urlscan.io logo urlscan.io
SecurityTrails logo

dthtien-security-eh-staging.lms.staging.ehrocks.com Open in urlscan Pro
52.64.165.235  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Effective URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Submission: On October 05 via api from VN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 83 HTTP transactions. The main IP is 52.64.165.235, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is dthtien-security-eh-staging.lms.staging.ehrocks.com.
TLS certificate: Issued by R3 on October 4th 2021. Valid for: 3 months.
This is the only time dthtien-security-eh-staging.lms.staging.ehrocks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 52.64.165.235 16509 (AMAZON-02)
31 13.225.87.89 16509 (AMAZON-02)
3 151.101.192.176 54113 (FASTLY)
1 52.95.132.178 16509 (AMAZON-02)
1 142.250.184.202 15169 (GOOGLE)
8 172.67.38.240 13335 (CLOUDFLAR...)
1 104.75.88.161 16625 (AKAMAI-AS)
1 13.225.79.159 16509 (AMAZON-02)
1 151.101.65.137 54113 (FASTLY)
1 104.117.200.111 16625 (AKAMAI-AS)
2 3.233.145.236 14618 (AMAZON-AES)
10 13.224.197.80 16509 (AMAZON-02)
2 52.55.235.182 14618 (AMAZON-AES)
1 142.250.74.200 15169 (GOOGLE)
1 1 13.224.193.29 16509 (AMAZON-02)
3 13.225.87.104 16509 (AMAZON-02)
3 142.250.185.194 15169 (GOOGLE)
1 35.201.112.186 15169 (GOOGLE)
3 35.186.194.58 15169 (GOOGLE)
3 142.250.185.174 15169 (GOOGLE)
1 173.194.76.154 15169 (GOOGLE)
2 142.250.186.68 15169 (GOOGLE)
83 22
4    52.64.165.235 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-165-235.ap-southeast-2.compute.amazonaws.com
dthtien-security-eh-staging.lms.staging.ehrocks.com
31    13.225.87.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-89.fra2.r.cloudfront.net
cdn.go1static.com
3    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    52.95.132.178 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
apiomui-cdn.s3-ap-southeast-2.amazonaws.com
1    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
8    172.67.38.240 (United States)

ASN13335 (CLOUDFLARENET, US)
api.go1.co
beam.go1.co
1    104.75.88.161 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-161.deploy.static.akamaitechnologies.com
cdn.optimizely.com
1    13.225.79.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-79-159.fra2.r.cloudfront.net
www.datadoghq-browser-agent.com
1    151.101.65.137 (United States)

ASN54113 (FASTLY, US)
res.cloudinary.com
1    104.117.200.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-111.deploy.static.akamaitechnologies.com
a18973410380.cdn.optimizely.com
2    3.233.145.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-145-236.compute-1.amazonaws.com
rum-http-intake.logs.datadoghq.com
10    13.224.197.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-80.fra2.r.cloudfront.net
cdn.segment.com
2    52.55.235.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-235-182.compute-1.amazonaws.com
logx.optimizely.com
1    142.250.74.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net
www.googletagmanager.com
1    13.224.193.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-29.fra2.r.cloudfront.net
widget.intercom.io
3    13.225.87.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-104.fra2.r.cloudfront.net
js.intercomcdn.com
3    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
googleads.g.doubleclick.net
1    35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
3    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
3    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
www.google-analytics.com
1    173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net
stats.g.doubleclick.net
2    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
Domain Requested by
31 cdn.go1static.com dthtien-security-eh-staging.lms.staging.ehrocks.com
cdn.go1static.com
10 cdn.segment.com dthtien-security-eh-staging.lms.staging.ehrocks.com
www.datadoghq-browser-agent.com
cdn.segment.com
6 api.go1.co cdn.go1static.com
www.datadoghq-browser-agent.com
4 dthtien-security-eh-staging.lms.staging.ehrocks.com 1 redirects dthtien-security-eh-staging.lms.staging.ehrocks.com
cdn.go1static.com
3 www.google-analytics.com www.googletagmanager.com
www.datadoghq-browser-agent.com
3 rs.fullstory.com www.datadoghq-browser-agent.com
edge.fullstory.com
3 js.intercomcdn.com widget.intercom.io
3 js.stripe.com dthtien-security-eh-staging.lms.staging.ehrocks.com
js.stripe.com
2 beam.go1.co www.datadoghq-browser-agent.com
2 www.google.com
2 www.googleadservices.com cdn.segment.com
www.googletagmanager.com
2 logx.optimizely.com www.datadoghq-browser-agent.com
2 rum-http-intake.logs.datadoghq.com www.datadoghq-browser-agent.com
1 stats.g.doubleclick.net www.datadoghq-browser-agent.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 edge.fullstory.com cdn.segment.com
1 widget.intercom.io 1 redirects
1 www.googletagmanager.com cdn.segment.com
1 a18973410380.cdn.optimizely.com cdn.optimizely.com
1 res.cloudinary.com dthtien-security-eh-staging.lms.staging.ehrocks.com
1 www.datadoghq-browser-agent.com dthtien-security-eh-staging.lms.staging.ehrocks.com
1 cdn.optimizely.com dthtien-security-eh-staging.lms.staging.ehrocks.com
1 fonts.googleapis.com cdn.go1static.com
1 apiomui-cdn.s3-ap-southeast-2.amazonaws.com dthtien-security-eh-staging.lms.staging.ehrocks.com
83 24

This site contains no links.

Subject Issuer Validity Valid
dthtien-security-eh-staging.lms.staging.ehrocks.com
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
cdn.go1static.com
Amazon		 2021-01-05 -
2022-02-02		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-07-09 -
2021-11-03		 4 months crt.sh
*.s3-ap-southeast-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-24 -
2022-07-23		 a year crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA		 2021-02-17 -
2022-02-21		 a year crt.sh
*.datadoghq-browser-agent.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-17 -
2022-03-17		 a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2020-05-27 -
2022-06-22		 2 years crt.sh
*.cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.logs.datadoghq.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-31 -
2022-05-31		 2 years crt.sh
*.segment.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-19 -
2022-08-09		 a year crt.sh
logx.optimizely.com
Amazon		 2021-08-23 -
2022-09-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.intercomcdn.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
edge.fullstory.com
GTS CA 1D4		 2021-08-22 -
2021-11-20		 3 months crt.sh
*.fullstory.com
R3		 2021-09-21 -
2021-12-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 4 frames:

Primary Page: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Frame ID: 0A20A5A0C43BA6C8B13743020D460C33
Requests: 75 HTTP requests in this frame

Frame: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fdthtien-security-eh-staging.lms.staging.ehrocks.com&stripe_xdm_c=default893027&stripe_xdm_p=1
Frame ID: 47C5527D6B029E13105D7720C3EA2795
Requests: 2 HTTP requests in this frame

Frame: https://a18973410380.cdn.optimizely.com/client_storage/a18973410380.html
Frame ID: 70E7262C1CD46F33C7814B20B9D58681
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.89acc342.js
Frame ID: BD550BEA4478E5D4B3F7F471CABD140A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in

Page URL History Show full URLs

  1. https://dthtien-security-eh-staging.lms.staging.ehrocks.com/ HTTP 301
    https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/ Page URL
  2. https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

83
Requests

99 %
HTTPS

0 %
IPv6

19
Domains

24
Subdomains

22
IPs

3
Countries

5176 kB
Transfer

19751 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dthtien-security-eh-staging.lms.staging.ehrocks.com/ HTTP 301
    https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/ Page URL
  2. https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://dthtien-security-eh-staging.lms.staging.ehrocks.com/ HTTP 301
  • https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Request Chain 62
  • https://widget.intercom.io/widget/aa7s04yh HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Redirect Chain
  • https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
  • https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.64.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-165-235.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
149a99c380f39e2948696407eb87d4446aadd3c5304114ec3d923cb6fec55e4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
dthtien-security-eh-staging.lms.staging.ehrocks.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 00:18:51 GMT
content-type
text/html; charset=utf-8
content-length
3297
last-modified
Mon, 27 Sep 2021 09:27:27 GMT
etag
"61518e7f-ce1"
cache-control
no-cache, no-store, must-revalidate max-age=0
pragma
no-cache
expires
Tue, 12 May 2015 1:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000000; includeSubDomains
accept-ranges
bytes

