urlscan.io logo urlscan.io
SecurityTrails logo

go.exterro.com Open in urlscan Pro
35.174.78.146  Public Scan

Go To Rescan Add Verdict Report
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Submission: On April 06 via manual from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 34 HTTP transactions. The main IP is 35.174.78.146, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is go.exterro.com.
TLS certificate: Issued by R3 on March 12th 2022. Valid for: 3 months.
This is the only time go.exterro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 35.174.78.146 14618 (AMAZON-AES)
6 35.203.130.16 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.232.39 16509 (AMAZON-02)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 20.62.48.180 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 52.142.114.2 8075 (MICROSOFT...)
34 14
6    35.174.78.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-5-ue1.aws.pardot.com
go.exterro.com
pi.pardot.com
6    35.203.130.16 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.130.203.35.bc.googleusercontent.com
slxcloud.app
3    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
fonts.googleapis.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.222.232.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-39.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
5    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2156:3a00:d:7e9b:1200:93a1 (United States)

ASN16509 (AMAZON-02, US)
storage.pardot.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e.clarity.ms
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
Apex Domain
Subdomains		 Transfer
6 slxcloud.app
slxcloud.app
28 KB
5 clarity.ms
e.clarity.ms — Cisco Umbrella Rank: 2079
c.clarity.ms — Cisco Umbrella Rank: 644
24 KB
5 gstatic.com
fonts.gstatic.com
159 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 390
c.bing.com — Cisco Umbrella Rank: 230
13 KB
4 exterro.com
go.exterro.com
113 KB
3 pardot.com
storage.pardot.com — Cisco Umbrella Rank: 10739
pi.pardot.com — Cisco Umbrella Rank: 4281
9 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 280
fonts.googleapis.com — Cisco Umbrella Rank: 45
8 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5640
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 7
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
441 B
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
38 KB
34 13
Domain Requested by
6 slxcloud.app go.exterro.com
5 fonts.gstatic.com fonts.googleapis.com
4 go.exterro.com 1 redirects go.exterro.com
3 e.clarity.ms bat.bing.com
e.clarity.ms
3 bat.bing.com go.exterro.com
bat.bing.com
2 c.clarity.ms 1 redirects
2 pi.pardot.com go.exterro.com
pi.pardot.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com go.exterro.com
ajax.googleapis.com
1 c.bing.com 1 redirects
1 www.google.de go.exterro.com
1 www.google.com go.exterro.com
1 stats.g.doubleclick.net www.google-analytics.com
1 storage.pardot.com go.exterro.com
1 d3e54v103j8qbb.cloudfront.net go.exterro.com
1 www.googletagmanager.com go.exterro.com
1 ajax.googleapis.com go.exterro.com
34 17

This site contains links to these domains. Also see Links.

Domain
www.exterro.com
exterro.com
Subject Issuer Validity Valid
go.exterro.com
R3		 2022-03-12 -
2022-06-10		 3 months crt.sh
slxcloud.app
R3		 2022-02-04 -
2022-05-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-08 -
2022-11-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Frame ID: 80526C53C5AFB25A93E992F9F33273E9
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FTK Imager 4.7

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

94 %
HTTPS

64 %
IPv6

13
Domains

17
Subdomains

14
IPs

4
Countries

443 kB
Transfer

1017 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://go.exterro.com/l/43312/2021-09-13/f5zf96/43312/1631575616RfhHcWt9/FTK_Icon.png HTTP 302
  • https://storage.pardot.com/43312/1631575616RfhHcWt9/FTK_Icon.png
Request Chain 29
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=E5CF26E4ABB14C18A32D1FC1A743901D&RedC=c.clarity.ms&MXFR=21231A37350463A013640B4931046D4B HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=E5CF26E4ABB14C18A32D1FC1A743901D&MUID=3DCCD59F753C6FE423F7C4E174EE6ED9

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request f6h1s3
go.exterro.com/l/43312/2022-01-21/ 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
f87c38388a985e284ab99569bec31692d09c47d73be793dd1b73f6eec20903e8

