go.proofpoint.com Open in urlscan Pro
104.17.71.206 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Submission: On September 16 via api (September 16th 2020, 6:02:17 pm UTC) from US

Summary HTTP 74 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 34 domains to perform 74 HTTP transactions. The main IP is 104.17.71.206, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.proofpoint.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2020. Valid for: a year.

This is the only time go.proofpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:e980:107... 2a02:e980:107::cf	19551 (INCAPSULA) (INCAPSULA)
6	104.111.250.210 104.111.250.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:10c... 2a02:26f0:10c:58e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
3	143.204.201.40 143.204.201.40	16509 (AMAZON-02) (AMAZON-02)
2 3	34.240.2.137 34.240.2.137	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6812:1bbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	23.210.248.216 23.210.248.216	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
15 18	63.32.63.32 63.32.63.32	16509 (AMAZON-02) (AMAZON-02)
1	143.204.94.67 143.204.94.67	16509 (AMAZON-02) (AMAZON-02)
2 2	52.210.50.2 52.210.50.2	16509 (AMAZON-02) (AMAZON-02)
1 2	99.84.144.107 99.84.144.107	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 2	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	52.57.124.49 52.57.124.49	16509 (AMAZON-02) (AMAZON-02)
1 2	18.158.112.40 18.158.112.40	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
74	36

16 104.17.71.206 (United States)

ASN13335 (CLOUDFLARENET, US)

go.proofpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:e980:107::cf (United States)

ASN19551 (INCAPSULA, US)

www.proofpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.250.210 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-250-210.deploy.static.akamaitechnologies.com

templates.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:58e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.201.40 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-40.fra53.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.240.2.137 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-2-137.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:1bbe (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.210.248.216 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-216.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.166 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

4788165.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

309-rhv-619.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 63.32.63.32 (Dublin, Ireland) 15 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-63-32.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.67 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-67.fra50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.50.2 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-50-2.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.144.107 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-107.txl52.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.47.23 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.164 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.124.49 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.112.40 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.53 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	adroll.com 15 redirects s.adroll.com d.adroll.com	29 KB
17	proofpoint.com go.proofpoint.com www.proofpoint.com	622 KB
6	marketo.net templates.marketo.net munchkin.marketo.net	52 KB
5	g2crowd.com tracking.g2crowd.com	2 KB
4	doubleclick.net 2 redirects 4788165.fls.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
4	google-analytics.com www.google-analytics.com	18 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com ads.yahoo.com	2 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	demandbase.com scripts.demandbase.com tag.demandbase.com	131 KB
2	openx.net 1 redirects us-u.openx.net	479 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1004 B
2	3lift.com 1 redirects eb2.3lift.com	739 B
2	outbrain.com 1 redirects sync.outbrain.com	832 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	816 B
2	facebook.net connect.facebook.net	166 KB
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	avct.cloud 1 redirects ads.avct.cloud	733 B
2	licdn.com snap.licdn.com	3 KB
2	bing.com bat.bing.com	8 KB
1	facebook.com www.facebook.com	265 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	taboola.com sync.taboola.com	219 B
1	pubmatic.com simage2.pubmatic.com	1010 B
1	rubiconproject.com pixel.rubiconproject.com	798 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	google.de www.google.de	106 B
1	google.com www.google.com	106 B
1	mktoresp.com 309-rhv-619.mktoresp.com	311 B
1	avocet.io 1 redirects ads.avocet.io	140 B
1	googletagmanager.com www.googletagmanager.com	60 KB
1	googleapis.com ajax.googleapis.com	32 KB
74	34

	Domain	Requested by
17	d.adroll.com	14 redirects go.proofpoint.com
16	go.proofpoint.com	go.proofpoint.com
6	s.adroll.com	1 redirects www.googletagmanager.com go.proofpoint.com s.adroll.com d.adroll.com
5	tracking.g2crowd.com	go.proofpoint.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com go.proofpoint.com
4	templates.marketo.net	go.proofpoint.com
2	us-u.openx.net	1 redirects go.proofpoint.com
2	ib.adnxs.com	1 redirects go.proofpoint.com
2	x.bidswitch.net	1 redirects go.proofpoint.com
2	eb2.3lift.com	1 redirects go.proofpoint.com
2	sync.outbrain.com	1 redirects go.proofpoint.com
2	dsum-sec.casalemedia.com	1 redirects go.proofpoint.com
2	ups.analytics.yahoo.com	1 redirects go.proofpoint.com
2	pixel.advertising.com	2 redirects
2	connect.facebook.net	d.adroll.com connect.facebook.net
2	segments.company-target.com	1 redirects go.proofpoint.com
2	match.prod.bidr.io	2 redirects
2	px.ads.linkedin.com	1 redirects go.proofpoint.com
2	4788165.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	ads.avct.cloud	1 redirects go.proofpoint.com
2	scripts.demandbase.com	go.proofpoint.com tag.demandbase.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	bat.bing.com	www.googletagmanager.com go.proofpoint.com
2	munchkin.marketo.net	go.proofpoint.com munchkin.marketo.net
1	www.facebook.com	go.proofpoint.com
1	cm.g.doubleclick.net	1 redirects
1	idsync.rlcdn.com	go.proofpoint.com
1	sync.taboola.com	go.proofpoint.com
1	ads.yahoo.com	1 redirects
1	simage2.pubmatic.com	go.proofpoint.com
1	pixel.rubiconproject.com	go.proofpoint.com
1	tag.demandbase.com	scripts.demandbase.com
1	api.company-target.com	scripts.demandbase.com
1	d.adroll.mgr.consensu.org	1 redirects
1	www.google.de	go.proofpoint.com
1	www.google.com	go.proofpoint.com
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	309-rhv-619.mktoresp.com	munchkin.marketo.net
1	ads.avocet.io	1 redirects
1	www.googletagmanager.com	go.proofpoint.com
1	ajax.googleapis.com	go.proofpoint.com
1	www.proofpoint.com	go.proofpoint.com
74	43

This site contains links to these domains. Also see Links.