Redirect headers

content-length
0
location
/p/
vendor.7f27dd60.css
cdn.go1static.com/assets/286925/styles/ 		402 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286925/styles/vendor.7f27dd60.css
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4e0aa1417bfcfc6c943de95cf48cb63bb02d21a17703c9b4d5eba8d82036859

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:27:49 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 08:49:55 GMT
server
AmazonS3
age
658264
etag
W/"7f27dd608ca3e4a95dd2cdbeafc64784"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/css; charset=utf-8
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Xibsb66Tm0AlWJL7WpGqvMAVg9PSa1nvdk7l2gpryISJuwRZ3JY6Ig==
main.fff4bc07.css
cdn.go1static.com/assets/286925/styles/ 		346 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286925/styles/main.fff4bc07.css
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c072f33e888ba1edc850eba1bfb5c72570e7b4055ac44a170313665106e1ca2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:27:49 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 08:49:54 GMT
server
AmazonS3
age
658264
etag
W/"fff4bc0777f40a3d5c37c96a1e6aac21"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/css; charset=utf-8
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
60TsAP3u_wYzOGcnvjmaTi6sWV5C8U7QY9o99j9GnDcuKub1uX7cBg==
supported.js
cdn.go1static.com/assets/286925/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286925/scripts/supported.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5f1e78fa3b0d15c2eb240848f87f51894379dbf1f4a0e33353ec24cd246ccba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:27:49 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 08:49:51 GMT
server
AmazonS3
age
658264
etag
W/"83df3e553d50b11b292c86c2731eba92"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
YI_WpJoAGIieBEYAw4cQNlAyNybw26G-BAzkP17V7bdyYnSMzO7qDQ==
/
js.stripe.com/v2/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0f831be9ee5da767fe9a4f425a53e843fef1d73bf52cb48becb6644ec7b73dc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:52 GMT
content-encoding
br
vary
Accept-Encoding
age
120
via
1.1 varnish
x-cache
HIT
content-length
19861
x-amz-id-2
EPHMX3G3mFHPtXp7W8ObOvmpfrIqvv6WnUJrBPYN3kyJ7uSI7G7FZUPgn0rvUwmrdgQaLY5ofqE=
x-served-by
cache-fra19154-FRA
timing-allow-origin
*
last-modified
Mon, 16 Aug 2021 18:28:38 GMT
server
AmazonS3
etag
"9aa0f060e9dc287fa15cf0f0d2a136b9"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
GW7MKC69TDH0AXYS
access-control-allow-origin
*
cache-control
public, max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
6
ckeditor.js
apiomui-cdn.s3-ap-southeast-2.amazonaws.com/ckeditor/ 		408 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://apiomui-cdn.s3-ap-southeast-2.amazonaws.com/ckeditor/ckeditor.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.132.178 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 00:18:54 GMT
Last-Modified
Fri, 08 Nov 2019 06:44:34 GMT
Server
AmazonS3
x-amz-request-id
18YFJZVS8HJE5TPM
ETag
"2114fe4de6c1e982d1cd3777fad820f8"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
656748
x-amz-id-2
X4ZVKoV3GnwchRVwMYRxlW/g9AzHobzoCuyILVi5W+m2C6aSpo5ebMZv1u7x23I4FJE84CWWCjA=
polyfill.a6a66cf5.js
cdn.go1static.com/assets/286925/js/ 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286925/js/polyfill.a6a66cf5.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7987f845a0aa9e6e7ce63ea1f851de9806f1a36fb981a9f8f86054ff7a74ed5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:27:49 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 08:48:59 GMT
server
AmazonS3
age
658264
etag
W/"a6a66cf58657bfa40fceb54a5b496bb6"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
MWyWBE1waiCXBxB4bs1ualiCoerw32MpDZsWQJPltnPnu2yuEiWk1w==
vendors.9fcab99f.js
cdn.go1static.com/assets/286925/js/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286925/js/vendors.9fcab99f.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37c4113bdf0a5d1fd277efc67494a3a14b148b00bfa9cd2cf49b860d1763cd28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:27:49 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 08:49:01 GMT
server
AmazonS3
age
658264
etag
W/"9fcab99f2a2f26508b4264d494193476"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
r2te5dTdQNd7uvQJnoo7b9b2IXYSUN2qWpUneq9_Z2pBiN0ktNASyQ==
global.ecee5b5e.js
cdn.go1static.com/assets/286925/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286925/js/global.ecee5b5e.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7387c600796d62e175936804efc4bd6247163298b72161d0d75c171e15995cf4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:27:49 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 08:48:58 GMT
server
AmazonS3
age
658264
etag
W/"ecee5b5eb6f5ead9de5ca18e1f218ad4"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
HZF4VS265mjIn9UE27zmCwULj_fzU4IotKV_jLovlr5o-KBd1Tim9Q==
vendor.aaf5d752.js
cdn.go1static.com/assets/286925/js/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286925/js/vendor.aaf5d752.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbd13ab60d13b718306f63c343d4298e8c37e4dab975843ffe3390300ee54739

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:27:49 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 08:49:01 GMT
server
AmazonS3
age
658264
etag
W/"aaf5d752d94f88364bc97308e8cdf1d7"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
QfQQ463ZdgEIhK3KEyKQhW9Lw-SHlKRTJko9B0uEhEo_pI54jnxqAw==
config.877ed6ea.js
dthtien-security-eh-staging.lms.staging.ehrocks.com/p/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/js/config.877ed6ea.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.64.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-165-235.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
cb3f0e92e55dddb04b802ea6f8f2baeca41141fac77713c6419eec480f6d51bf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 00:18:52 GMT
last-modified
Mon, 27 Sep 2021 09:27:38 GMT
etag
"61518e8a-aff"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000 no-cache, no-store, must-revalidate max-age=0
accept-ranges
bytes
content-length
2815
expires
Wed, 05 Oct 2022 00:18:52 GMT Tue, 12 May 2015 1:00:00 GMT
scripts.12b734c8.js
cdn.go1static.com/assets/286925/js/ 		3 MB
704 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286925/js/scripts.12b734c8.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef137a272003a3b8870248e9c01706e393b05fbb725373f93730fd26ad6ca06a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:27:49 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 08:49:00 GMT
server
AmazonS3
age
658264
etag
W/"fc3c2ee794e2698b30cce75714f17a04"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
gNNDsoly_zuRNHqempzXs6fb7anvMwhJuPwjG6MK4NifmJ_DG8GdaA==
ts-app.35fb569d.js
cdn.go1static.com/assets/286925/js/ 		1 MB
304 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286925/js/ts-app.35fb569d.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e6275440eb0965c1b116db1f1bd1b5f24c84b35953159d42d479daa0da28975

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:27:49 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 08:49:00 GMT
server
AmazonS3
age
658264
etag
W/"35fb569d13ad9220b891e320a468daf9"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
6Tsro-04z0CmqwAhFwCPu9KZTQ3GkAU61CC1AgbyZYSyvj9zRfbDGQ==
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,400i,600,700
Requested by
Host: cdn.go1static.com
URL: https://cdn.go1static.com/assets/286925/styles/main.fff4bc07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
650a851f8c5ff87f54fbe1d97572d9aef19f2cdb6bea53bf0525e608641b6d0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.go1static.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 00:18:52 GMT
server
ESF
date
Tue, 05 Oct 2021 00:18:52 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 00:18:52 GMT
Obelisc-Regular.woff2
cdn.go1static.com/assets/fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/fonts/Obelisc-Regular.woff2
Requested by
Host: cdn.go1static.com
URL: https://cdn.go1static.com/assets/286925/styles/main.fff4bc07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aeedc9cce8e89120543fc419ef463f619946d9a3f45b33cdf1dc804e13051b4a

Request headers

Referer
https://cdn.go1static.com/assets/286925/styles/main.fff4bc07.css
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:53 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
vary
Origin
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-length
33731
last-modified
Thu, 04 Feb 2021 04:43:40 GMT
server
AmazonS3
etag
"b371e18cbf15d8a4fb6d74375eb13496"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
N8Sx6vVTmDmZElvfja1xVtHUapWyJe0tlsOitxbZ8-c_R_qT6fOZpA==
channel.html
js.stripe.com/v2/ Frame 47C5 		1 KB
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fdthtien-security-eh-staging.lms.staging.ehrocks.com&stripe_xdm_c=default893027&stripe_xdm_p=1
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3e859b8149a06247853276aa0b4c79c4f3d0d63e91baf88bf96b76fbfc1b492
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fdthtien-security-eh-staging.lms.staging.ehrocks.com&stripe_xdm_c=default893027&stripe_xdm_p=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/