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Server
PardotServer
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
X-Pardot-Route
07c6fec365d81c66b16ef70448a47c0a
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
5102
content-type
text/html; charset=utf-8
date
Wed, 06 Apr 2022 21:04:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma
no-cache
vary
Accept-Encoding,User-Agent
x-pardot-rsp
0/0/1
normalize.css
slxcloud.app/Exterro/2021/pexco-exterro-dev-for-ppc-v2/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://slxcloud.app/Exterro/2021/pexco-exterro-dev-for-ppc-v2/css/normalize.css
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.130.16 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.130.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 21:04:46 GMT
content-encoding
br
last-modified
Tue, 04 May 2021 16:32:34 GMT
server
nginx
etag
W/"60917722-1e5c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
components.css
slxcloud.app/Exterro/2021/pexco-exterro-dev-for-ppc-v2/css/ 		38 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://slxcloud.app/Exterro/2021/pexco-exterro-dev-for-ppc-v2/css/components.css
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.130.16 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.130.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7deeee24b8c80bcca6c1c3ba09aaf3811aa99f88028732f2fce9e31e83a435f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 21:04:46 GMT
content-encoding
br
last-modified
Tue, 04 May 2021 16:32:34 GMT
server
nginx
etag
W/"60917722-988f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
pexco-exterro-dev-for-ppc-v2.css
slxcloud.app/Exterro/2021/pexco-exterro-dev-for-ppc-v2/css/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://slxcloud.app/Exterro/2021/pexco-exterro-dev-for-ppc-v2/css/pexco-exterro-dev-for-ppc-v2.css
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.130.16 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.130.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e4a8464486f1edf4c06144a4f546a359e1c8f35fb026503286d2dceb715ebddd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 21:04:46 GMT
content-encoding
br
last-modified
Tue, 04 May 2021 16:32:34 GMT
server
nginx
etag
W/"60917722-2e11"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 09:27:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 09:27:23 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-483048-1
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
077e8dbabb1020b7155eb59af49c62e32c9327b9a3d5fc423d97dd4daea87372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 21:04:46 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38036
x-xss-protection
0
expires
Wed, 06 Apr 2022 21:04:46 GMT
form.css
go.exterro.com/css/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.exterro.com/css/form.css?ver=2021-09-20
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
6dbd1967a8963d2eead020be31031ed12df79148acfea8cb787fa1358d5b4559