Domain
www.isc2.org
www.proofpoint.com

Subject Issuer	Validity	Valid
go.proofpoint.com Cloudflare Inc ECC CA-3	`2020-07-08` - `2021-07-08`	a year	crt.sh
proofpoint.com Sectigo RSA Organization Validation Secure Server CA	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.demandbase.com Go Daddy Secure Certificate Authority - G2	`2018-09-20` - `2020-11-19`	2 years	crt.sh
*.avct.cloud Let's Encrypt Authority X3	`2020-08-19` - `2020-11-17`	3 months	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2020-08-30` - `2021-09-28`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
www.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-05-27` - `2020-11-23`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-08-11` - `2021-12-31`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Frame ID: 4426EC8AEA8B47663074CC2C4F01E79E
Requests: 73 HTTP requests in this frame

Frame: https://4788165.fls.doubleclick.net/activityi;dc_pre=CM6q6YKh7usCFVfluwgdXoELPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2965047237431.3843
Frame ID: E461728F0F71F07911637F659E91D8EA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

74
Requests

97 %
HTTPS

40 %
IPv6

34
Domains

43
Subdomains

36
IPs

7
Countries

1125 kB
Transfer

2490 kB
Size

15
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.isc2.org/
Title: www.isc2.org

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://go.proofpoint.com/rs/309-RHV-619/images/Tungsten-Semibold.woff2?170 HTTP 0
http://www.proofpoint.com/404

Request Chain 19

https://go.proofpoint.com/rs/309-RHV-619/images/Tungsten-Medium.woff2 HTTP 0
http://www.proofpoint.com/404

Request Chain 26

https://ads.avocet.io/s?add=5aba5f53ab79f7f51390a95a&ty=j HTTP 301
https://ads.avct.cloud/s?r=1&add=5aba5f53ab79f7f51390a95a&ty=j HTTP 302
https://ads.avct.cloud/s?bounce=true&r=1&add=5aba5f53ab79f7f51390a95a&ty=j

Request Chain 34

https://4788165.fls.doubleclick.net/activityi;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2965047237431.3843 HTTP 302
https://4788165.fls.doubleclick.net/activityi;dc_pre=CM6q6YKh7usCFVfluwgdXoELPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2965047237431.3843

Request Chain 42

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63883&url=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&time=1600279319040 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D63883%26url%3Dhttps%253A%252F%252Fgo.proofpoint.com%252FHappyHourwiththeFBIAZNVSep21.html%253Frbn%253DFMS%26time%3D1600279319040%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63883&url=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&time=1600279319040&liSync=true

Request Chain 45

https://s.adroll.com/j/exp/7YJ7XZCLMRHSVCXIHB5HIT/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 47

https://d.adroll.mgr.consensu.org/consent/iabcheck/7YJ7XZCLMRHSVCXIHB5HIT?_s=17465df51210b7d2106ce802f4e72f89&_b=2 HTTP 302
https://d.adroll.com/consent/check/7YJ7XZCLMRHSVCXIHB5HIT/?_s=17465df51210b7d2106ce802f4e72f89&_b=2

Request Chain 49

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAM4HE6-xKYAAA93fqI0Rw HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAM4HE6-xKYAAA93fqI0Rw&verifyHash=718a6abca6e6238df21f8a4b474d3e9886899c6e

Request Chain 54

https://d.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&pv=80502678151.83046&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js

Request Chain 58

https://d.adroll.com/cm/aol/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPb75bfe65-f846-11ea-a10c-0601f76731d6 HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPb75bfe65-f846-11ea-a10c-0601f76731d6&verify=true

Request Chain 59

https://d.adroll.com/cm/index/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&expiration=1631815319 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&expiration=1631815319&C=1

Request Chain 60

https://d.adroll.com/cm/n/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&expires=365

Request Chain 61

https://d.adroll.com/cm/outbrain/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&rdrctExp=true

Request Chain 62

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 63

https://d.adroll.com/cm/r/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 64

https://d.adroll.com/cm/taboola/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M

Request Chain 65

https://d.adroll.com/cm/triplelift/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 66

https://d.adroll.com/cm/b/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M

Request Chain 67

https://d.adroll.com/cm/x/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M

Request Chain 68

https://d.adroll.com/cm/l/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=339889e1e055b0a53fba6d3d6fb0b33c

Request Chain 69

https://d.adroll.com/cm/o/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=339889e1e055b0a53fba6d3d6fb0b33c HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=339889e1e055b0a53fba6d3d6fb0b33c

Request Chain 70

https://d.adroll.com/cm/g/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=M5iJ4eBVsKU_um09b7CzPA HTTP 302
https://d.adroll.com/cm/g/in

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request HappyHourwiththeFBIAZNVSep21.html Show response
go.proofpoint.com/ 68 KB
17 KB 541ms
480ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf5e6c5d3b0558a58481395e5f66adf4c0374c0ecf8f0cb5cf940d827239120c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: go.proofpoint.com
:scheme: https
:path: /HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 16 Sep 2020 18:01:58 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d1da4dc09a4a8c9ba2fd441c0843480261600279317; expires=Fri, 16-Oct-20 18:01:57 GMT; path=/; domain=.go.proofpoint.com; HttpOnly; SameSite=Lax BIGipServerabjweb-nginx-app_https=!+unUG/r0C561Hxdybf/nLIVwOTHiDoh/MsAwDjnArZVGtcuzvikecAPWK1eQhSby6s3gwhdO6KRW8Q==;Path=/;Version=1;Secure;Httponly __cf_bm=0cb0312c3e48073900392cf81bbc3211d82ef580-1600279318-1800-AW8A8u10vmqyNcFonP1eUeeHa6Go6H9sdCF4RmTCs4E0WOTqC5Y+DAiLqsl2chmoSK8nX2fkhB0hExoYRzjpKOw=; path=/; expires=Wed, 16-Sep-20 18:31:58 GMT; domain=.go.proofpoint.com; HttpOnly; Secure; SameSite=None
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
vary: *,Accept-Encoding
x-content-type-options: nosniff
x-cache-status: MISS
x-mkto-nginx-cache: true
cf-cache-status: DYNAMIC
cf-request-id: 0539ada52500002325e7b8b200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d3c7ee838082325-ZRH
content-encoding: gzip

GET
H2 200 bootstrap.css
go.proofpoint.com/rs/309-RHV-619/images/ 138 KB
21 KB 484ms
483ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/bootstrap.css

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c942686010e285633d77a24341c43850ccd6162fcc7e8281ae8a70c2921a9af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 20804
cf-request-id: 0539ada70c00002325e7bfc200000001
last-modified: Sat, 05 Sep 2020 02:16:05 GMT
server: cloudflare
etag: "203253-22936-5ae879154cdc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5d3c7eeb4d352325-ZRH
expires: Wed, 16 Sep 2020 18:02:58 GMT