Response headers

x-amz-id-2
mCYCjVmAkdokqHDT9KJv2kaAHNDEUPq827e+go4F5BLTHclWvMNQi9n8QTWgbae2urARr7YY9MA=
x-amz-request-id
QYF8T7D8KKSHKQY8
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"19af0c6cc7a0bca20a355b3362dc64a0"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
br
accept-ranges
bytes
date
Tue, 05 Oct 2021 00:18:52 GMT
via
1.1 varnish
age
290
x-served-by
cache-fra19154-FRA
x-cache
HIT
x-cache-hits
11
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
449
analytics.js
cdn.go1static.com/prod/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/prod/analytics.js
Requested by
Host: cdn.go1static.com
URL: https://cdn.go1static.com/assets/286925/js/ts-app.35fb569d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
67716e01132b5510d641d458f88ff615f121633f74a56c94245922064006928c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 00:18:53 GMT
content-encoding
gzip
content-md5
tjn9fAP/cgxdAb+cqoGTTQ==
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
x-ms-lease-status
unlocked
last-modified
Thu, 12 Aug 2021 02:02:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-ms-request-id
27f31ed7-801e-0079-435d-b5692d000000
x-ms-version
2009-09-19
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Elh80sMFlHj4pgPj-FvD5lKnQxV6cmor3Zd65Qlz4bJ-qUL8j6Y8tA==
feature
api.go1.co/featuretoggle/ 		1 KB
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.go1.co/featuretoggle/feature?context[portal][]=dthtien-security-eh-staging.lms.staging.ehrocks.com
Requested by
Host: cdn.go1static.com
URL: https://cdn.go1static.com/assets/286925/js/vendor.aaf5d752.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-proxy-host
k8s-prod-api-v3-80
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
91aea0e4d5bc9e70a395b7077d6f0205
referrer-policy
strict-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-credentials
true
x-service-name
api-v3
cf-ray
699279aace77694c-FRA
access-control-allow-headers
Origin, DNT, X-Requested-With, x-mail, apollographql-client-name, If-Modified-Since, Cache-Control, Content-Type, Content-Range, Range, Authorization,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled
dthtien-security-eh-staging.lms.staging.ehrocks.com
api.go1.co/portal/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.go1.co/portal/dthtien-security-eh-staging.lms.staging.ehrocks.com
Requested by
Host: cdn.go1static.com
URL: https://cdn.go1static.com/assets/286925/js/vendor.aaf5d752.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-proxy-host
k8s-prod-api-v3-80
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
13695558a3e532ccf3ea6f4dfc0f55b4
referrer-policy
strict-origin
last-modified
Mon, 24 May 2021 02:02:59 GMT
server
cloudflare
etag
W/"af66f28b6cd462661407a90708e0f676"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, public
access-control-allow-credentials
true
x-service-name
api-v3
cf-ray
699279aace79694c-FRA
access-control-allow-headers
Origin, DNT, X-Requested-With, x-mail, apollographql-client-name, If-Modified-Since, Cache-Control, Content-Type, Content-Range, Range, Authorization,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled
/
js.stripe.com/v2/ Frame 47C5 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fdthtien-security-eh-staging.lms.staging.ehrocks.com&stripe_xdm_c=default893027&stripe_xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0f831be9ee5da767fe9a4f425a53e843fef1d73bf52cb48becb6644ec7b73dc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fdthtien-security-eh-staging.lms.staging.ehrocks.com&stripe_xdm_c=default893027&stripe_xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:53 GMT
content-encoding
br
vary
Accept-Encoding
age
121
via
1.1 varnish
x-cache
HIT
content-length
19861
x-amz-id-2
EPHMX3G3mFHPtXp7W8ObOvmpfrIqvv6WnUJrBPYN3kyJ7uSI7G7FZUPgn0rvUwmrdgQaLY5ofqE=
x-served-by
cache-fra19154-FRA
timing-allow-origin
*
last-modified
Mon, 16 Aug 2021 18:28:38 GMT
server
AmazonS3
etag
"9aa0f060e9dc287fa15cf0f0d2a136b9"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
GW7MKC69TDH0AXYS
access-control-allow-origin
*
cache-control
public, max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
7
Primary Request login
dthtien-security-eh-staging.lms.staging.ehrocks.com/ 		104 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Requested by
Host: cdn.go1static.com
URL: https://cdn.go1static.com/assets/286925/js/scripts.12b734c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.64.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-165-235.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
c310f64dab7b2ad934adedac85f2ef4fd5fa94c88762b7dd7718ff0ad3433f9b

Request headers

Host
dthtien-security-eh-staging.lms.staging.ehrocks.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/

Response headers

date
Tue, 05 Oct 2021 00:18:54 GMT
content-type
text/html; charset=utf-8
transfer-encoding
chunked
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
no-cache
etag
"1a05e-zH859ckbvML/hrRhAwYG3c3+e8M"
vary
Accept-Encoding
content-encoding
gzip
dthtien-security-eh-staging.lms.staging.ehrocks.com
api.go1.co/portal/ 		0
0
19019410666.js
cdn.optimizely.com/js/ 		312 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/19019410666.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-161.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b1a7e8f918aec14bfe08201933eb75a4a16e3af7bf9a5f46372960d0a3238ef9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
YUXsbz1CaldbVcx0.PK2N7c6yhTFPMVa
content-encoding
gzip
etag
"6d1f19aeb8b7cc5e763b1d6381519464"
x-amz-request-id
Y1S07S1TP2DYAR3H
x-amz-server-side-encryption
AES256
x-amz-meta-revision
705
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="104.75.88.161";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
92711
x-amz-id-2
mckMotoaJiSQy5QCY8cQt9UYWGzzKVSm0sBOv78aCWVxMcCEiyvg/w5c1AWcEUwhkLy4gymr/Bs=
last-modified
Wed, 07 Apr 2021 05:15:12 GMT
server
AmazonS3
date
Tue, 05 Oct 2021 00:18:54 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
analytics.js
cdn.go1static.com/prod/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/prod/analytics.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
67716e01132b5510d641d458f88ff615f121633f74a56c94245922064006928c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 00:18:53 GMT
content-encoding
gzip
content-md5
tjn9fAP/cgxdAb+cqoGTTQ==
age
17050
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
x-ms-lease-status
unlocked
last-modified
Thu, 12 Aug 2021 02:02:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-ms-request-id
27f31ed7-801e-0079-435d-b5692d000000
x-ms-version
2009-09-19
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
e8zx6D2UNtCe_LEVz4Qa6UbkprpIEWIh2GnSS-jT4zn4yLl1mTJixA==
webpack-68f18e667f49ef42c035.js
cdn.go1static.com/assets/286421/_next/static/chunks/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/chunks/webpack-68f18e667f49ef42c035.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2f9f69b4d51d36c76dced31c51da67c7206e3687d489b11ca41fe4e6b406515

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
94
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 23 Sep 2021 06:44:56 GMT
server
AmazonS3
etag
W/"b0b4b78135128a0f9c357a154fa20e59"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
3blyki8gZx5jUgyRLCmIPPrVsjKADWa5vcTktDejWPEFMkS_1QO6Rw==
framework-590dc0b2054a70285504.js
cdn.go1static.com/assets/286421/_next/static/chunks/ 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/chunks/framework-590dc0b2054a70285504.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e019356912d02d7105849ab04db07af4a76ea8f903efe3cb2c471f776b37bbd2

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
94
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 23 Sep 2021 06:44:56 GMT
server
AmazonS3
etag
W/"3a30ff335a15971da73991be72929a2e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
R80tWOgWaLZRjvxC8R-hOKcupMOiIUix_PGqEE5AMJoEBwxL4c5zGA==
main-505cad3e4a77be91d437.js
cdn.go1static.com/assets/286421/_next/static/chunks/ 		190 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/chunks/main-505cad3e4a77be91d437.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
631c046c759935a69164d19aec4561700d3cad250b9cd63fe20619eef1611e48

