice/5.0/utils/ 8 KB
3 KB 63ms
62ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 17:47:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 76529
Content-Length: 2484
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 22 Jan 2020 02:11:04 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Mon, 11 May 2020 17:47:15 GMT

GET Availability.jsonp
d.la1-c1-ph2.salesforceliveagent.com/chat/rest/Visitor/ 0
0

GET
H/1.1 200
OK htmlgui.d734a6ae02a297577602.css
security-demo.extrahop.com/media/gui/ 2 MB
732 KB 304ms
302ms Stylesheet
text/css 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.css

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

5baf39e204422fd5fbf5e49c3efadad10352a6b17a2659eec358b7c9e989c2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 May 2020 09:26:44 GMT
Server: Apache
Etag: "b6d76-5a4cf21189d00"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: private, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 748918
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK htmlgui.d734a6ae02a297577602.js Show response
security-demo.extrahop.com/media/gui/ 13 MB
3 MB 225ms
224ms Script
application/x-javascript 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

35628a6d92974a2d1fe29ee065ccc13ffff0e64e432d2ae0630b62ca9a38c67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 May 2020 09:26:44 GMT
Server: Apache
Etag: "2ff4ca-5a4cf21189d00"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: private, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3142858
X-Xss-Protection: 1; mode=block

GET
H2 200 gtm.js
www.googletagmanager.com/ 80 KB
29 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29797
x-xss-protection: 0
expires: Mon, 11 May 2020 15:02:46 GMT

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://security-demo.extrahop.com

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://security-demo.extrahop.com

Response headers

Content-Type: application/font-woff

POST
H/1.1 200
OK /
security-demo.extrahop.com/a/ 108 B
871 B 426ms
425ms XHR
application/json 44.227.185.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://security-demo.extrahop.com/a/

Requested by

Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.185.167 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-185-167.us-west-2.compute.amazonaws.com

Software

ExtraHop API Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
X-Instance-Id: 4924f81
X-CSRFToken: UAuvob27TfVbiHXAbYjsK94R184bj34G4QYkVr6pr9iXC2wSn6lzUGFXtxtiXfHB
X-Gen-Id: 1589209366292
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 11 May 2020 15:02:46 GMT
Via: 1.1 localhost
X-Content-Type-Options: nosniff
Server: ExtraHop API Server
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/json
Cache-Control: private, max-age=0, no-cache="set-cookie"
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 101
X-Xss-Protection: 1; mode=block

GET
H2 200 analytics.js
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 1451
date: Mon, 11 May 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Mon, 11 May 2020 16:38:35 GMT

GET
H/1.1 200
OK pendo.js
cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/ 336 KB
107 KB 89ms
89ms Script
application/javascript 143.204.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/pendo.js
Requested by: Host: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-80.fra50.r.cloudfront.net
Software: UploadServer /
Resource Hash

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 15:02:28 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Age: 18
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Thu, 07 May 2020 18:07:41 GMT
Server: UploadServer
ETag: "ee7b77c5de4279e63be52c93df5b6627"
Vary: Accept-Encoding
x-goog-hash: crc32c=qhQICw==, md5=7nt3xd5CeeY75SyT31tmJw==
x-goog-generation: 1588874861321922
Via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 108439
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-GUploader-UploadID: AAANsUn6aRUoFg95F-iitTEjRdsskii51pIR4p28Q-JfcdF_DSiDdhJNL-MPukqJ_tGGaM00nSniyXvlIj6ZL1KV0A
X-Amz-Cf-Id: 6tgN_V9MvB74t2gPyqwtlXCrYNdsseEEGERyGzA7kR-0lgfyjMe73g==
Expires: Mon, 11 May 2020 15:09:58 GMT

GET
H/1.1 200
OK esw.min.js
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 87ms
87ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W65PJS6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 22:11:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Mar 2020 18:52:20 GMT
Age: 60669
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 8409
X-XSS-Protection: 1; mode=block
Expires: Mon, 11 May 2020 22:11:37 GMT