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/l/43312/2022-01-21/f6h1s3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 21:04:45 GMT
content-encoding
gzip
X-Pardot-Route
07c6fec365d81c66b16ef70448a47c0a
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
last-modified
Wed, 06 Apr 2022 18:30:21 GMT
Server
PardotServer
etag
"7be2-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=63072000
accept-ranges
bytes
content-length
7660
expires
Fri, 05 Apr 2024 21:04:45 GMT
piUtils.js
go.exterro.com/js/ 		341 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.exterro.com/js/piUtils.js?ver=2021-09-20
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
732a85650cf73f86d42d3b89bf9139c2f1bd66db55555c4778ebf4e78e8a0dce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/l/43312/2022-01-21/f6h1s3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 21:04:45 GMT
content-encoding
gzip
X-Pardot-Route
07c6fec365d81c66b16ef70448a47c0a
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
last-modified
Wed, 06 Apr 2022 18:30:22 GMT
Server
PardotServer
etag
"555a1-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=63072000
transfer-encoding
chunked
accept-ranges
bytes
expires
Fri, 05 Apr 2024 21:04:45 GMT
css2
fonts.googleapis.com/ 		3 KB
975 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f66148dc233f0daa687991bdba0fa92c5d759531d9e2c87aecde8c537e7dcf84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 21:00:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Apr 2022 21:04:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Apr 2022 21:04:45 GMT
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=609173306272003b65ba4c3a
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://go.exterro.com/
Origin
https://go.exterro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 04:15:42 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
60545
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
1AdD9mt63U15CpMvITS2Ymt-oqSxXL9lM4hyvZOA4a3M13aYMHi9Nw==
pexco-exterro-dev-for-ppc-v2.js
slxcloud.app/Exterro/2021/pexco-exterro-dev-for-ppc-v2/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slxcloud.app/Exterro/2021/pexco-exterro-dev-for-ppc-v2/js/pexco-exterro-dev-for-ppc-v2.js
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.130.16 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.130.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
40fe00bbcbba91d3e61e445f59b4bf433d29b5a77f8b6aabc7e8b9e399b58b0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 21:04:46 GMT
content-encoding
br
last-modified
Tue, 04 May 2021 16:32:34 GMT
server
nginx
etag
W/"60917722-7e02"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		26 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
53bff42130f5bff8f3a92e259f20357ad8b46271cb9daa75a9485d401aeaa77f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 20:14:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Apr 2022 21:04:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Apr 2022 21:04:46 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DC4DF61E39854D778FD29B8038AA938B Ref B: FRAEDGE1209 Ref C: 2022-04-06T21:04:46Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Wed, 06 Apr 2022 21:04:46 GMT
accept-ranges
bytes
content-length
11333
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.exterro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:31:18 GMT
x-content-type-options
nosniff
age
5608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:18:07 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 19:31:18 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.exterro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:31:18 GMT
x-content-type-options
nosniff
age
5608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:21:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 19:31:18 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.exterro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:30:55 GMT
x-content-type-options
nosniff
age
5631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 19:30:55 GMT
FTK_Icon.png
storage.pardot.com/43312/1631575616RfhHcWt9/
Redirect Chain
  • https://go.exterro.com/l/43312/2021-09-13/f5zf96/43312/1631575616RfhHcWt9/FTK_Icon.png
  • https://storage.pardot.com/43312/1631575616RfhHcWt9/FTK_Icon.png
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.pardot.com/43312/1631575616RfhHcWt9/FTK_Icon.png
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Server
2600:9000:2156:3a00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d76f14854dc1b6f9192f9a8714360e7ea3ca3805bd2f593724ad218b44ccd66a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 04:15:46 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
last-modified
Mon, 13 Sep 2021 23:26:57 GMT
server
AmazonS3
age
60542
etag
"40cd00af517ee025e9669ef12e035263"
x-cache
Hit from cloudfront
content-type
image/png; charset=binary
x-amz-replication-status
COMPLETED
content-length
5100
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-version-id
sR880bEdNeqe8B136MH1uX6TvkqeFv4O
x-amz-cf-id
gpSeLxfZxx6ybuNAMjxhLnI9nDALS0KB_FFSFjtDYiRPnLZJCpPQqw==

Redirect headers

date
Wed, 06 Apr 2022 21:04:46 GMT
content-encoding
gzip
X-Pardot-Route
07c6fec365d81c66b16ef70448a47c0a
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
Server
PardotServer
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
location
https://storage.pardot.com/43312/1631575616RfhHcWt9/FTK_Icon.png
cache-control
max-age=600
x-robots-tag
none
content-length
140
expires
Wed, 06 Apr 2022 21:14:47 GMT
Orange-Bullet-point.png
slxcloud.app/Exterro/2021/pexco-exterro-cpra-2/images/ 		169 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slxcloud.app/Exterro/2021/pexco-exterro-cpra-2/images/Orange-Bullet-point.png
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.130.16 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.130.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
03120f824dc0790875245ffe8f35bd270ce22c53a231b132cab15cc74dc1f691

