www3.corelight.com Open in urlscan Pro
35.174.150.168  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.0	200 OK	Primary Request Cookie set 984591857 Show response www3.corelight.com/emailPreference/epc/420832/t9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8/64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f/	10 KB 4 KB	709ms 403ms	Document text/html	35.174.150.168 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www3.corelight.com/emailPreference/epc/420832/t9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8/64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f/984591857 Protocol HTTP/1.0 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS pi0-lba1-3-ue1.aws.pardot.com Software PardotServer / Resource Hash 9ffa67a788b880a835f0b8aee81f1f47939fb81b902f0dddee87214cad8786e4 Request headers Host www3.corelight.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Tue, 05 Oct 2021 21:35:27 GMT Set-Cookie pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 visitor_id420832=743193675; expires=Fri, 03-Oct-2031 21:35:27 GMT; Max-Age=315360000; path=/; secure; SameSite=None visitor_id420832-hash=3219b3ce7fee20141bd98c8f3f43669d45aa2e869e7aaf7223d148900ea91ad4a411a4bbdd85f25e8b40c930e98a7cd62e392453; expires=Fri, 03-Oct-2031 21:35:27 GMT; Max-Age=315360000; path=/; secure; SameSite=None Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache X-Pardot-Rsp 16/127/185 P3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml" X-Robots-Tag nofollow, noindex Referrer-Policy no-referrer Vary Accept-Encoding,User-Agent Content-Encoding gzip Content-Length 3060 Content-Type text/html; charset=utf-8 X-Pardot-Route cb482e8713caadba289bc279c1db8a1d Server PardotServer X-Pardot-LB a083ac6fc1531fb089982e922db67d20 Connection keep-alive
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	118 KB 20 KB	112ms 65ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: www3.corelight.com URL: https://www3.corelight.com/emailPreference/epc/420832/t9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8/64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f/984591857 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Origin https://www3.corelight.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 05 Oct 2021 21:35:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 632, 617, 617, 617 access-control-allow-origin * cdn-cachedat 2021-06-08 21:21:23 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:03:59 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid a3feb87e27d6cd8330d348160a4c398b cf-ray 6999c7a4db5e0f4e-MXP cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	59ms 24ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,500,700 Requested by Host: www3.corelight.com URL: https://www3.corelight.com/emailPreference/epc/420832/t9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8/64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f/984591857 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 74f4c461fd6bb13ac7c52dba42c007621718e4a33d5dff82bed14ee43ce8239c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 05 Oct 2021 21:07:27 GMT server ESF date Tue, 05 Oct 2021 21:35:27 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Tue, 05 Oct 2021 21:35:27 GMT
GET H/1.1	200 OK	form.css www3.corelight.com/css/	31 KB 8 KB	102ms 101ms	Stylesheet text/css	35.174.150.168 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www3.corelight.com/css/form.css?ver=2021-09-20 Requested by Host: www3.corelight.com URL: https://www3.corelight.com/emailPreference/epc/420832/t9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8/64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f/984591857 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS pi0-lba1-3-ue1.aws.pardot.com Software PardotServer / Resource Hash 6dbd1967a8963d2eead020be31031ed12df79148acfea8cb787fa1358d5b4559 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www3.corelight.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Cookie visitor_id420832=743193675; visitor_id420832-hash=3219b3ce7fee20141bd98c8f3f43669d45aa2e869e7aaf7223d148900ea91ad4a411a4bbdd85f25e8b40c930e98a7cd62e392453 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 05 Oct 2021 21:35:27 GMT Content-Encoding gzip X-Pardot-Route cb482e8713caadba289bc279c1db8a1d X-Pardot-LB a083ac6fc1531fb089982e922db67d20 Last-Modified Tue, 05 Oct 2021 05:15:11 GMT Server PardotServer ETag "7be2-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Cache-Control max-age=63072000 Accept-Ranges bytes Content-Length 7660 Expires Thu, 05 Oct 2023 21:35:27 GMT