GET
H2 404 8900ADB2AEB1A51D6.css
www.proofpoint.com/sites/all/themes/proofpoint/fonts/691814/ 0
0 279ms
278ms Stylesheet
text/html 2a02:e980:107::cf
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/all/themes/proofpoint/fonts/691814/8900ADB2AEB1A51D6.css
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:107::cf , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK ie10-viewport-bug-workaround.js Show response
templates.marketo.net/template1/js/ 694 B
982 B 121ms
40ms Script
application/x-javascript 104.111.250.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://templates.marketo.net/template1/js/ie10-viewport-bug-workaround.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.210 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 18:01:58 GMT
Last-Modified: Thu, 28 May 2015 00:15:45 GMT
Server: AkamaiNetStorage
ETag: "b5a0dd7ce1f7c1c6b80b5abe13308dd2:1432772145"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 694

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197863
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Sep 2021 11:04:15 GMT

GET
H2 200 logo-reg.svg
go.proofpoint.com/rs/309-RHV-619/images/ 3 KB
1 KB 219ms
215ms Image
image/svg+xml 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/logo-reg.svg

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c858ea92bdc30e89d30d477c30228c47b19648e1539829bb2303a176f0c23dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 05 Sep 2020 02:16:08 GMT
server: cloudflare
etag: W/"143a13-b8b-5ae8791809fb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=60
cf-ray: 5d3c7eee79d22325-ZRH
cf-request-id: 0539ada90f00002325e780f200000001
expires: Wed, 16 Sep 2020 18:02:58 GMT

GET
H2 200 forms2.min.js Show response
go.proofpoint.com/js/forms2/js/ 205 KB
68 KB 45ms
45ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/js/forms2/js/forms2.min.js

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f24c51a94a931f1bdd7c3dacc9ebb3848305f5eb5a3feddf0b01227f6c778c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 26 Aug 2020 19:08:12 GMT
server: cloudflare
etag: "161b71-33237-5adcc8a7dff00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 5d3c7eed0fa72325-ZRH
cf-request-id: 0539ada82400002325e7803200000001
expires: Wed, 16 Sep 2020 22:01:58 GMT

GET
H2 200 CPE-Submitter_logo.png
go.proofpoint.com/rs/309-RHV-619/images/ 46 KB
47 KB 441ms
437ms Image
image/png 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/CPE-Submitter_logo.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2faa448c2df1c640c983d5ca3b470dc1b09ff7bb55880ef369a168ee473bbf0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 47482
cf-request-id: 0539ada90f00002325e7810200000001
last-modified: Sun, 06 Sep 2020 19:36:45 GMT
server: cloudflare
etag: "140780-b97a-5aeaa38dd5d94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5d3c7eee79d32325-ZRH
expires: Wed, 16 Sep 2020 18:02:59 GMT

GET
H2 200 FBi%20seal.png
go.proofpoint.com/rs/309-RHV-619/images/ 10 KB
10 KB 470ms
467ms Image
image/png 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/FBi%20seal.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54cf29d80419ab46480353b70eec1b626bbfbe32ef2eb93d63a96311f3f6155b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 9835
cf-request-id: 0539ada90f00002325e7811200000001
last-modified: Tue, 08 Sep 2020 13:02:32 GMT
server: cloudflare
etag: "140a14-266b-5aeccf2bf4866"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5d3c7eee79d52325-ZRH
expires: Wed, 16 Sep 2020 18:02:59 GMT

GET
H2 200 Ryan%20Kalember.jpg
go.proofpoint.com/rs/309-RHV-619/images/ 17 KB
17 KB 176ms
173ms Image
image/jpeg 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/Ryan%20Kalember.jpg

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e086c78fe810eceba34f2f4aee4770ae2df92db026a80bcb8301a8a0461f727d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:58 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 17651
cf-request-id: 0539ada90f00002325e7812200000001
last-modified: Tue, 08 Sep 2020 13:02:20 GMT
server: cloudflare
etag: "140a13-44f3-5aeccf20ac1a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5d3c7eee79d62325-ZRH
expires: Wed, 16 Sep 2020 18:02:58 GMT

GET
H2 200 section5image.jpg
go.proofpoint.com/rs/309-RHV-619/images/ 22 KB
22 KB 150ms
147ms Image
image/jpeg 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/section5image.jpg

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

613972fd318c78351f8882469823573c8f84152d7d49e5d9268522c5339ecb55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:58 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
last-modified: Sat, 05 Sep 2020 02:16:08 GMT
content-length: 22113
cf-request-id: 0539ada90f00002325e7813200000001
cf-bgj: h2pri
server: cloudflare
etag: "143a16-5661-5ae879182514d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5d3c7eee79d72325-ZRH
expires: Wed, 16 Sep 2020 18:02:58 GMT

GET
H2 200 pfpt-logo-white.png
go.proofpoint.com/rs/309-RHV-619/images/ 5 KB
5 KB 155ms
153ms Image
image/png 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/pfpt-logo-white.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2293bf3c76a601ee77824c900f7da8fcbc3668d65d664a9c523ae7815cc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:58 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 4695
cf-request-id: 0539ada90f00002325e7814200000001
last-modified: Sat, 05 Sep 2020 02:16:08 GMT
server: cloudflare
etag: "143a15-1257-5ae879180fd75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5d3c7eee79d82325-ZRH
expires: Wed, 16 Sep 2020 18:02:58 GMT

GET
H/1.1 200
OK jquery.min.js Show response
templates.marketo.net/template1/js/ 91 KB
32 KB 60ms
60ms Script
application/x-javascript 104.111.250.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://templates.marketo.net/template1/js/jquery.min.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.210 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3a7b608ebfa8d1dfe658bc119e6236a6aaf878a779e7c560aa11dd30881a56a

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 18:01:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 May 2015 00:15:45 GMT
Server: AkamaiNetStorage
ETag: "841dc30647f93349b7d8ef61deebe411:1432772145"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32822

GET
H/1.1 200
OK bootstrap.min.js Show response
templates.marketo.net/template1/js/ 35 KB
10 KB 45ms
45ms Script
application/x-javascript 104.111.250.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://templates.marketo.net/template1/js/bootstrap.min.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.210 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 18:01:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 May 2015 00:15:45 GMT
Server: AkamaiNetStorage
ETag: "8c237312864d2e4c4f03544cd4f9b195:1432772145"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9538

GET
H/1.1 200
OK retina-1.1.0.js Show response
templates.marketo.net/template1/js/ 4 KB
2 KB 64ms
42ms Script
application/x-javascript 104.111.250.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://templates.marketo.net/template1/js/retina-1.1.0.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.210 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 982fa97eccae21e893548687e91b35de93861805706a57fa1eab73455f9ed72f