GET
H2 200 linkid.js
www.google-analytics.com/plugins/ua/ 2 KB
925 B 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 14:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1585
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Mon, 11 May 2020 15:36:21 GMT

GET
H/1.1 200
OK common.min.js
service.force.com/embeddedservice/5.0/utils/ 2 KB
2 KB 66ms
66ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 11:29:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 12821
Content-Length: 979
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 11 Dec 2019 22:22:08 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 11:29:05 GMT

GET
H2 200 eafa532f-80b5-4b73-42d2-dbc5e34761d5
app.pendo.io/data/guide.js/ 153 KB
28 KB 319ms
318ms Script
application/javascript 2001:4860:4802:32::34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
via: 1.1 google

GET
H2 200 eafa532f-80b5-4b73-42d2-dbc5e34761d5
app.pendo.io/data/ptm.gif/ 42 B
107 B 134ms
134ms Image
image/gif 2001:4860:4802:32::34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.pendo.io/data/ptm.gif/eafa532f-80b5-4b73-42d2-dbc5e34761d5?v=2.52.0_prod&ct=1589209366696&jzb=eJxdkF9P-jAUhr9LjVyNrWxaCsnCDfEHUSQhRIPGkK4rrK5_lu4MHYTvTod687tsz_ucPm_fTwjaSqAxUpblKECZs1-1cFuQ2t8O7ukoxqOEEEKHATrIWoJ1W5l7YHEs5NvrAi_W5XH5b6U9zDi3jYHr3DRKBahxykcLgKoeR1EteOMktP1caBuKb3CssFXIrY7-DtFEpMzkbZh5Xh6Ygds7vM8--9x5Ix8Nm7JXpP8_fhNNds7qtBMeDAnFuCcNCHdgatsVTKfrnjeT6icxIgnGXrhytqrR-HRt_9s5xjQ-BwhYNu9qvjw9PE_nG7qPS9y05cxTO8e0uA6Noo-wm2m9WudLvoHuA1sQfmWSkPPHBRfvcxs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:46 GMT
via: 1.1 google
x-content-type-options: nosniff
status: 200
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=265064995&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MT...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6551454-4&cid=408480581.1589209367&jid=596955097&_gid=106576908.1589209367&gjid=1134668687&_v=j82&z=1121398636
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=408480581.1589209367&jid=596955097&_v=j82&z=1121398636
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=408480581.1589209367&jid=596955097&_v=j82&z=1121398636&slf_rd=1&random=3980694459

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=408480581.1589209367&jid=596955097&_v=j82&z=1121398636&slf_rd=1&random=3980694459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 May 2020 15:02:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 May 2020 15:02:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6551454-4&cid=408480581.1589209367&jid=596955097&_v=j82&z=1121398636&slf_rd=1&random=3980694459
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
105 B 7ms
5ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=265064995&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity-demo.extrahop.com%2Fextrahop%2F%3Fe%3Dandy.bullivant%2540gbj-crime.co.uk%26h%3DMzhiZWM0MTkzOGRm&dp=%2F%3Ffrom%3D1589176800%26interval_type%3DDT%26until%3D1589196300&ul=en-us&de=UTF-8&dt=ExtraHop%20EDA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEAj~&jid=&gjid=&cid=408480581.1589209367&tid=UA-6551454-4&_gid=106576908.1589209367&gtm=2wg4t0W65PJS6&z=1415522047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 05:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3229994
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 8 KB
5 KB 67ms
66ms Stylesheet
text/css 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 09:08:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 21273
Content-Length: 3946
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 22 Aug 2019 23:00:22 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 09:08:13 GMT

GET
H/1.1 200
OK liveagent.esw.min.js
service.force.com/embeddedservice/5.0/client/ 15 KB
5 KB 63ms
62ms Script
application/x-javascript 161.71.0.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.166 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 09:08:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 21274
Content-Length: 4511
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 16 Jan 2020 22:58:44 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 12 May 2020 09:08:12 GMT