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
94
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 23 Sep 2021 06:44:56 GMT
server
AmazonS3
etag
W/"31b56572671e5d8672f29ede80d7ab60"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
TdnbJZt_72GRe36Khm0349xcopMCaLD3wn_Y5DxDoqQBBWuCrA69dQ==
_app-e2099455160f7ed631fd.js
cdn.go1static.com/assets/286421/_next/static/chunks/pages/ 		1 MB
332 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/chunks/pages/_app-e2099455160f7ed631fd.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3703ea257abc0d9a966c9e650e2197eeade008242482f88a82f205aa1dd9cee9

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
94
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 23 Sep 2021 06:44:56 GMT
server
AmazonS3
etag
W/"9ee99ee52ba8ec524814b665ce64e446"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
FNtQLqnu7fhU3otpCuGyypZg5w4hyXsUCiLI6SIPlAGelDvEjeyM6w==
3679-b48b5de492d235f4a891.js
cdn.go1static.com/assets/286421/_next/static/chunks/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/chunks/3679-b48b5de492d235f4a891.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31c9c2f7397762386f1bac3bd92c61173539c862af22572d468d8cd0a02b90ac

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
94
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 23 Sep 2021 06:44:55 GMT
server
AmazonS3
etag
W/"307dad1f5297c76fb244ffdef6b50395"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Uw51OOvV-LrgmYnXAmsoIWa3w_2FXPoTW5W5Hv2MOoin5S_GSozhZQ==
2334-f97bcc694a26225cf4b2.js
cdn.go1static.com/assets/286421/_next/static/chunks/ 		687 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/chunks/2334-f97bcc694a26225cf4b2.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
65fec8d71f58bbd6e3f77b54c2f591536b80995b83f68535d42c19f335f8d439

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
94
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 23 Sep 2021 06:44:55 GMT
server
AmazonS3
etag
W/"a8f3e0ba94d1e8f0f66656617f9dfd09"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
yGAz2tUArQQwO8exm60sgV2lkyhy7gimMRCsQ2ABly3NnbsgdoqejA==
9316-87df856c649252e6ad6d.js
cdn.go1static.com/assets/286421/_next/static/chunks/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/chunks/9316-87df856c649252e6ad6d.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebebc89183e45e668c53997f99b97da5d691d60ee6da09fe48eb476d17f4148d

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
94
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 23 Sep 2021 06:44:55 GMT
server
AmazonS3
etag
W/"d80123956036cccd7602f8e581bd3be7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ERcIhFYCIMdN94LL-WODqgJyvMlidutxmpA4d6Zn-02KMQ7siAhUJw==
293-ff686d2af268b9283711.js
cdn.go1static.com/assets/286421/_next/static/chunks/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/chunks/293-ff686d2af268b9283711.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4e76bde03f3c6a594b258aefd3bfa21c7c9ba53d8f7740a58eb11d678702728

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
95
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 23 Sep 2021 06:44:55 GMT
server
AmazonS3
etag
W/"13bc60d0b2e0b3eb34b3ffee46591e94"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
7eFkvHR2aHLV9TVKCHB-Y8q_KOhi5lsb6Mbajv-bPgkDtdKhznaCQA==
3779-efc52b8e5f2eca5d2c99.js
cdn.go1static.com/assets/286421/_next/static/chunks/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/chunks/3779-efc52b8e5f2eca5d2c99.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb3499424aee31d34c3764350846a4d9127c561d2dd1370d751c264cd38e12b0

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:56 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Thu, 23 Sep 2021 06:44:55 GMT
server
AmazonS3
etag
W/"4924ad13063703036f2fdc21f6d388e8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
5Sj1xWLPe6v1vC_xf0xXVTMhqd6qXXI6j21K1wPXztbBK0vZjAZb-Q==
4745-255132f6262d25f763cb.js
cdn.go1static.com/assets/286421/_next/static/chunks/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/chunks/4745-255132f6262d25f763cb.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
868149563fc322f9249607083aeb1761320923c96a482443d189e1460e40ee30

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:56 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Thu, 23 Sep 2021 06:44:55 GMT
server
AmazonS3
etag
W/"a209a664a4a34f951c2f035e25df4dfa"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
av7P1h1a6y48OHaeVTbRvsGwLQFmWjMav3NqyykwIYZBt7XZhKxBfQ==
login-fc376727481fd480a1bc.js
cdn.go1static.com/assets/286421/_next/static/chunks/pages/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/chunks/pages/login-fc376727481fd480a1bc.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba9cfe588096d06f816146318bbafd628857d47fab9acbda2fba76b2f00ee8cc

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
95
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 23 Sep 2021 06:44:56 GMT
server
AmazonS3
etag
W/"93e0e577022179566d75a41e534d35ec"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
WaINhEXkDGnYIZyHQu6Xs0_6KtaU1Nl6m6oUCMlt9ILBDOLyEyVFfQ==
_buildManifest.js
cdn.go1static.com/assets/286421/_next/static/oVEhX7-Rxhu1xVe78nJXW/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/oVEhX7-Rxhu1xVe78nJXW/_buildManifest.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1eb8ba111096ea65ff3ccc30a2585a64aaf768052c6145c7a55be0d107b09bd5

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
95
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 23 Sep 2021 06:44:56 GMT
server
AmazonS3
etag
W/"b9d7825f5a33e5f9f40f8e7b56745246"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
D8mtXt215sHt_QF_62qPrYYkG5e05gxCudxdX02pZtgpBcN8_28WVQ==
_ssgManifest.js
cdn.go1static.com/assets/286421/_next/static/oVEhX7-Rxhu1xVe78nJXW/ 		77 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/oVEhX7-Rxhu1xVe78nJXW/_ssgManifest.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
vary
Origin
age
95
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
77
last-modified
Thu, 23 Sep 2021 06:44:56 GMT
server
AmazonS3
etag
"b6652df95db52feb4daf4eca35380933"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
DFHeUvknqzu85EGqvdWi9VD6x5b9dfNYxviYD1Be49sBdd6Dfk-C4w==
datadog-rum.js
www.datadoghq-browser-agent.com/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.79.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-79-159.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:55 GMT
content-encoding
br
last-modified
Mon, 19 Jul 2021 12:21:08 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"6f16bc452a225d7da116aa4c430872f8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control
max-age=14400, s-maxage=60
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
8yzoo93N5kBrUKfgdPNs9I078VrInFmta8zQiDRzTpbt3T97A22O_g==
genericLoginLandingImage.jpg
cdn.go1static.com/assets/286421/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.go1static.com/assets/286421/genericLoginLandingImage.jpg
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac3bccfbcd032136d39aee36f697c1eb66c1cc4af09baa28942bee4a3aba4529

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 06:48:01 GMT
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
last-modified
Thu, 23 Sep 2021 06:45:07 GMT
server
AmazonS3
age
667855
etag
"c6941b0c1f4f58c75f477294b54f5ec5"
x-edge-origin-shield-skipped
0
content-type
image/jpeg
cache-control
public, max-age=31536000, immutable
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
50935
x-amz-cf-id
StVKGi4Tea4L8SUIIaV786mz7WltcO_nF9hzG8sUo8ZYYETyXYDylA==
xubta28wwcqoflrzwjh5.png
res.cloudinary.com/go1/image/upload/v1571790264/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/go1/image/upload/v1571790264/xubta28wwcqoflrzwjh5.png
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
d239dcbba06dfdefc38ce7c317c726811cfc631f429c7440011a37bba590478f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Oct 2019 00:24:25 GMT
server
Cloudinary
etag
"03b84a51595534447452feda8c73f2c3"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
fastly;dur=1;start=2021-10-05T00:18:55.064Z;desc=hit,rtt;dur=5
accept-ranges
bytes
timing-allow-origin
*
content-length
59175
VictorSerif-Semibold.woff2
cdn.go1static.com/assets/fonts/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/fonts/VictorSerif-Semibold.woff2
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02dae5fc49b107da7de92298c91676975a4ad0ec747b52ac36a1350c3b3ad45f

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
vary
Origin
age
95
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
34376
last-modified
Thu, 04 Feb 2021 04:43:40 GMT
server
AmazonS3
etag
"602b1f09488351b0e51ac6fc205a25d0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
AzuECFdQKuhMF-4xs_4arGNSh-TReWW62MtWOoA933rX3K1-yIjlig==
Obelisc-Medium.woff2
cdn.go1static.com/assets/286421/fonts/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/fonts/Obelisc-Medium.woff2
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf6d13362c787118de9d3326b3d9944e713ac727f47c35cb40f30c0f1a6c2ed1