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 21:04:46 GMT
last-modified
Mon, 19 Apr 2021 18:03:48 GMT
server
nginx
etag
"607dc604-a9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
169
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.exterro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 22:45:30 GMT
x-content-type-options
nosniff
age
80356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 22:45:30 GMT
logo.svg
slxcloud.app/Exterro/2021/pexco-exterro-dev-for-ppc-v2/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slxcloud.app/Exterro/2021/pexco-exterro-dev-for-ppc-v2/images/logo.svg
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.130.16 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.130.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
de86b2f9401381cc1031e83549a7c35024f349ea562324b0b486888bd8f6edbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 21:04:47 GMT
content-encoding
br
last-modified
Tue, 04 May 2021 16:32:34 GMT
server
nginx
etag
W/"60917722-a52"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v28/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.exterro.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 22:46:00 GMT
x-content-type-options
nosniff
age
80326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47836
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:01:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 22:46:00 GMT
5933011.js
bat.bing.com/p/action/ 		844 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5933011.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b2994ae1ae0a17ae10cc02b1bd07b09afda9d3f0d4c04467055e3677e96f54d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6EAB9FC6BAC4443C84E8FD783E48CDFB Ref B: FRAEDGE1209 Ref C: 2022-04-06T21:04:46Z
date
Wed, 06 Apr 2022 21:04:46 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
666
0
bat.bing.com/action/ 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5933011&Ver=2&mid=c356b00b-37f9-4484-9f83-232b4def7917&sid=3043bc50b5ed11ecaa34c752e93233ff&vid=3043d6e0b5ed11ecb994e192039a9304&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=FTK%20Imager%204.7&p=https%3A%2F%2Fgo.exterro.com%2Fl%2F43312%2F2022-01-21%2Ff6h1s3&r=&lt=1755&evt=pageLoad&msclkid=N&sv=1&rn=515813
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AA153A30ABFC4E589053623667817F87 Ref B: FRAEDGE1209 Ref C: 2022-04-06T21:04:46Z
date
Wed, 06 Apr 2022 21:04:46 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-483048-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5397
date
Wed, 06 Apr 2022 19:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 06 Apr 2022 21:34:50 GMT
clarity.js
e.clarity.ms/s/0.6.34/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/s/0.6.34/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5933011.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 21:04:47 GMT
content-encoding
br
etag
"1d84959b978c254"
last-modified
Wed, 06 Apr 2022 01:57:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1860664708&t=pageview&_s=1&dl=https%3A%2F%2Fgo.exterro.com%2Fl%2F43312%2F2022-01-21%2Ff6h1s3&ul=en-us&de=UTF-8&dt=FTK%20Imager%204.7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=164860497&gjid=2013812030&cid=1799325040.1649279087&tid=UA-483048-1&_gid=1200899409.1649279087&_r=1&gtm=2ou3u0&z=260612775
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://go.exterro.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Apr 2022 21:04:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.exterro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-483048-1&cid=1799325040.1649279087&jid=164860497&gjid=2013812030&_gid=1200899409.1649279087&_u=YEBAAUAAAAAAAC~&z=407304403
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://go.exterro.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 06 Apr 2022 21:04:47 GMT
content-type
text/plain
access-control-allow-origin
https://go.exterro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-483048-1&cid=1799325040.1649279087&jid=164860497&_u=YEBAAUAAAAAAAC~&z=383369197
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Apr 2022 21:04:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-483048-1&cid=1799325040.1649279087&jid=164860497&_u=YEBAAUAAAAAAAC~&z=383369197
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Apr 2022 21:04:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: go.exterro.com
URL: https://go.exterro.com/l/43312/2022-01-21/f6h1s3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 21:04:47 GMT
content-encoding
gzip
X-Pardot-Route
8f46b7608980401223b1d0300f1fdf0e
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
last-modified
Wed, 06 Apr 2022 18:30:22 GMT
Server
PardotServer
etag
"1547-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=63072000
accept-ranges
bytes
content-length
1950
expires
Fri, 05 Apr 2024 21:04:47 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=E5CF26E4ABB14C18A32D1FC1A743901D&RedC=c.clarity.ms&MXFR=21231A37350463A013640B4931046D4B
  • https://c.clarity.ms/c.gif?CtsSyncId=E5CF26E4ABB14C18A32D1FC1A743901D&MUID=3DCCD59F753C6FE423F7C4E174EE6ED9
42 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=E5CF26E4ABB14C18A32D1FC1A743901D&MUID=3DCCD59F753C6FE423F7C4E174EE6ED9
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Apr 2022 21:04:46 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 06 Apr 2022 21:04:47 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EA854FAAB1844C4298A61E5821765C87 Ref B: FRAEDGE1209 Ref C: 2022-04-06T21:04:47Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=E5CF26E4ABB14C18A32D1FC1A743901D&MUID=3DCCD59F753C6FE423F7C4E174EE6ED9
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
e.clarity.ms/ 		0
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://go.exterro.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://go.exterro.com
date
Wed, 06 Apr 2022 21:04:47 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
analytics
pi.pardot.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=127718&account_id=44312&title=FTK%20Imager%204.7&url=https%3A%2F%2Fgo.exterro.com%2Fl%2F43312%2F2022-01-21%2Ff6h1s3&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
95db225f421305e87eca432fce237eb087f6355d8e29b8f7bb4e21b8c62bcb16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.exterro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Apr 2022 21:04:48 GMT
content-encoding
gzip
X-Pardot-Route
403edde838d926b2f64a33ea88db7473
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
x-pardot-rsp
0/0/1
vary
Accept-Encoding,User-Agent
p3p
CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
715
Server
PardotServer
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
e.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://go.exterro.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://go.exterro.com
date
Wed, 06 Apr 2022 21:04:48 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| WebFont function| gtag object| dataLayer object| uetq object| pardot object| piAjax object| piUtils function| $ function| jQuery string| piAId string| piCId string| piHostname object| anchors object| anchor function| tram object| Webflow object| google_tag_manager function| UET function| UET_init function| UET_push object| ueto_39b3043bf9 object| google_tag_data string| GoogleAnalyticsObject function| ga function| clarity object| gaplugins object| gaGlobal object| gaData function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piEnableTracking function| piDisableTracking function| piResponse