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 18:01:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 May 2015 00:15:45 GMT
Server: AkamaiNetStorage
ETag: "345b675832f1977383da64e0f3e9c867:1432772145"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1422

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// 1 KB
1 KB 123ms
39ms Script
application/x-javascript 104.111.250.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.210 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 18:01:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 stripmkttok.js Show response
go.proofpoint.com/js/ 2 KB
810 B 48ms
43ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/js/stripmkttok.js

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 678
cf-request-id: 0539ada90f00002325e780e200000001
last-modified: Wed, 26 Aug 2020 19:08:13 GMT
server: cloudflare
etag: "2030b0-602-5adcc8a8d4140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d3c7eee79d12325-ZRH
expires: Wed, 16 Sep 2020 22:01:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 257 KB
60 KB 45ms
43ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6816773a0d4fdbd5c29599927c57d84626c26c9b01c7dff69526fb97c038ae84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61828
x-xss-protection: 0
expires: Wed, 16 Sep 2020 18:01:58 GMT

GET
H2 200 pfpt-1920x350-landingpage-HappyHr-FBI-Dsk-wForm-A.jpg
go.proofpoint.com/rs/309-RHV-619/images/ 342 KB
342 KB 258ms
257ms Image
image/jpeg 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/pfpt-1920x350-landingpage-HappyHr-FBI-Dsk-wForm-A.jpg

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1faa147f9e3af1c5d5521faab08042b21cf5e8a18e4d11b9d45320922b66ce4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 349858
cf-request-id: 0539ada91100002325e7816200000001
last-modified: Tue, 08 Sep 2020 13:02:32 GMT
server: cloudflare
etag: "140a15-556a2-5aeccf2bfdcd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5d3c7eee89db2325-ZRH
expires: Wed, 16 Sep 2020 18:02:58 GMT

GET

404
www.proofpoint.com/
Redirect Chain

https://go.proofpoint.com/rs/309-RHV-619/images/Tungsten-Semibold.woff2?170
http://www.proofpoint.com/404

0
0

GET

404
www.proofpoint.com/
Redirect Chain

https://go.proofpoint.com/rs/309-RHV-619/images/Tungsten-Medium.woff2
http://www.proofpoint.com/404

0
0

GET
H2 200 forms2.css
go.proofpoint.com/js/forms2/css/ 13 KB
3 KB 48ms
47ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/js/forms2/css/forms2.css

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 2623
cf-request-id: 0539ada94f00002325e781a200000001
last-modified: Wed, 26 Aug 2020 19:08:12 GMT
server: cloudflare
etag: "302300-3437-5adcc8a7dff00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d3c7eeeea692325-ZRH
expires: Wed, 16 Sep 2020 22:01:58 GMT

GET
H2 200 forms2-theme-simple.css
go.proofpoint.com/js/forms2/css/ 826 B
351 B 40ms
40ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 242
cf-request-id: 0539ada94f00002325e781b200000001
last-modified: Wed, 26 Aug 2020 19:08:12 GMT
server: cloudflare
etag: "3022fd-33a-5adcc8a7dff00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d3c7eeeea6a2325-ZRH
expires: Wed, 16 Sep 2020 22:01:58 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 26 KB
8 KB 46ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:58 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref: Ref A: 03215C00D58343A286E88A855D3A130A Ref B: FRAEDGE1209 Ref C: 2020-09-16T18:01:58Z
status: 200
etag: "0e0bdafab5bd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8022

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
760 B 12ms
11ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a53296dca2db04589f7fd86e7285e37c2c9d0a0270b494bc8d8182efe11d56f7

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 18:01:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Sep 2020 19:29:40 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=83342
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 447

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 2778
date: Wed, 16 Sep 2020 17:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Wed, 16 Sep 2020 19:15:40 GMT

GET
H2 200 MP9Jyqtx.min.js Show response
scripts.demandbase.com/ 70 KB
70 KB 151ms
75ms Script
application/javascript 143.204.201.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/MP9Jyqtx.min.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-40.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bcafc5a0a1b98e854d2545bad02ec3813619ea9ea882f30ce61eefd31218335d

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:51 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
age: 9
x-cache: Hit from cloudfront
status: 200
content-length: 71201
last-modified: Thu, 10 Sep 2020 19:41:21 GMT
server: AmazonS3
etag: "83107660572818801710c680916e752b"
vary: Accept-Encoding
x-amz-version-id: k7UJhFYjPuUdQlM9DEn0HkWCuHfqXsKU
cache-control: public, max-age=3600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-cf-id: N9E6X78o2DwZIfzoY0Jyy-0d4U6mrHSkuKJJ022weUkjQdp367vcaA==

GET
H2

200

s Show response
ads.avct.cloud/
Redirect Chain

https://ads.avocet.io/s?add=5aba5f53ab79f7f51390a95a&ty=j
https://ads.avct.cloud/s?r=1&add=5aba5f53ab79f7f51390a95a&ty=j
https://ads.avct.cloud/s?bounce=true&r=1&add=5aba5f53ab79f7f51390a95a&ty=j

0
336 B

60ms
60ms

Script
application/javascript

34.240.2.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.avct.cloud/s?bounce=true&r=1&add=5aba5f53ab79f7f51390a95a&ty=j
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.240.2.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-2-137.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 16 Sep 2020 18:01:59 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
content-type: application/javascript

Redirect headers

status: 302
date: Wed, 16 Sep 2020 18:01:59 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 87
location: /s?bounce=true&r=1&add=5aba5f53ab79f7f51390a95a&ty=j
content-type: text/html; charset=utf-8

GET
H2 200 1594.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
369 B 158ms
156ms Script
text/javascript 2606:4700::6812:1bbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1594.js?p=https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS&e=

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1bbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
status: 200
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: ec4bddef-645b-427c-a5a3-5ef42498dee4
x-runtime: 0.006878
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-request-id: 0539ada98200002b8929171200000001
cf-ray: 5d3c7eef3f3d2b89-FRA

GET
H2 200 1644.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
976 B 513ms
511ms Script
text/javascript 2606:4700::6812:1bbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1644.js?p=https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS&e=

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1bbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
status: 200
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 4609b016-e5be-4bb9-9a2d-8bcbfbbd13f5
x-runtime: 0.007418
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-request-id: 0539ada98200002b8929172200000001
cf-ray: 5d3c7eef3f402b89-FRA

GET
H2 200 1645.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
240 B 527ms
526ms Script
text/javascript 2606:4700::6812:1bbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1645.js?p=https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS&e=