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
vary
Origin
age
95
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
33895
last-modified
Thu, 23 Sep 2021 06:45:07 GMT
server
AmazonS3
etag
"84532156a6965e0c1bf5d069c50bf48c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
cCJY6fakH41NqjiXGu203LAWTuHnONLIJXDw3WWmxSKw6Qb0j9M_aQ==
Obelisc-Regular.woff2
cdn.go1static.com/assets/286421/fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/fonts/Obelisc-Regular.woff2
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aeedc9cce8e89120543fc419ef463f619946d9a3f45b33cdf1dc804e13051b4a

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
vary
Origin
age
95
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
33731
last-modified
Thu, 23 Sep 2021 06:45:07 GMT
server
AmazonS3
etag
"b371e18cbf15d8a4fb6d74375eb13496"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
CtLreRNh1WaQ45Ri5vZJLWGkxIKLsLA1rMvoVMStm8ZwS2_y5T8t-w==
a18973410380.html
a18973410380.cdn.optimizely.com/client_storage/ Frame 70E7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a18973410380.cdn.optimizely.com/client_storage/a18973410380.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/19019410666.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-111.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
021d5cf7e9861b316e8e18a3c7018c8a6f69904505ea6922d4c1d829a776be17
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
a18973410380.cdn.optimizely.com
:scheme
https
:path
/client_storage/a18973410380.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/

Response headers

x-amz-id-2
kwVCuOOsrbYEAN4sC7J1JXYvhctbryYRmSKJCcAHaacyeqLDLZiE8te6W1VYIM2QzCKq7MttXDw=
x-amz-request-id
XSM3D7VWBPHXV016
x-amz-replication-status
COMPLETED
last-modified
Fri, 09 Apr 2021 03:27:05 GMT
etag
"1fd9f2d12ecdd46ec3ab8d1751f21cf0"
x-amz-server-side-encryption
AES256
x-amz-meta-pci_enabled
False
content-encoding
gzip
x-amz-version-id
M_TFeKIgKMctyGJJct4XGm.sKQr5AFuH
accept-ranges
bytes
content-type
text/html; charset=utf-8
content-length
802
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=120
date
Tue, 05 Oct 2021 00:18:55 GMT
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="104.117.200.111";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
Obelisc-Bold.woff2
cdn.go1static.com/assets/286421/fonts/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/fonts/Obelisc-Bold.woff2
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e897a2ecd8e3c46ad4da54935486f0683ae8e788953ade30913bbeaf35786d6

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:21 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
vary
Origin
age
95
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
33947
last-modified
Thu, 23 Sep 2021 06:45:07 GMT
server
AmazonS3
etag
"618fdd8773839764139461c3ce33a1d8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
YP0b2ONYXqXRDffes1_jOaepzdpY6Dd6eZQKSTFW1GiYbQ7lFOmoJQ==
8732.257e590d8f803c5870dd.js
cdn.go1static.com/assets/286421/_next/static/chunks/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.go1static.com/assets/286421/_next/static/chunks/8732.257e590d8f803c5870dd.js
Requested by
Host: cdn.go1static.com
URL: https://cdn.go1static.com/assets/286421/_next/static/chunks/webpack-68f18e667f49ef42c035.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-89.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a34cd344207fed0dac8285ee323dcefe642955bcd25ef1e862be12d15ab0558

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:17:22 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
94
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 23 Sep 2021 06:44:56 GMT
server
AmazonS3
etag
W/"578a7a9b6a05c9a3b10b1952afb259d2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, DELETE, PUT, POST
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
CKl3beku8DZ0n5flKOwagUxYvy0VRiJzgIUHg7WAjZK4892DitP9iQ==
pubff7313d72581a4e8b58cea5cc6347d9d
rum-http-intake.logs.datadoghq.com/v1/input/ 		2 B
94 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubff7313d72581a4e8b58cea5cc6347d9d?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Ak8s-prod%2Cservice%3Alearn%2Cversion%3A286421&batch_time=1633393135613
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-236.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 05 Oct 2021 00:18:56 GMT
content-length
2
content-type
application/json
upgrade-request
api.go1.co/portal/undefined/ 		29 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.go1.co/portal/undefined/upgrade-request
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7bec47c0ce55c63d904edfb0b8db911c4c6a360a09d813207b11508bd6bff7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Authorization
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:56 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-proxy-host
k8s-prod-api-v3-80
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29
x-xss-protection
1; mode=block
x-request-id
f42a5f9185dd246b0817ebbe203e8b2d
referrer-policy
strict-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-credentials
true
x-service-name
api-v3
cf-ray
699279be7de05c9e-FRA
access-control-allow-headers
Origin, DNT, X-Requested-With, x-mail, apollographql-client-name, If-Modified-Since, Cache-Control, Content-Type, Content-Range, Range, Authorization,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled
upgrade-request
api.go1.co/portal/undefined/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.go1.co/portal/undefined/upgrade-request
Protocol
H3
Server
172.67.38.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 05 Oct 2021 00:18:56 GMT
content-length
0
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-proxy-host
k8s-prod-api-v3-80
x-service-name
api-v3
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,x-mail,apollographql-client-name,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled
access-control-max-age
1728000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
699279b9c87e5c9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
features
api.go1.co/atlantis/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.go1.co/atlantis/features?anonID=1b81f901-a0bd-4e22-c0e2-366b19ac5020
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbc0986461034b9e5f132c88751a6723ee07768a247ee17cffa9b2009b2e5316
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Oct 2021 00:18:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-proxy-host
k8s-prod-api-v3-80
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
37c10d30d495ad10cd0fcd27c3835be8
referrer-policy
strict-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-credentials
true
x-service-name
api-v3
cf-ray
699279be9e065c9e-FRA
access-control-allow-headers
Origin, DNT, X-Requested-With, x-mail, apollographql-client-name, If-Modified-Since, Cache-Control, Content-Type, Content-Range, Range, Authorization,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled
features
api.go1.co/atlantis/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.go1.co/atlantis/features?anonID=1b81f901-a0bd-4e22-c0e2-366b19ac5020
Protocol
H3
Server
172.67.38.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 05 Oct 2021 00:18:56 GMT
content-length
0
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-proxy-host
k8s-prod-api-v3-80
x-service-name
api-v3
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,x-mail,apollographql-client-name,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled
access-control-max-age
1728000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
699279b9f8bd5c9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
analytics.min.js
cdn.segment.com/analytics.js/v1/dPkT2BoQWlhZYyL0wqVlLr4siUIYz5ux/ 		86 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/dPkT2BoQWlhZYyL0wqVlLr4siUIYz5ux/analytics.min.js
Requested by
Host: dthtien-security-eh-staging.lms.staging.ehrocks.com
URL: https://dthtien-security-eh-staging.lms.staging.ehrocks.com/p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-80.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a53e594ce84f7bfeec437bd2a28a5c700c6c1284c7e2e8aa864aba5ef93b05e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
hwQpnD8QxhVuVwdIrMquUywq9ZXwexpd
content-encoding
br
etag
W/"0f125e8eda42931c9656b5673ac245cf"
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Sat, 18 Sep 2021 03:46:25 GMT
server
AmazonS3
date
Tue, 05 Oct 2021 00:18:56 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
2ipq-oLP53OIPvD-ht7F75LEzVPDpLDmWp8ttBqigimhwOKEwX6xYw==
events
logx.optimizely.com/v1/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.235.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-235-182.compute-1.amazonaws.com
Software
nginx/1.17.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Oct 2021 00:18:56 GMT
Server
nginx/1.17.2
Content-Type
text/plain
Access-Control-Allow-Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
3aa6047b-92f3-4367-af3c-dd91296ed314
settings
cdn.segment.com/v1/projects/dPkT2BoQWlhZYyL0wqVlLr4siUIYz5ux/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/dPkT2BoQWlhZYyL0wqVlLr4siUIYz5ux/settings
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-80.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13693b23d322a5f57bb281b4b64d265307e9b94ab30620375b4f0df6ffdd8ca6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
.GT6r0jBOpzJUP1XUZs2EZ8mBVjSzn5A
content-encoding
br
etag
W/"457d595e808da5b9db952645b635b043"
age
7286
x-edge-origin-shield-skipped
0
x-amz-replication-status
COMPLETED
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 24 Sep 2021 05:34:29 GMT
server
AmazonS3
date
Mon, 04 Oct 2021 22:17:31 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
cache-control
public, max-age=10800
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
mVfW1EYBow5IwqSiFipaUsFSaSs_D4i-SyauTkxir89t7WFhMdSZMw==
130.bundle.4658d09930a38c10c8b6.js
cdn.segment.com/analytics-next/bundles/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/130.bundle.4658d09930a38c10c8b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dPkT2BoQWlhZYyL0wqVlLr4siUIYz5ux/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-80.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ad1c920d36b3551a4184b5497087355e89ba42a35a7f5185cd0f65cdc26ccfa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 21:17:50 GMT
content-encoding
gzip
vary
Accept-Encoding
age
4244467
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Mon, 16 Aug 2021 21:09:22 GMT
server
AmazonS3
etag
W/"1b09f8230210d186ae274e7f5668f933"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
EyGtog2ZHhgOh9wPkdYgzAWMYYDki75T
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
7YGRxDNyRQoQrAPHyVYptPW8wH_o0hNLtOSzwEC0oDJR22hF31XcKA==
ajs-destination.bundle.5c4dc5a893f01d22d9bb.js
cdn.segment.com/analytics-next/bundles/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.5c4dc5a893f01d22d9bb.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dPkT2BoQWlhZYyL0wqVlLr4siUIYz5ux/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-80.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01f42218fd8653a91a8b43c6684e9bbfad81618ed359e5b5154b181f85120865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:39:17 GMT
content-encoding
br
vary
Accept-Encoding
age
5895580
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Wed, 28 Jul 2021 18:38:18 GMT
server
AmazonS3
etag
W/"0a20d76fd1575156dd469cfd0cb00105"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
I_0vE2YjpvkkCUx2ynE.qqOV6La2W8Jb
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
a8r5WR3-j9Bxs3d8NJVPf6IsgMU5z1RO-0PN1qXRlCwoO4Y9_EVtoA==
google-tag-manager.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dPkT2BoQWlhZYyL0wqVlLr4siUIYz5ux/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-80.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b13a1a4e8af2d311b90f19a03c492a5bb951f43d82e5ba22b07e0ffa7db6d937