GET H2	200	logo_corelight.jpg storage.pardot.com/420832/135174/	56 KB 57 KB	61ms 14ms	Image image/jpeg	2600:9000:223d:9200:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/420832/135174/logo_corelight.jpg Requested by Host: www3.corelight.com URL: https://www3.corelight.com/emailPreference/epc/420832/t9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8/64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f/984591857 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:9200:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cc5ad44c07776c89226a7507a06a7f7636f745b58a875ba9111bb42fbf5aa53b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 05 Oct 2021 19:18:51 GMT via 1.1 e94c77a12a65a84cbcef7856ed7e0fb9.cloudfront.net (CloudFront) last-modified Mon, 11 Dec 2017 14:42:41 GMT server AmazonS3 age 8197 etag "2a74d977f6c3b728dc200441c897d2ce" x-cache Hit from cloudfront x-amz-version-id null x-amz-cf-pop FRA56-P3 accept-ranges bytes content-type image/jpeg; charset=binary content-length 57595 x-amz-cf-id GYMBq7iyvQQ-VZXgIjQU_peo_Qsvowfxdw6U7wBsy43v3TH-uhpGBg==
GET H/1.1	200 OK	required.gif www3.corelight.com/images/	186 B 560 B	102ms 102ms	Image image/gif	35.174.150.168 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www3.corelight.com/images/required.gif Requested by Host: www3.corelight.com URL: https://www3.corelight.com/css/form.css?ver=2021-09-20 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS pi0-lba1-3-ue1.aws.pardot.com Software PardotServer / Resource Hash 79badf235e92fe69d052a2df85ddd8d5ea24e2378ea8c46d920f51f286a229d8 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www3.corelight.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://www3.corelight.com/css/form.css?ver=2021-09-20 Cookie visitor_id420832=743193675; visitor_id420832-hash=3219b3ce7fee20141bd98c8f3f43669d45aa2e869e7aaf7223d148900ea91ad4a411a4bbdd85f25e8b40c930e98a7cd62e392453 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www3.corelight.com/css/form.css?ver=2021-09-20 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 05 Oct 2021 21:35:27 GMT X-Pardot-Route cb482e8713caadba289bc279c1db8a1d X-Pardot-LB a083ac6fc1531fb089982e922db67d20 Last-Modified Tue, 05 Oct 2021 05:15:11 GMT Server PardotServer ETag "ba" Content-Type image/gif Cache-Control max-age=63072000 Accept-Ranges bytes Content-Length 186 Expires Thu, 05 Oct 2023 21:35:27 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v26/	44 KB 44 KB	50ms 14ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www3.corelight.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 30 Sep 2021 17:04:31 GMT x-content-type-options nosniff age 448256 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44760 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:17 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 30 Sep 2022 17:04:31 GMT
GET H/1.1	200 OK	pd.js Show response pi.pardot.com/	5 KB 2 KB	432ms 105ms	Script application/javascript	18.232.28.189 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pi.pardot.com/pd.js Requested by Host: www3.corelight.com URL: https://www3.corelight.com/emailPreference/epc/420832/t9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8/64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f/984591857 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS pi0-lba1-6-ue1.aws.pardot.com Software PardotServer / Resource Hash d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 05 Oct 2021 21:35:28 GMT Content-Encoding gzip X-Pardot-Route 4587f66dff94d6e76a668284fbf3dba1 X-Pardot-LB e95a292e477f6214c8e77c2cf881a7d3 Last-Modified Tue, 05 Oct 2021 05:15:11 GMT Server PardotServer ETag "1547-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=63072000 Accept-Ranges bytes Content-Length 1950 Expires Thu, 05 Oct 2023 21:35:28 GMT
GET H/1.0	200 OK	analytics Show response pi.pardot.com/	1 KB 2 KB	396ms 396ms	Script text/javascript	18.232.28.189 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pi.pardot.com/analytics?ver=3&visitor_id=743193675&visitor_id_sign=3219b3ce7fee20141bd98c8f3f43669d45aa2e869e7aaf7223d148900ea91ad4a411a4bbdd85f25e8b40c930e98a7cd62e392453&pi_opt_in=&campaign_id=45959&account_id=421832&title=Email%20Preference%20Center&url=https%3A%2F%2Fwww3.corelight.com%2FemailPreference%2Fepc%2F420832%2Ft9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8%2F64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f%2F984591857&referrer= Requested by Host: pi.pardot.com URL: https://pi.pardot.com/pd.js Protocol HTTP/1.0 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS pi0-lba1-6-ue1.aws.pardot.com Software PardotServer / Resource Hash fa71d85e25ee8de223a2a299ef01e4a933019b5ed736ef61b465b4ed8bd154a4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Tue, 05 Oct 2021 21:35:28 GMT Content-Encoding gzip X-Pardot-Route d5a18e4517a9c8ba62b77de366a4cdb5 X-Pardot-LB e95a292e477f6214c8e77c2cf881a7d3 X-Pardot-Rsp 16/40/82 Vary Accept-Encoding,User-Agent Strict-Transport-Security max-age=31536000; includeSubDomains P3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml" Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Type text/javascript; charset=utf-8 Content-Length 553 Server PardotServer Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.0	200 OK	Cookie set analytics Show response www3.corelight.com/	50 B 1 KB	189ms 188ms	Script text/javascript	35.174.150.168 