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1bbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
status: 200
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 00c00a0d-bc82-4ddc-bb86-99368b850a4a
x-runtime: 0.004839
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-request-id: 0539ada98300002b8929173200000001
cf-ray: 5d3c7eef3f412b89-FRA

GET
H2 200 1646.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
240 B 519ms
518ms Script
text/javascript 2606:4700::6812:1bbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1646.js?p=https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS&e=

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1bbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
status: 200
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 389b10fd-c2ac-4525-a867-99571f7bbc1a
x-runtime: 0.007948
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-request-id: 0539ada98300002b8929174200000001
cf-ray: 5d3c7eef3f432b89-FRA

GET
H2 200 1647.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
240 B 514ms
514ms Script
text/javascript 2606:4700::6812:1bbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1647.js?p=https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS&e=

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1bbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
status: 200
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 75b4ad0a-08e5-4d7e-a738-ff9326844178
x-runtime: 0.005580
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-request-id: 0539ada98300002b8929175200000001
cf-ray: 5d3c7eef3f442b89-FRA

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
6 KB 41ms
41ms Script
application/x-javascript 104.111.250.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.210 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 18:01:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Fri, 25 Dec 2020 18:01:58 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 38 KB
13 KB 128ms
44ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e5832e4fef3a985714d3ef158faff48db0dc3e1932044815530e159a5ef2904a

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: aAQToeGtZMjrlLZ82FLqVLr_sH38qHlc
Content-Encoding: gzip
ETag: "0bf23f24cef8bf14e87bc3ff4d4fc4f1"
x-amz-request-id: 4FD7927B8B800BF2
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12201
x-amz-id-2: UrqGN3gZ+QbZ2EH0rOVpfy4L+syn7otXNlly8V7sFNPptI7ztAHk8GsL4ML76Nao5CpJ9pZnXpk=
Last-Modified: Wed, 16 Sep 2020 16:40:00 GMT
Server: AmazonS3
Date: Wed, 16 Sep 2020 18:01:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3-Q050

200

activityi;dc_pre=CM6q6YKh7usCFVfluwgdXoELPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2965047237431.3843
4788165.fls.doubleclick.net/ Frame E461
Redirect Chain

https://4788165.fls.doubleclick.net/activityi;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2965047237431.3843?
https://4788165.fls.doubleclick.net/activityi;dc_pre=CM6q6YKh7usCFVfluwgdXoELPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2965047237431.3843?

0
0

97ms
54ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4788165.fls.doubleclick.net/activityi;dc_pre=CM6q6YKh7usCFVfluwgdXoELPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2965047237431.3843?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4788165.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CM6q6YKh7usCFVfluwgdXoELPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2965047237431.3843?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 16 Sep 2020 18:01:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 423
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 16-Sep-2020 18:16:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 16 Sep 2020 18:01:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4788165.fls.doubleclick.net/activityi;dc_pre=CM6q6YKh7usCFVfluwgdXoELPg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2965047237431.3843?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 selectArrow2.png
go.proofpoint.com/rs/309-RHV-619/images/ 22 KB
22 KB 204ms
204ms Image
image/png 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/selectArrow2.png

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6a2963b319b9d12c73b32baaec0d6942fb056bb49a14e7897a2403b58e5588d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 22452
cf-request-id: 0539ada9c500002325e7820200000001
last-modified: Sat, 05 Sep 2020 02:16:17 GMT
server: cloudflare
etag: "143a18-57b4-5ae8792036fea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 5d3c7eefaba22325-ZRH
expires: Wed, 16 Sep 2020 18:02:59 GMT

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 18:01:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 20:29:41 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=83496
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
66 B 13ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1418417197&t=pageview&_s=1&dl=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&ul=en-us&de=UTF-8&dt=Proofpoint&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=402318707&gjid=998965745&cid=853563176.1600279319&tid=UA-2257074-1&_gid=1889294039.1600279319&_r=1&gtm=2wg920MGR7P8X&z=446936699

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Sep 2020 18:01:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://go.proofpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
61 B 6ms
6ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1418417197&t=event&ni=0&_s=1&dl=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&ul=en-us&de=UTF-8&dt=Proofpoint&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=853563176.1600279319&tid=UA-2257074-1&_gid=1889294039.1600279319&gtm=2wg920MGR7P8X&z=541689114

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Sep 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8625
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 28ms
27ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17087961&Ver=2&mid=15ad1a82-01d6-4519-2408-0423f28804ef&sid=00b666303a9cf53330fd30372b79b8c4&vid=b044bf01298ad843077d5e6ca1a47e9e&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Proofpoint&p=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&r=&lt=1208&evt=pageLoad&msclkid=N&sv=1&rn=589851
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 16 Sep 2020 18:01:58 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 966ECBF27DE048B5A62C184B89BB7A8A Ref B: FRAEDGE1209 Ref C: 2020-09-16T18:01:59Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visitWebPage Show response
309-rhv-619.mktoresp.com/webevents/ 2 B
311 B 357ms
121ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://309-rhv-619.mktoresp.com/webevents/visitWebPage?_mchNc=1600279319036&_mchCn=HappyHourwiththeFBIAZNVSep21&_mchId=309-RHV-619&_mchTk=_mch-proofpoint.com-1600279319035-32705&_mchWs=j1RR&_mchHo=go.proofpoint.com&_mchPo=&_mchRu=%2FHappyHourwiththeFBIAZNVSep21.html&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=rbn%3DFMS
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 18:01:59 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: adaccbb2-dd1c-4e70-8157-9696f2ba4bf3

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-2257074-1&cid=853563176.1600279319&jid=402318707&gjid=998965745&_gid=1889294039.1600279319&_u=YEBAAEAAAAAAAC~&z=569806619

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 16 Sep 2020 18:01:59 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://go.proofpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63883&url=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&time=1600279319040
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D63883%26url%3Dhttps%253A%252F%252Fgo.proofpoint.com%252FHappyHourwiththeFBIAZNVSe...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63883&url=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&time=1600279319040&liSync=true

0
57 B

132ms
131ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63883&url=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&time=1600279319040&liSync=true
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: 9j919I9VNRbw+9kuoisAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: 5cmL8I9VNRZgzu8BJysAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: B3A5621CAEB7420C86C7CFD503727BC5 Ref B: FRAEDGE0821 Ref C: 2020-09-16T18:01:59Z
x-frame-options: sameorigin
date: Wed, 16 Sep 2020 18:01:58 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63883&url=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&time=1600279319040&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 33ms
32ms Image
image/gif 2a00:1450:4001:825::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-2257074-1&cid=853563176.1600279319&jid=402318707&_u=YEBAAEAAAAAAAC~&z=1408928146