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 12:12:58 GMT
content-encoding
gzip
age
1512358
x-cache
Hit from cloudfront
content-length
1346
access-control-allow-origin
*
last-modified
Thu, 26 Aug 2021 21:35:46 GMT
server
AmazonS3
etag
"639f3175da01a07819bb89783e598341"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
RIkj5sa1RVLk.tW.Hc0b8itIHd8TXvVm
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
DYjHpz9TCmeUDDEF5tmzZNjS5AtVV6cUJnZxfRf1u9Bf71teLgo86w==
fullstory.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/fullstory/3.0.1/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/fullstory/3.0.1/fullstory.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dPkT2BoQWlhZYyL0wqVlLr4siUIYz5ux/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-80.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
077732a965147aadde68c7394a706dc4eff31a834919ebd61d820874a306db48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 23:18:49 GMT
content-encoding
gzip
age
7520408
x-cache
Hit from cloudfront
content-length
2143
access-control-allow-origin
*
last-modified
Fri, 09 Jul 2021 19:25:22 GMT
server
AmazonS3
etag
"30e9dc1491a6cadac516d0b9fb2b7c53"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
IbXqyix2.qlMLxG4dKfIBvIl8uOFL_xT
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
O8y_vKaCgvELDLLT3vZ567BN2tD6r860FqIuUcBC8xTPBSRXd-uPoA==
adwords.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/adwords/2.5.3/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/adwords/2.5.3/adwords.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dPkT2BoQWlhZYyL0wqVlLr4siUIYz5ux/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-80.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c29a52c564bef2d326c8723396c01258f2d4ed22b85af4c5de81de5ee18180ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 08:29:23 GMT
content-encoding
gzip
age
5500174
x-cache
Hit from cloudfront
content-length
1356
access-control-allow-origin
*
last-modified
Thu, 15 Jul 2021 17:39:16 GMT
server
AmazonS3
etag
"fd94a496d6261d96c2a0a8a3d4f1d858"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
QOQ6Y2PAsQ6jWbRiTeUM9PBNnuQvXv4X
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
QtCrFnKHcWQAKCNPhlxCEDFonwqUgOZshFDTwu109e93sBZhx0rIsw==
intercom.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/intercom/3.0.2/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/intercom/3.0.2/intercom.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dPkT2BoQWlhZYyL0wqVlLr4siUIYz5ux/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-80.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a17b3d634996c62ec9a55dd5454e275e3be14a15a9e1ea2e41e05d387cbdff2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 17:10:51 GMT
content-encoding
gzip
age
6419286
x-cache
Hit from cloudfront
content-length
1856
access-control-allow-origin
*
last-modified
Thu, 15 Jul 2021 17:39:17 GMT
server
AmazonS3
etag
"d7c8d885f6475b3c492aeade28edfba3"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
nHczySTU9frAnhriaV02Z0JjTktyF.AJ
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Z30s5yvb7prv6TyeOA7cIP8xUGD4gHlTyBGkelJrvoUp9_DCJP_yaw==
commons.3495c86769f191d6894f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dPkT2BoQWlhZYyL0wqVlLr4siUIYz5ux/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-80.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b5e884ac6bca471440d62a21038e1b0342c4bc6e840388256b5f4137c2e666e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 07:50:32 GMT
content-encoding
gzip
age
2219304
x-cache
Hit from cloudfront
content-length
22175
access-control-allow-origin
*
last-modified
Thu, 26 Aug 2021 21:35:44 GMT
server
AmazonS3
etag
"97bdd3686696ee0e0f60bfaaa6b5693b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
ycGBqmRQJe7ubt596zlSYLfgMdBxARsQ
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
IovYWFv8H5nIWP2MJwPdPNC1dFuT0NCccRRkLtB1a5UbfDD65e7nDQ==
commons.dddbd6a06577f22e5c7f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.dddbd6a06577f22e5c7f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dPkT2BoQWlhZYyL0wqVlLr4siUIYz5ux/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-80.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ad7b91941f455bd1260b2d44ab9de7b3cfc1fff40fb56c4798afef02d8d012e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 15:25:01 GMT
content-encoding
gzip
age
5043236
x-cache
Hit from cloudfront
content-length
22055
access-control-allow-origin
*
last-modified
Mon, 02 Aug 2021 21:35:35 GMT
server
AmazonS3
etag
"a58c4402066684684bff5837e7b5fe12"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
zkm5nKHdYX074QnkKX8hTl4BnbVqYwQ1
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
I7PVoma5EgIM3Xp5n_3fzruSLFyeatXnKF4604Ek1vM0eAZcWKWGUQ==
gtm.js
www.googletagmanager.com/ 		187 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TRN25C9&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
71506c9480ca95cfe74e88dcec840a836de448f71f9231b74c6e3b479e4273fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65590
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Oct 2021 00:18:56 GMT
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/aa7s04yh
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-104.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb4a05459bf7f52c03bea93300c643ad6acf2d6d9d5d90afb2d2f34bd4cf3de6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:14:46 GMT
content-encoding
gzip
age
251
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
6075
last-modified
Mon, 04 Oct 2021 14:34:27 GMT
server
AmazonS3
etag
"fca15fffd07583b7b288d163eee39d2a"
content-type
application/javascript; charset=UTF-8
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
2sGsYYD6z6OVzWIH3ncXgTeJVWmoGq8tAE9v7M8ywyl7rNRDh0_TnQ==

Redirect headers

date
Tue, 14 Sep 2021 15:39:55 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
server
AmazonS3
age
1759142
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA2-C1
content-length
0
x-amz-cf-id
G-R_7UPRJE_jNDbGTwIMdPCIi1QWYfI8auJisL8jnEEWJHOqcqaJYA==
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.dddbd6a06577f22e5c7f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e92c1c99f4eb4964fd77bc9bd3e7e116391389a9247ea045c398d9176120d28d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14415
x-xss-protection
0
server
cafe
etag
8532164750609382341
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 00:18:56 GMT
fs.js
edge.fullstory.com/s/ 		210 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.dddbd6a06577f22e5c7f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9456718fc26c849fed63242644edd3e100b5eec82089d8eac271efe6614db6c6