12 Cookies

Domain/Path Name / Value
.bing.com/ Name: MUID
Value: 3DCCD59F753C6FE423F7C4E174EE6ED9
.exterro.com/ Name: _uetsid
Value: 3043bc50b5ed11ecaa34c752e93233ff
.exterro.com/ Name: _uetvid
Value: 3043d6e0b5ed11ecb994e192039a9304
.exterro.com/ Name: _ga
Value: GA1.2.1799325040.1649279087
.exterro.com/ Name: _gid
Value: GA1.2.1200899409.1649279087
.exterro.com/ Name: _gat_gtag_UA_483048_1
Value: 1
.exterro.com/ Name: _clck
Value: 1nn13kz|1|f0e|0
.c.bing.com/ Name: SRM_B
Value: 3DCCD59F753C6FE423F7C4E174EE6ED9
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3DCCD59F753C6FE423F7C4E174EE6ED9
.c.clarity.ms/ Name: ANONCHK
Value: 0
.exterro.com/ Name: _clsk
Value: g2cgel|1649279087144|1|1|e.clarity.ms/collect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bat.bing.com
c.bing.com
c.clarity.ms
d3e54v103j8qbb.cloudfront.net
e.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
go.exterro.com
pi.pardot.com
slxcloud.app
stats.g.doubleclick.net
storage.pardot.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
20.62.48.180
2600:9000:2156:3a00:d:7e9b:1200:93a1
2620:1ec:c11::200
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2008
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2003
2a00:1450:400c:c08::9d
35.174.78.146
35.203.130.16
52.142.114.2
52.222.232.39
03120f824dc0790875245ffe8f35bd270ce22c53a231b132cab15cc74dc1f691
077e8dbabb1020b7155eb59af49c62e32c9327b9a3d5fc423d97dd4daea87372
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
40fe00bbcbba91d3e61e445f59b4bf433d29b5a77f8b6aabc7e8b9e399b58b0a
53bff42130f5bff8f3a92e259f20357ad8b46271cb9daa75a9485d401aeaa77f
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
6dbd1967a8963d2eead020be31031ed12df79148acfea8cb787fa1358d5b4559
732a85650cf73f86d42d3b89bf9139c2f1bd66db55555c4778ebf4e78e8a0dce
7deeee24b8c80bcca6c1c3ba09aaf3811aa99f88028732f2fce9e31e83a435f6
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95db225f421305e87eca432fce237eb087f6355d8e29b8f7bb4e21b8c62bcb16
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b2994ae1ae0a17ae10cc02b1bd07b09afda9d3f0d4c04467055e3677e96f54d4
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d76f14854dc1b6f9192f9a8714360e7ea3ca3805bd2f593724ad218b44ccd66a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de86b2f9401381cc1031e83549a7c35024f349ea562324b0b486888bd8f6edbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a8464486f1edf4c06144a4f546a359e1c8f35fb026503286d2dceb715ebddd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f66148dc233f0daa687991bdba0fa92c5d759531d9e2c87aecde8c537e7dcf84
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f87c38388a985e284ab99569bec31692d09c47d73be793dd1b73f6eec20903e8