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Sep 2020 18:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 29ms
29ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-2257074-1&cid=853563176.1600279319&jid=402318707&_u=YEBAAEAAAAAAAC~&z=1408928146

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Sep 2020 18:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/7YJ7XZCLMRHSVCXIHB5HIT/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

42ms
42ms

Script
application/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 2U8XMvdFINXJNFsilaXONuSvqmREKV3.
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 0A9DFB41B15EF3A2
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 9wtYzl8isf76a+KTcCc0hWCh/ZKrxXSL0KsmsoDDvS1VGgWl/GxdSe7DtPnOmbh4BH+84jF1nEY=
Last-Modified: Fri, 31 Jul 2020 16:11:15 GMT
Server: AmazonS3
Date: Wed, 16 Sep 2020 18:01:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Wed, 16 Sep 2020 18:01:59 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/ 0
773 B 117ms
40ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ySWZXssmp3aR6159I1a6RZDq_YOMslo.
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 7S3N4R0GAZFY2V2T
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: saHrUd+2Ox6qKsXlglaIbHo4S2sCQ7c9w90dgcouly1rDh+LhgtxM5+2CdWfCRkEYHbnEWTOhPE=
Last-Modified: Tue, 15 Sep 2020 18:12:59 GMT
Server: AmazonS3
Date: Wed, 16 Sep 2020 18:01:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/7YJ7XZCLMRHSVCXIHB5HIT/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/7YJ7XZCLMRHSVCXIHB5HIT?_s=17465df51210b7d2106ce802f4e72f89&_b=2
https://d.adroll.com/consent/check/7YJ7XZCLMRHSVCXIHB5HIT/?_s=17465df51210b7d2106ce802f4e72f89&_b=2

395 B
863 B

57ms
56ms

Script
application/javascript

63.32.63.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/7YJ7XZCLMRHSVCXIHB5HIT/?_s=17465df51210b7d2106ce802f4e72f89&_b=2
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.63.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-63-32.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 5dd8ad22e1e81a4893cf112c7b4418a89d8ddec85e2e1ecf280bbe73090a6676

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Sep 2020 18:01:59 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: application/javascript
content-length: 395

Redirect headers

status: 302
date: Wed, 16 Sep 2020 18:01:59 GMT
server: nginx/1.16.1
content-length: 105
location: https://d.adroll.com/consent/check/7YJ7XZCLMRHSVCXIHB5HIT/?_s=17465df51210b7d2106ce802f4e72f89&_b=2

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 429 B
938 B 145ms
76ms XHR
application/json 143.204.94.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&page_title=Proofpoint&src=tag&key=2e81efc731d57cb3e458d08fae112991
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/MP9Jyqtx.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.67 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-67.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: c23ebf2c0ec8e37a6a0a179720c9763bf4e1f0ed993fe7d0ad41d4d9774fe957

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
request-id: 00ee77cc-756a-4e45-88ab-cf7886ef80f3
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://go.proofpoint.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lqm9zG1gSX-3jRpYtyi511_B_5TS1-fGDCufdC6lx7TngrB6BOxTqQ==
expires: Tue, 15 Sep 2020 18:01:59 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAM4HE6-xKYAAA93fqI0Rw
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAM4HE6-xKYAAA93fqI0Rw&verifyHash=718a6abca6e6238df21f8a4b474d3e9886899c6e

26 B
409 B

242ms
242ms

Image
image/gif

99.84.144.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAM4HE6-xKYAAA93fqI0Rw&verifyHash=718a6abca6e6238df21f8a4b474d3e9886899c6e
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-107.txl52.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 18:01:59 GMT
Via: 1.1 d331d277ec81e476ff09fa9d30df05d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: TXL52-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: d6d510004933725d
X-Amz-Cf-Id: OQjk5VnUvQhzx_CoxfV_Emq8kcJgiONZ5yfpRitp1gMi1qbInqmXAA==

Redirect headers

Date: Wed, 16 Sep 2020 18:01:59 GMT
Via: 1.1 d331d277ec81e476ff09fa9d30df05d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: TXL52-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAM4HE6-xKYAAA93fqI0Rw&verifyHash=718a6abca6e6238df21f8a4b474d3e9886899c6e
Connection: keep-alive
trace-id: 5dbe0122e621999b
Content-Length: 0
X-Amz-Cf-Id: iWs7Gnc76gwcjiAwZqJepCst8S340pqRN6hkrxFV6IiSfV-FkPfEMw==

GET
H2 200 Tungsten-Medium.woff
go.proofpoint.com/rs/309-RHV-619/images/ 23 KB
23 KB 304ms
304ms Font
text/plain 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/Tungsten-Medium.woff

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e88f211cbc3cdde554d504f26601d47e490d98660d8c331b7a383ee8aabd2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://go.proofpoint.com
Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
cf-request-id: 0539adaa6900002325e7824200000001
last-modified: Sat, 05 Sep 2020 02:44:59 GMT
server: cloudflare
etag: W/"143a23-5a7c-5ae87f8b1874e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 5d3c7ef0ad5c2325-ZRH
expires: Wed, 16 Sep 2020 18:02:59 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
57 B 6ms
6ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1418417197&t=event&ni=1&_s=2&dl=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&ul=en-us&de=UTF-8&dt=Proofpoint&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHDAAEABAAAAAC~&jid=&gjid=&cid=853563176.1600279319&tid=UA-2257074-1&_gid=1889294039.1600279319&gtm=2wg920MGR7P8X&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=Bot&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=Zurich&cd11=ZH&cd12=Switzerland&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=(Non-Company%20Visitor)&cd18=(Non-Company%20Visitor)&z=1084501041

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Sep 2020 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8625
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 forms_39203b9fa0.min.js Show response
tag.demandbase.com/shared/ 177 KB
57 KB 47ms
40ms Script
application/javascript 143.204.201.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/shared/forms_39203b9fa0.min.js
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/MP9Jyqtx.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-40.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09fb4e2181b10d4a4b7529273656febe51df54439c9b6ffa74c3e77b79359a38

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 16:24:53 GMT
content-encoding: gzip
last-modified: Mon, 31 Aug 2020 18:20:18 GMT
server: AmazonS3
age: 5827
etag: W/"73e0c5ff3e94c51aa367639237f328c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: .mN8lmI3fi3.VGlQ4SlT3_nJHt2y4T7j
status: 200
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: MuC4WCUtFJo3IOPSMxdoF6NTdjZZqUeh4YcO-j95TJ5hekPUtrEEYg==
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)