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www3.corelight.com/analytics?conly=true&visitor_id=743193675&visitor_id_sign=3219b3ce7fee20141bd98c8f3f43669d45aa2e869e7aaf7223d148900ea91ad4a411a4bbdd85f25e8b40c930e98a7cd62e392453&pi_opt_in=&campaign_id=45959&account_id=421832&title=Email%20Preference%20Center&url=https%3A%2F%2Fwww3.corelight.com%2FemailPreference%2Fepc%2F420832%2Ft9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8%2F64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f%2F984591857&referrer= Requested by Host: pi.pardot.com URL: https://pi.pardot.com/analytics?ver=3&visitor_id=743193675&visitor_id_sign=3219b3ce7fee20141bd98c8f3f43669d45aa2e869e7aaf7223d148900ea91ad4a411a4bbdd85f25e8b40c930e98a7cd62e392453&pi_opt_in=&campaign_id=45959&account_id=421832&title=Email%20Preference%20Center&url=https%3A%2F%2Fwww3.corelight.com%2FemailPreference%2Fepc%2F420832%2Ft9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8%2F64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f%2F984591857&referrer= Protocol HTTP/1.0 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS pi0-lba1-3-ue1.aws.pardot.com Software PardotServer / Resource Hash dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www3.corelight.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Cookie visitor_id420832=743193675; visitor_id420832-hash=3219b3ce7fee20141bd98c8f3f43669d45aa2e869e7aaf7223d148900ea91ad4a411a4bbdd85f25e8b40c930e98a7cd62e392453 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Tue, 05 Oct 2021 21:35:28 GMT X-Pardot-Route d5a18e4517a9c8ba62b77de366a4cdb5 X-Pardot-LB a083ac6fc1531fb089982e922db67d20 X-Pardot-Rsp 17/7/8 Vary User-Agent P3p CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml" Set-Cookie pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 visitor_id420832=743193675; expires=Fri, 03-Oct-2031 21:35:28 GMT; Max-Age=315360000; path=/; secure; SameSite=None visitor_id420832-hash=3219b3ce7fee20141bd98c8f3f43669d45aa2e869e7aaf7223d148900ea91ad4a411a4bbdd85f25e8b40c930e98a7cd62e392453; expires=Fri, 03-Oct-2031 21:35:28 GMT; Max-Age=315360000; path=/; secure; SameSite=None Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Type text/javascript; charset=utf-8 Content-Length 50 Server PardotServer Expires Thu, 19 Nov 1981 08:52:00 GMT

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster string| piAId string| piCId string| piHostname object| anchors object| anchor function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start number| c_end string| property function| piResponse

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www3.corelight.com/	1970-01-23 13:20:29	Name: visitor_id420832 Value: 743193675
			www3.corelight.com/	1970-01-23 13:20:29	Name: visitor_id420832-hash Value: 3219b3ce7fee20141bd98c8f3f43669d45aa2e869e7aaf7223d148900ea91ad4a411a4bbdd85f25e8b40c930e98a7cd62e392453
			.pardot.com/	1970-01-23 13:20:29	Name: visitor_id420832 Value: 743193675
			.pardot.com/	1970-01-23 13:20:29	Name: visitor_id420832-hash Value: 3219b3ce7fee20141bd98c8f3f43669d45aa2e869e7aaf7223d148900ea91ad4a411a4bbdd85f25e8b40c930e98a7cd62e392453
			pi.pardot.com/	1970-01-19 21:44:31	Name: lpv420832 Value: aHR0cHM6Ly93d3czLmNvcmVsaWdodC5jb20vZW1haWxQcmVmZXJlbmNlL2VwYy80MjA4MzIvdDltazFGZzZoVUhJSVpqZlJPMzFNYk9FR1c4eWUyd0lzdjlxcEtVeU9iOC82NDUyN2IyMTAwOTEwMDhiZjY3ZDc5NzY1MTExOGFiMjE2NGQ0MWY0M2VlNmZjZmU0NTFhY2I0ZWQzNDMyMjVmLzk4NDU5MTg1Nw%3D%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www3.corelight.com/emailPreference/epc/420832/t9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8/64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f/984591857(Line 1) Message: Mixed Content: The page at 'https://www3.corelight.com/emailPreference/epc/420832/t9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8/64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f/984591857' was loaded over HTTPS, but requested an insecure element 'http://storage.pardot.com/420832/135174/logo_corelight.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www3.corelight.com/emailPreference/epc/420832/t9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8/64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f/984591857 Message: Mixed Content: The page at 'https://www3.corelight.com/emailPreference/epc/420832/t9mk1Fg6hUHIIZjfRO31MbOEGW8ye2wIsv9qpKUyOb8/64527b210091008bf67d797651118ab2164d41f43ee6fcfe451acb4ed343225f/984591857' was loaded over HTTPS, but requested an insecure element 'http://storage.pardot.com/420832/135174/logo_corelight.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
pi.pardot.com
storage.pardot.com
www3.corelight.com
18.232.28.189
2600:9000:223d:9200:d:7e9b:1200:93a1
2606:4700::6812:acf
2a00:1450:4001:801::2003
2a00:1450:4001:809::200a
35.174.150.168
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
6dbd1967a8963d2eead020be31031ed12df79148acfea8cb787fa1358d5b4559
74f4c461fd6bb13ac7c52dba42c007621718e4a33d5dff82bed14ee43ce8239c
79badf235e92fe69d052a2df85ddd8d5ea24e2378ea8c46d920f51f286a229d8
9ffa67a788b880a835f0b8aee81f1f47939fb81b902f0dddee87214cad8786e4
cc5ad44c07776c89226a7507a06a7f7636f745b58a875ba9111bb42fbf5aa53b
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fa71d85e25ee8de223a2a299ef01e4a933019b5ed736ef61b465b4ed8bd154a4