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 23:46:51 GMT
content-encoding
gzip
age
1925
x-guploader-uploadid
ADPycdsz_qZqhPLnm1qMNqR3agkPop1022IpchbXuNXMZMrd-5UA-8G-49tVADiL_Zk-GPn_VCtOaAbUeQt4oiabHwHezk2X7A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
64528
last-modified
Thu, 30 Sep 2021 15:15:29 GMT
server
UploadServer
etag
"4292511c0df57722d38e68642d069012"
x-goog-hash
crc32c=Yrzbyw==, md5=QpJRHA31dyLTjmhkLQaQEg==
x-goog-generation
1633014929798356
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
64528
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 05 Oct 2021 00:46:51 GMT
page
rs.fullstory.com/rec/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
a04872610b6ef0082021c35fb101cb8223517e89f3960aa132cca0b1b14ebd9b

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Oct 2021 00:18:56 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
access-control-allow-credentials
true
alt-svc
clear
content-length
1559
via
1.1 google
frame-modern.89acc342.js
js.intercomcdn.com/ Frame BD55 		268 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.89acc342.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/aa7s04yh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-104.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
feb220fd3a00c0b70050ec421ecd81bd6341f6753cd7af64ca6926c9cd73b97c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 22:34:37 GMT
content-encoding
gzip
age
6260
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
73282
last-modified
Mon, 04 Oct 2021 14:26:36 GMT
server
AmazonS3
etag
"80b05e7dc0bc653ba66edb4658feb9bb"
content-type
application/javascript; charset=UTF-8
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
QiE7mESkQR6Y5z3YqGlhNOzIQ3saghS99Hyj5_OlNlJQNLNsth1lhA==
vendor-modern.3475694a.js
js.intercomcdn.com/ Frame BD55 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.3475694a.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/aa7s04yh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-104.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbc1003c0374158c72edb87607c6145c249a201bfd9d0aa8d71a48e190f5848c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 23:37:50 GMT
content-encoding
gzip
age
2467
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
38687
last-modified
Fri, 01 Oct 2021 13:29:21 GMT
server
AmazonS3
etag
"722332125b0386fcf2c2519efe40dc8f"
content-type
application/javascript; charset=UTF-8
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
Tam7CIfE6fIhHGkJkOJIhPkGw7-S1BmEuFOTsVTEFtDO-j2NH6GKWw==
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRN25C9&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e92c1c99f4eb4964fd77bc9bd3e7e116391389a9247ea045c398d9176120d28d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14415
x-xss-protection
0
server
cafe
etag
8532164750609382341
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 00:18:56 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRN25C9&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5519
date
Mon, 04 Oct 2021 22:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 05 Oct 2021 00:46:57 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1391843811&t=pageview&_s=1&dl=https%3A%2F%2Fdthtien-security-eh-staging.lms.staging.ehrocks.com%2Flogin&ul=en-us&de=UTF-8&dt=Log%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1768558657&gjid=1544106446&cid=961021515.1633393136&tid=UA-25779687-9&_gid=441220612.1633393136&_r=1&gtm=2wga40TRN25C9&cd6=2021-10-05T00%3A18%3A56.217%2B00%3A00&cd7=763f41f9-0484-4121-9106-cb87a4ce7d8a&cd8=961021515.1633393136&z=1515724438
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 00:18:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/695192977/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/695192977/?random=1633393136278&cv=9&fst=1633393136278&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga40&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdthtien-security-eh-staging.lms.staging.ehrocks.com%2Flogin&ref=https%3A%2F%2Fdthtien-security-eh-staging.lms.staging.ehrocks.com%2Fp%2F&tiba=Log%20in&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
4729cbfb784f397c81aecb98ca64da37e22218cdec673dc07d32d079070a7f0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 00:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1032
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-25779687-9&cid=961021515.1633393136&jid=1768558657&gjid=1544106446&_gid=441220612.1633393136&_u=YEBAAEAAAAAAAC~&z=1343412426
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 05 Oct 2021 00:18:56 GMT
content-type
text/plain
access-control-allow-origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/695192977/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/695192977/?random=1633393136278&cv=9&fst=1633392000000&num=1&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga40&sendb=1&frm=0&url=https%3A%2F%2Fdthtien-security-eh-staging.lms.staging.ehrocks.com%2Flogin&ref=https%3A%2F%2Fdthtien-security-eh-staging.lms.staging.ehrocks.com%2Fp%2F&tiba=Log%20in&async=1&fmt=3&is_vtc=1&random=2559636539&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 00:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-25779687-9&cid=961021515.1633393136&jid=1768558657&_u=YEBAAEAAAAAAAC~&z=605697360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 00:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubff7313d72581a4e8b58cea5cc6347d9d
rum-http-intake.logs.datadoghq.com/v1/input/ 		2 B
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubff7313d72581a4e8b58cea5cc6347d9d?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Ak8s-prod%2Cservice%3Alearn%2Cversion%3A286421&batch_time=1633393136366
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-236.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 05 Oct 2021 00:18:56 GMT
content-length
2
content-type
application/json
integrations
rs.fullstory.com/rec/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/integrations?OrgId=A6GD9
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
144c197a0f73f09b0ee6e66453281801dea44aa0db90c1e9e6f1294dd05a4d28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:18:56 GMT
via
1.1 google
alt-svc
clear
content-type
text/javascript; charset=utf-8
bundle
rs.fullstory.com/rec/ 		29 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=A6GD9&UserId=5154377611452416&SessionId=5766637144875008&PageId=4574796479307776&Seq=1&PageStart=1633393136273&PrevBundleTime=0&LastActivity=306&IsNewSession=true
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
5f5de684b57b8e4988ebb4c64639258140cf64d38576476f1237ee3d97c4244b

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
date
Tue, 05 Oct 2021 00:18:56 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
29
content-type
application/json; charset=utf-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1391843811&t=event&ni=1&_s=2&dl=https%3A%2F%2Fdthtien-security-eh-staging.lms.staging.ehrocks.com%2Flogin&ul=en-us&de=UTF-8&dt=Log%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=FullStory&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=961021515.1633393136&tid=UA-25779687-9&_gid=441220612.1633393136&gtm=2wga40TRN25C9&cd6=2021-10-05T00%3A18%3A56.217%2B00%3A00&cd7=763f41f9-0484-4121-9106-cb87a4ce7d8a&cd8=961021515.1633393136&cd2=https%3A%2F%2Fapp.fullstory.com%2Fui%2FA6GD9%2Fsession%2F5154377611452416%253A5766637144875008&z=1103348355
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 17:53:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23119
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
v1
beam.go1.co/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beam.go1.co/v1
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Oct 2021 00:18:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-proxy-host
k8s-prod-quest-80
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-origin
*
access-control-allow-credentials
true
x-service-name
quest
cf-ray
699279c6cff65c9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
v1
beam.go1.co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://beam.go1.co/v1
Protocol
H2
Server
172.67.38.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 05 Oct 2021 00:18:57 GMT
content-length
0
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-proxy-host
k8s-prod-quest-80
x-service-name
quest
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,x-mail,apollographql-client-name,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled
access-control-max-age
1728000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
699279c22b83694c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
events
logx.optimizely.com/v1/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.235.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-235-182.compute-1.amazonaws.com
Software
nginx/1.17.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dthtien-security-eh-staging.lms.staging.ehrocks.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Oct 2021 00:18:57 GMT
Server
nginx/1.17.2
Content-Type
text/plain
Access-Control-Allow-Origin
https://dthtien-security-eh-staging.lms.staging.ehrocks.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
ec2a1791-7c6e-44f7-98ad-4d84afed9508

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.go1.co
URL
https://api.go1.co/portal/dthtien-security-eh-staging.lms.staging.ehrocks.com

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster function| _ object| optimizely object| utils object| h object| e function| p object| houston object| beam object| DD_RUM function| addSegmentScript function| jwtDecode object| analytics object| webpackChunk_N_E function| setImmediate function| clearImmediate object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E object| __SECRET_EMOTION__ object| __NEXT_REDUX_STORE__ object| __BUILD_MANIFEST object| __SSG_MANIFEST object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| AnalyticsNext object| google-tag-managerDeps function| google-tag-managerLoader object| intercomDeps function| intercomLoader object| adwordsDeps function| adwordsLoader object| fullstoryDeps function| fullstoryLoader object| webpackJsonp_name_Integration function| google-tag-managerIntegration object| dataLayer function| intercomIntegration function| Intercom function| adwordsIntegration function| fullstoryIntegration boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS string| _fs_loaded function| _fs_shutdown function| __intercomAssignLocation function| GooglemKTybQhCsO function| google_trackConversion object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| addCourseID object| gaplugins object| gaGlobal object| gaData function| _ga_originalSendHitTask object| GooglebQhCsO