GET esw.html
service.force.com/embeddedservice/5.0/ Frame D14C 0
0

GET /
security-demo.extrahop.com/extrahop/logout/ 0
0

GET guide.css
cdn.pendo.io/agent/releases/2.52.0/ 0
0

GET guide.-323232.1569524281829.css
pendo-static-4816620446285824.storage.googleapis.com/ 0
0

GET QOeEhLICcwGPbptQVVeAb8sdaPE.guide.js
pendo-static-4816620446285824.storage.googleapis.com/guide-content/pvwdOtnPXv2gzp3Jp7C56LmJNsE/dNKzSgII52oNVLcAciGiffnfNdU/ 0
0

GET
H2 200 G4dotjb1WDaOMHYsb0FY5oYwm2E.guide.css
pendo-static-4816620446285824.storage.googleapis.com/guide-content/pvwdOtnPXv2gzp3Jp7C56LmJNsE/dNKzSgII52oNVLcAciGiffnfNdU/ 6 KB
1 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:815::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pendo-static-4816620446285824.storage.googleapis.com/guide-content/pvwdOtnPXv2gzp3Jp7C56LmJNsE/dNKzSgII52oNVLcAciGiffnfNdU/G4dotjb1WDaOMHYsb0FY5oYwm2E.guide.css
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/eafa532f-80b5-4b73-42d2-dbc5e34761d5/pendo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 15:02:36 GMT
content-encoding: gzip
age: 11
x-guploader-uploadid: AAANsUlXEicWRsJqrKusJ0L-D7mRi8y7s0MHhdrheFPLvi1F3eQTTaGMFYq06ub5jgM2EdG-M1wsiWP31ZjQF5oEbQ
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1242
last-modified: Tue, 12 Feb 2019 05:28:58 GMT
server: UploadServer
etag: "b4556c544db2241281106738f78ba7fb"
vary: Accept-Encoding
x-goog-hash: crc32c=e708Nw==, md5=tFVsVE2yJBKBEGc494un+w==
x-goog-generation: 1549949338904036
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 1242
accept-ranges: bytes
content-type: text/css; charset=utf-8
expires: Mon, 11 May 2020 16:02:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d.la1-c1-ia2.salesforceliveagent.com
URL: https://d.la1-c1-ia2.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[57380000000Gnf8]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=57280000000CbQd&org_id=00D80000000LnBG&version=48

Domain: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/logout/

Domain: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/logout/

Domain: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/logout/

Domain: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/logout/

Domain: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/logout/

Domain: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/logout/

Domain: assets.extrahop.com
URL: https://assets.extrahop.com/images/heroes/hub-security_warp.svg

Domain: assets.extrahop.com
URL: https://assets.extrahop.com/images/online-demo/tour-compass.svg

Domain: assets.extrahop.com
URL: https://assets.extrahop.com/images/online-demo/attack-guide-thumb.png

Domain: assets.extrahop.com
URL: https://assets.extrahop.com/images/online-demo/revealx-guide-thumb.png

Domain: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Domain: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Domain: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/a/

Domain: d.la1-c1-ph2.salesforceliveagent.com
URL: https://d.la1-c1-ph2.salesforceliveagent.com/chat/rest/Visitor/Availability.jsonp?sid=undefined&r=701&Availability.prefix=Visitor&Availability.ids=[57380000000Gnf8]&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=57280000000CbQd&org_id=00D80000000LnBG&version=48

Domain: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://security-demo.extrahop.com/extrahop/?e=andy.bullivant%40gbj-crime.co.uk&h=MzhiZWM0MTkzOGRm

Domain: security-demo.extrahop.com
URL: https://security-demo.extrahop.com/extrahop/logout/

Domain: cdn.pendo.io
URL: https://cdn.pendo.io/agent/releases/2.52.0/guide.css?ct=1589209367047

Domain: pendo-static-4816620446285824.storage.googleapis.com
URL: https://pendo-static-4816620446285824.storage.googleapis.com/guide.-323232.1569524281829.css?ct=1589209367047