GET
H2 200 Tungsten-Semibold.woff
go.proofpoint.com/rs/309-RHV-619/images/ 24 KB
24 KB 150ms
150ms Font
text/plain 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.proofpoint.com/rs/309-RHV-619/images/Tungsten-Semibold.woff?60

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3a6fb8edae8055879ad2a5c80a291502c6bb9329d0a57cdefe03a6bf296123e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://go.proofpoint.com
Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sat, 05 Sep 2020 02:16:12 GMT
server: cloudflare
status: 200
etag: W/"143a17-60fc-5ae8791b718fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cf-ray: 5d3c7ef1af532325-ZRH
cf-request-id: 0539adab0d00002325e782d200000001

GET
H/1.1

200
OK

T47Y2VPPABDUBJXFROMZZM.js Show response
s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/
Redirect Chain

https://d.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSe...
https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js

4 KB
2 KB

40ms
39ms

Script
text/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d02f3b8d118b383623066432d7ea95ff03ecad593c70b57c7eb3f8e8d9e5222f

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: JowgL7zE2dcKVj_eyKIavURX6gzlC4Eg
Content-Encoding: gzip
ETag: "63eb13283b797a23f28897284049fb8a"
x-amz-request-id: 8D804DB5A7AB512F
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1583
x-amz-id-2: tlJi7c8VRqmY3GN8RWyDQkDAkEOawb6dYWTpMb4zsS/DPiWurMTqaoXkKR3OYsLftn1UlpYJoNs=
Last-Modified: Wed, 29 Jul 2020 14:59:53 GMT
Server: AmazonS3
Date: Wed, 16 Sep 2020 18:01:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

date: Wed, 16 Sep 2020 18:01:59 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.16.1
x-rule: *
x-segment-eid: T47Y2VPPABDUBJXFROMZZM
location: https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: YV5KYXXEJZATZCT37YRTMK
x-segment-name: *
x-advertisable-eid: 7YJ7XZCLMRHSVCXIHB5HIT
x-conversion-currency

GET
H2 200 stylesheet_39203b9fa0.v2.css
scripts.demandbase.com/shared/ 27 KB
4 KB 44ms
43ms Stylesheet
text/css 143.204.201.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/shared/stylesheet_39203b9fa0.v2.css
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/shared/forms_39203b9fa0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-40.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa176af3695a7e918096d7d71a501167980482180f48dc0e4515855901b42969

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 15:38:34 GMT
content-encoding: gzip
last-modified: Mon, 31 Aug 2020 18:20:18 GMT
server: AmazonS3
age: 8606
etag: W/"178916ae2031afd4e0b75797aa965718"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: faAsaRNFTKdBXQLSrB2fSfM3eO2rNv1e
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/css; charset=UTF-8
x-amz-cf-id: ZeCa-6kbGcIZwhZKiuqOlT0B2-kNwvn0uyR6fFTCxJqIcoAvBA7gZQ==
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d.adroll.com
URL: https://d.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&pv=80502678151.83046&cookie=&adroll_s_ref=&keyw=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: JKmCN+Fv8LQO0tCpIxYUNi+crnK3yEBDdZe2AUlNPeudPOIzdTcpbyPDhoWvlPqij0P7CdtObOuuGmsaXdvUyw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 16 Sep 2020 18:01:59 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
3 KB 39ms
39ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&pv=80502678151.83046&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NM.EHVfGEDu2TYFqb1osrv1zRII373EC
Content-Encoding: gzip
ETag: "15441b08d0c4f93b1dd5f533cd361cd8"
x-amz-request-id: E2F067B4E9F95C64
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2039
x-amz-id-2: zahNXUrZcHvPMHZ5OZzeA/pmU+ThIaY+/c27IjCJ/f8DH693VdK16PYXiwNkUgRleJPaNozozcA=
Last-Modified: Mon, 03 Feb 2020 20:32:06 GMT
Server: AmazonS3
Date: Wed, 16 Sep 2020 18:01:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisabl...
https://pixel.advertising.com/ups/55980/sync?uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
https://ups.analytics.yahoo.com/ups/55980/sync?uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPb75bfe65-f846-11ea-a10c-06...
https://ups.analytics.yahoo.com/ups/55980/sync?uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPb75bfe65-f846-11ea-a10c-06...

0
506 B

47ms
46ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPb75bfe65-f846-11ea-a10c-0601f76731d6&verify=true

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 18:01:59 GMT
Server: ATS/7.1.2.113
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Wed, 16 Sep 2020 18:01:59 GMT
Server: ATS/7.1.2.113
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55980/sync?uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPb75bfe65-f846-11ea-a10c-0601f76731d6&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisa...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&expiration=1631815319
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&expiration=1631815319&C=1

43 B
1003 B

47ms
47ms

Image
image/gif

23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&expiration=1631815319&C=1
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Sep 2020 18:01:59 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 16 Sep 2020 18:01:59 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Sep 2020 18:01:59 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&expiration=1631815319&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Wed, 16 Sep 2020 18:01:59 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&expires=365

42 B
798 B

164ms
43ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&expires=365
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 16 Sep 2020 18:01:59 GMT
server: nginx/1.16.1
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&expires=365
cache-control: no-store, no-cache, must-revalidate
content-length: 124

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advert...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&rdrctExp=true

0
477 B

118ms
118ms

Image
text/plain

70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&rdrctExp=true
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 18:02:00 GMT
Cache-Control: no-cache
X-TraceId: b5131eefd67c4dd47f988d551e01e24b
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&rdrctExp=true
Date: Wed, 16 Sep 2020 18:01:59 GMT
X-TraceId: a5b5d0910cf65ec8fc38cadbf3339c2d
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advert...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
1010 B

144ms
48ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Wed, 16 Sep 2020 18:01:59 GMT
X-lat: Pug23018:0:325
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Wed, 16 Sep 2020 18:01:59 GMT
server: nginx/1.16.1
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
cache-control: no-store, no-cache, must-revalidate
content-length: 220

GET
H2

200

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=...
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
500 B

55ms
55ms

Image
image/gif

63.32.63.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.63.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-63-32.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Sep 2020 18:01:59 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

Redirect headers

date: Wed, 16 Sep 2020 18:01:59 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&adverti...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M

0
219 B

129ms
43ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
tbl-x-upstream: 10.40.0.117:10213
date: Wed, 16 Sep 2020 18:01:59 GMT
server: nginx
x-fastly-to-nlb-rtt: 15427

Redirect headers

pragma: no-cache
date: Wed, 16 Sep 2020 18:01:59 GMT
server: nginx/1.16.1
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M
cache-control: no-store, no-cache, must-revalidate
content-length: 111