8 Cookies

Domain/Path Name / Value
.ehrocks.com/ Name: optimizelyEndUserId
Value: oeu1633393134995r0.8952487118643309
dthtien-security-eh-staging.lms.staging.ehrocks.com/ Name: _dd_s
Value: rum=1&id=e8f2ac93-f417-4538-95ec-ef6df85717ea&created=1633393135187&expire=1633394035187
.ehrocks.com/ Name: _gcl_au
Value: 1.1.1352524634.1633393136
.ehrocks.com/ Name: _ga
Value: GA1.2.961021515.1633393136
.ehrocks.com/ Name: _gid
Value: GA1.2.441220612.1633393136
.ehrocks.com/ Name: _gat_UA-25779687-9
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ehrocks.com/ Name: fs_uid
Value: rs.fullstory.com#A6GD9#5154377611452416:5766637144875008/1664929136

1 Console Messages

Source Level URL
Text
network error URL: https://api.go1.co/portal/undefined/upgrade-request
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a18973410380.cdn.optimizely.com
api.go1.co
apiomui-cdn.s3-ap-southeast-2.amazonaws.com
beam.go1.co
cdn.go1static.com
cdn.optimizely.com
cdn.segment.com
dthtien-security-eh-staging.lms.staging.ehrocks.com
edge.fullstory.com
fonts.googleapis.com
googleads.g.doubleclick.net
js.intercomcdn.com
js.stripe.com
logx.optimizely.com
res.cloudinary.com
rs.fullstory.com
rum-http-intake.logs.datadoghq.com
stats.g.doubleclick.net
widget.intercom.io
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
api.go1.co
104.117.200.111
104.75.88.161
13.224.193.29
13.224.197.80
13.225.79.159
13.225.87.104
13.225.87.89
142.250.184.202
142.250.185.174
142.250.185.194
142.250.186.68
142.250.74.200
151.101.192.176
151.101.65.137
172.67.38.240
173.194.76.154
3.233.145.236
35.186.194.58
35.201.112.186
52.55.235.182
52.64.165.235
52.95.132.178
01f42218fd8653a91a8b43c6684e9bbfad81618ed359e5b5154b181f85120865
021d5cf7e9861b316e8e18a3c7018c8a6f69904505ea6922d4c1d829a776be17
02dae5fc49b107da7de92298c91676975a4ad0ec747b52ac36a1350c3b3ad45f
077732a965147aadde68c7394a706dc4eff31a834919ebd61d820874a306db48
13693b23d322a5f57bb281b4b64d265307e9b94ab30620375b4f0df6ffdd8ca6
144c197a0f73f09b0ee6e66453281801dea44aa0db90c1e9e6f1294dd05a4d28
149a99c380f39e2948696407eb87d4446aadd3c5304114ec3d923cb6fec55e4f
1eb8ba111096ea65ff3ccc30a2585a64aaf768052c6145c7a55be0d107b09bd5
2ad1c920d36b3551a4184b5497087355e89ba42a35a7f5185cd0f65cdc26ccfa
31c9c2f7397762386f1bac3bd92c61173539c862af22572d468d8cd0a02b90ac
3703ea257abc0d9a966c9e650e2197eeade008242482f88a82f205aa1dd9cee9
37c4113bdf0a5d1fd277efc67494a3a14b148b00bfa9cd2cf49b860d1763cd28
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4729cbfb784f397c81aecb98ca64da37e22218cdec673dc07d32d079070a7f0d
54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c
5ad7b91941f455bd1260b2d44ab9de7b3cfc1fff40fb56c4798afef02d8d012e
5f5de684b57b8e4988ebb4c64639258140cf64d38576476f1237ee3d97c4244b
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
631c046c759935a69164d19aec4561700d3cad250b9cd63fe20619eef1611e48
650a851f8c5ff87f54fbe1d97572d9aef19f2cdb6bea53bf0525e608641b6d0f
65fec8d71f58bbd6e3f77b54c2f591536b80995b83f68535d42c19f335f8d439
67716e01132b5510d641d458f88ff615f121633f74a56c94245922064006928c
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
71506c9480ca95cfe74e88dcec840a836de448f71f9231b74c6e3b479e4273fe
7387c600796d62e175936804efc4bd6247163298b72161d0d75c171e15995cf4
7987f845a0aa9e6e7ce63ea1f851de9806f1a36fb981a9f8f86054ff7a74ed5e
7b5e884ac6bca471440d62a21038e1b0342c4bc6e840388256b5f4137c2e666e
7e6275440eb0965c1b116db1f1bd1b5f24c84b35953159d42d479daa0da28975
7e897a2ecd8e3c46ad4da54935486f0683ae8e788953ade30913bbeaf35786d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
868149563fc322f9249607083aeb1761320923c96a482443d189e1460e40ee30
8c7bec47c0ce55c63d904edfb0b8db911c4c6a360a09d813207b11508bd6bff7
9456718fc26c849fed63242644edd3e100b5eec82089d8eac271efe6614db6c6
9a34cd344207fed0dac8285ee323dcefe642955bcd25ef1e862be12d15ab0558
9a53e594ce84f7bfeec437bd2a28a5c700c6c1284c7e2e8aa864aba5ef93b05e
a04872610b6ef0082021c35fb101cb8223517e89f3960aa132cca0b1b14ebd9b
a0f831be9ee5da767fe9a4f425a53e843fef1d73bf52cb48becb6644ec7b73dc
a17b3d634996c62ec9a55dd5454e275e3be14a15a9e1ea2e41e05d387cbdff2b
a3e859b8149a06247853276aa0b4c79c4f3d0d63e91baf88bf96b76fbfc1b492
a4e0aa1417bfcfc6c943de95cf48cb63bb02d21a17703c9b4d5eba8d82036859
a4e76bde03f3c6a594b258aefd3bfa21c7c9ba53d8f7740a58eb11d678702728
ac3bccfbcd032136d39aee36f697c1eb66c1cc4af09baa28942bee4a3aba4529
aeedc9cce8e89120543fc419ef463f619946d9a3f45b33cdf1dc804e13051b4a
b13a1a4e8af2d311b90f19a03c492a5bb951f43d82e5ba22b07e0ffa7db6d937
b1a7e8f918aec14bfe08201933eb75a4a16e3af7bf9a5f46372960d0a3238ef9
ba9cfe588096d06f816146318bbafd628857d47fab9acbda2fba76b2f00ee8cc
bbc1003c0374158c72edb87607c6145c249a201bfd9d0aa8d71a48e190f5848c
bf6d13362c787118de9d3326b3d9944e713ac727f47c35cb40f30c0f1a6c2ed1
c072f33e888ba1edc850eba1bfb5c72570e7b4055ac44a170313665106e1ca2a
c29a52c564bef2d326c8723396c01258f2d4ed22b85af4c5de81de5ee18180ae
c310f64dab7b2ad934adedac85f2ef4fd5fa94c88762b7dd7718ff0ad3433f9b
cb3499424aee31d34c3764350846a4d9127c561d2dd1370d751c264cd38e12b0
cb3f0e92e55dddb04b802ea6f8f2baeca41141fac77713c6419eec480f6d51bf
cbc0986461034b9e5f132c88751a6723ee07768a247ee17cffa9b2009b2e5316
d239dcbba06dfdefc38ce7c317c726811cfc631f429c7440011a37bba590478f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e019356912d02d7105849ab04db07af4a76ea8f903efe3cb2c471f776b37bbd2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f1e78fa3b0d15c2eb240848f87f51894379dbf1f4a0e33353ec24cd246ccba
e92c1c99f4eb4964fd77bc9bd3e7e116391389a9247ea045c398d9176120d28d
eb4a05459bf7f52c03bea93300c643ad6acf2d6d9d5d90afb2d2f34bd4cf3de6
ebebc89183e45e668c53997f99b97da5d691d60ee6da09fe48eb476d17f4148d
ef137a272003a3b8870248e9c01706e393b05fbb725373f93730fd26ad6ca06a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f9f69b4d51d36c76dced31c51da67c7206e3687d489b11ca41fe4e6b406515
fbd13ab60d13b718306f63c343d4298e8c37e4dab975843ffe3390300ee54739
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
feb220fd3a00c0b70050ec421ecd81bd6341f6753cd7af64ca6926c9cd73b97c