Domain: pendo-static-4816620446285824.storage.googleapis.com
URL: https://pendo-static-4816620446285824.storage.googleapis.com/guide-content/pvwdOtnPXv2gzp3Jp7C56LmJNsE/dNKzSgII52oNVLcAciGiffnfNdU/QOeEhLICcwGPbptQVVeAb8sdaPE.guide.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.force.com/	1970-01-19 18:12:25	Name: BrowserId Value: cm_oYpOYEeqXOK_bpS9pKA
.extrahop.com/	1970-01-20 02:58:01	Name: _ga Value: GA1.2.105308259.1589209354
.extrahop.com/	1970-01-19 09:26:49	Name: _gat_UA-6551454-4 Value: 1
security-demo.extrahop.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 89955FC7101A4E94C6960E3539876EF63E36A1F281B143ED278A0642CA4C311CDD72FC3FBE2283E3CAEF0FDC84D56817D6D6CEE26D1E94B6CCDD647E8486A662530D3F6E65
security-demo.extrahop.com/	1969-12-31 23:59:59	Name: extrahop_csrftoken Value: 35F1DXCnZd88gorKoOasIL6oMhxY0kYkXTVIebLCtleLIQisEFMSgpctmBRrWW94
security-demo.extrahop.com/	1969-12-31 23:59:59	Name: demo_e Value: andy.bullivant@gbj-crime.co.uk
security-demo.extrahop.com/	1969-12-31 23:59:59	Name: extrahop_sessionid Value: apikey:qzbfN6erzi_ACvyX5et3UfTerNrV_bglDIPr74s0lQQ
security-demo.extrahop.com/	1969-12-31 23:59:59	Name: AWSELB Value: 89955FC7101A4E94C6960E3539876EF63E36A1F281B143ED278A0642CA4C311CDD72FC3FBE2283E3CAEF0FDC84D56817D6D6CEE26D1E94B6CCDD647E8486A662530D3F6E65
.extrahop.com/	1970-01-19 09:28:15	Name: _gid Value: GA1.2.507840567.1589209354
security-demo.extrahop.com/	1969-12-31 23:59:59	Name: demo_h Value: MzhiZWM0MTkzOGRm

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js(Line 48) Message: Error [object Object]
console-api	error	URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js(Line 48) Message: Error [object Object]
console-api	error	URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js(Line 48) Message: Error [object Object]
console-api	error	URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js(Line 48) Message: Error [object Object]
console-api	error	URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js(Line 48) Message: Error [object Object]
console-api	error	URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js(Line 48) Message: Error [object Object]
console-api	error	URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js(Line 48) Message: Error [object Object]
console-api	warning	URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js(Line 318) Message: unable to fetch system notices [object Object]
console-api	error	URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js(Line 48) Message: Error [object Object]
console-api	error	URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js(Line 48) Message: Error [object Object]
console-api	error	URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js(Line 48) Message: Error [object Object]
console-api	error	URL: https://security-demo.extrahop.com/media/gui/htmlgui.d734a6ae02a297577602.js(Line 48) Message: Error [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.pendo.io
assets.extrahop.com
cdn.pendo.io
d.la1-c1-ia2.salesforceliveagent.com
d.la1-c1-ph2.salesforceliveagent.com
pendo-static-4816620446285824.storage.googleapis.com
security-demo.extrahop.com
service.force.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
assets.extrahop.com
cdn.pendo.io
d.la1-c1-ia2.salesforceliveagent.com
d.la1-c1-ph2.salesforceliveagent.com
pendo-static-4816620446285824.storage.googleapis.com
security-demo.extrahop.com
service.force.com
13.110.0.4
13.110.10.4
143.204.97.80
161.71.0.166
2001:4860:4802:32::34
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:815::2010
2a00:1450:4001:817::200e
2a00:1450:4001:81d::2008
2a00:1450:400c:c04::9d
44.227.185.167
0d6dfddf8789a6869ae355e82e0dbc876b174697ac4828f4272d34b74aab6c16
0f7fb07132188251e2f0cd92b2bc5b47c041b4ec55c0cfbefe5e135b12edf643
193c6411cfe063576d6a15b558bcd6a02fab0c76c2a3942ff4133960ae396829
21bad4f6fb5b0f9144368353dd1d1caa7fccfbc224398664d9a32b1e4e320f62
23f4f64cfb709301d77975b9f006c5cc7717d86c6977d80618980b7458b6e1f6
244aef99b0ebfc3695ac8bfa3fa964e86c12657737030d84a5ec6da5e59dc3f6
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
35628a6d92974a2d1fe29ee065ccc13ffff0e64e432d2ae0630b62ca9a38c67c
41fe23ec1ecc7daa949f5de01d745ce613f10714fc908586f906bf58f350e691
56fc27e98e2a1b4a6d69b2db6f69d16f5b3a854deb69c0a25532f2b061b79b82
5baf39e204422fd5fbf5e49c3efadad10352a6b17a2659eec358b7c9e989c2a0
6acd990ab8fc3f8b16c977a22e12a7c79bf8a3edd9f2164fe283ad5e880ecf88
6f56dfda63497c7f13274d97c1443c6c861e1bd755bba218ff53d63196d4e2e7
7d5f64bc60d536ef00e143a4093a20a2ef132bfebf99e229306c54f6f42c85f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
868f89c9d598d3a429bc3a42061a11000cfc79ac42168416835ab4ec08698608
88356349d291440f627c616ef43db6cbf0beaf4d0c896ed43a7f692279cb9f41
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9f9a77aca5bfcf48c15fb3a19a0cb2aa95ddb96a26220c6bf628d9b1cb22c13d
9fb0874a18ed610a3e5b610b286066e3c10a69733d3298484232777cfba7142a
a86cfbecde921c4935f39b5fca834195cb9a2b12c2997ab08147c031b1bb668d
ac20136402e1daf9eb019c6b2d21f58dd940c9ba59d42ae2e2ab235021327cc2
b82e3c01c34620fb5a610244cc773ad46b4b7197be81116ba22ee869a600f6d4
b9e1ff193265fb9f738d784a545868042635126ccc3165e189523326f552753c
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
be2d2f18ba47452f1f31d75dc3abaa2c1e57c366825bebfcac55a554424faa5b
cf85f2a292268973e8f1c603b83cf66fc3ad8b7f7dacc27dfb6fc99688711cf7
d1f6eeee08f53dab5f281b34a66dbffa0e7a588fdc68d665986b9ad419e4539e
d9a961cb11b0be146784e3f5d274a8e80b5aab5a101d2122c6e5e3848896caf6
da6661d387b46f0e2703040fed55c7227c411b250c067f03b5ee9f0ee912edca
de4bdda3e8f233d168b44b172fb330b566896d282985d8ad94633ddaaf37ba95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70b0e085fe0d3f23aaec34005c728ca4d88de40601ad7675ec205b66a3b3610
e8c5178e4585c26dd382cb281b45526aa61d0bb2560a93f5dbb71f683c00e51b
ecc37e01ea37e3b466592107b3d727fe4a0b4d0bbdca98a65016c41192218396
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
f4cf366e60c7338abd40057c12d3524feb7307277a254d79f6bd804741fa8606
f6e68d62be9f3adce527ca64b94c9401dad46b894a3e2e6845a0b9f01021e13e
f943b6ff41b51ed4b7966a62bf95ff78cecc69caa38d458c838cf6ed4c0b12cd

security-demo.extrahop.com Open in urlscan Pro 44.227.185.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

128 Requests

84 %HTTPS

58 %IPv6

10 Domains

13 Subdomains

11 IPs

4 Countries

20575 kBTransfer

79545 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

security-demo.extrahop.com Open in urlscan Pro
44.227.185.167 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

84 %
HTTPS

58 %
IPv6

10
Domains

13
Subdomains

11
IPs

4
Countries

20575 kB
Transfer

79545 kB
Size

10
Cookies

128 HTTP transactions
14 data transactions