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&adve...
https://eb2.3lift.com/xuid?mid=4714&xuid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

37ms
37ms

Image
image/gif

52.57.124.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.124.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 16 Sep 2020 18:01:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

status: 302
date: Wed, 16 Sep 2020 18:01:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4714&xuid=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=...
https://x.bidswitch.net/sync?dsp_id=44&user_id=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M

43 B
411 B

37ms
35ms

Image
image/gif

18.158.112.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.112.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 16 Sep 2020 18:01:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Wed, 16 Sep 2020 18:01:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=...
https://ib.adnxs.com/setuid?entity=172&code=MzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M

43 B
1 KB

62ms
62ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Sep 2020 18:01:59 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid: e0247134-7a4e-4575-bd6a-f2f2a7a77166
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Sep 2020 18:01:59 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.50:80
AN-X-Request-Uuid: e80e8cc4-0411-4a3c-964f-34ebddd6d80f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMzM5ODg5ZTFlMDU1YjBhNTNmYmE2ZDNkNmZiMGIzM2M
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

451

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=...
https://idsync.rlcdn.com/377928.gif?partner_uid=339889e1e055b0a53fba6d3d6fb0b33c

0
66 B

114ms
43ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=339889e1e055b0a53fba6d3d6fb0b33c
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 451
date: Wed, 16 Sep 2020 18:01:59 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

pragma: no-cache
date: Wed, 16 Sep 2020 18:01:59 GMT
server: nginx/1.16.1
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://idsync.rlcdn.com/377928.gif?partner_uid=339889e1e055b0a53fba6d3d6fb0b33c
cache-control: no-store, no-cache, must-revalidate
content-length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=339889e1e055b0a53fba6d3d6fb0b33c
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=339889e1e055b0a53fba6d3d6fb0b33c

43 B
180 B

46ms
45ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=339889e1e055b0a53fba6d3d6fb0b33c
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Sep 2020 18:02:00 GMT
via: 1.1 google
server: OXGW/16.193.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 16 Sep 2020 18:01:59 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=339889e1e055b0a53fba6d3d6fb0b33c
alt-svc: clear
content-length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=78dfd438b7e6a467aa7e831775e8eb00-1600279319317&arrfrr=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&xid_ch=f&advertisable=...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=M5iJ4eBVsKU_um09b7CzPA
https://d.adroll.com/cm/g/in

42 B
536 B

55ms
55ms

Image
image/gif

63.32.63.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.63.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-63-32.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Sep 2020 18:02:00 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Wed, 16 Sep 2020 18:02:00 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 389545881899618 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/389545881899618?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe2d17af141af028f87c2cfdd10b4b8b954c094e25ba69ab656f8779b7354d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134814
x-xss-protection: 0
x-ua-compatible: IE=edge
pragma: private
x-fb-debug: elId4KB0ZGPbL60UPtCXUTK32WMyCNfLDw5WG/sOOpxO2ItfncVVT75XVf7rJSxsZp2XR6pP4R9PiZrhp2OW6Q==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 16 Sep 2020 18:01:59 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
265 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=389545881899618&ev=PageView&dl=https%3A%2F%2Fgo.proofpoint.com%2FHappyHourwiththeFBIAZNVSep21.html%3Frbn%3DFMS&rl=&if=false&ts=1600279319511&cd[segment_eid]=T47Y2VPPABDUBJXFROMZZM&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=29&fbp=fb.1.1600279319510.1294405593&it=1600279319464&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: go.proofpoint.com
URL: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.proofpoint.com/HappyHourwiththeFBIAZNVSep21.html?rbn=FMS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 18:01:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 16 Sep 2020 18:01:59 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.proofpoint.com
URL: http://www.proofpoint.com/404

Domain: www.proofpoint.com
URL: http://www.proofpoint.com/404

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go.proofpoint.com/	1970-01-19 21:16:55	Name: __ar_v4 Value: %7C7YJ7XZCLMRHSVCXIHB5HIT%3A20200916%3A1%7CYV5KYXXEJZATZCT37YRTMK%3A20200916%3A1%7CT47Y2VPPABDUBJXFROMZZM%3A20200916%3A1
.go.proofpoint.com/	1970-01-19 21:17:16	Name: __adroll_fpc Value: 78dfd438b7e6a467aa7e831775e8eb00-1600279319317
.proofpoint.com/	1970-01-19 14:40:55	Name: _fbp Value: fb.1.1600279319510.1294405593
.go.proofpoint.com/	1970-01-19 12:31:21	Name: __cf_bm Value: 0cb0312c3e48073900392cf81bbc3211d82ef580-1600279318-1800-AW8A8u10vmqyNcFonP1eUeeHa6Go6H9sdCF4RmTCs4E0WOTqC5Y+DAiLqsl2chmoSK8nX2fkhB0hExoYRzjpKOw=
.proofpoint.com/	1970-01-20 06:02:31	Name: _mkto_trk Value: id:309-RHV-619&token:_mch-proofpoint.com-1600279319035-32705
.proofpoint.com/	1970-01-19 12:31:19	Name: _gat_UA-2257074-1 Value: 1
.proofpoint.com/	1970-01-19 12:54:43	Name: _uetvid Value: b044bf01298ad843077d5e6ca1a47e9e
.proofpoint.com/	1970-01-19 12:32:45	Name: _gid Value: GA1.2.1889294039.1600279319
.proofpoint.com/	1970-01-20 06:02:31	Name: _ga Value: GA1.2.853563176.1600279319
.proofpoint.com/	1970-01-19 21:16:42	Name: visid_incap_177663 Value: e+4mNoXrR8GfzkvnJyS0FRZTYl8AAAAAQUIPAAAAAAB86TTglQCjUGX0nfs+cu+U
go.proofpoint.com/	1969-12-31 23:59:59	Name: BIGipServerabjweb-nginx-app_https Value: !+unUG/r0C561Hxdybf/nLIVwOTHiDoh/MsAwDjnArZVGtcuzvikecAPWK1eQhSby6s3gwhdO6KRW8Q==
.doubleclick.net/	1970-01-20 06:02:31	Name: IDE Value: AHWqTUnu2jmsW-B9ZTGJdRWMswia-GJjphqV3UYqgRrLVIJ6Zm9UW3Ij9eFJyTE7
.proofpoint.com/	1969-12-31 23:59:59	Name: incap_ses_473_177663 Value: qUWEMPzx6GkMwcMHJm+QBhZTYl8AAAAAWnV9tGvFiovMH9714T1Plg==
.proofpoint.com/	1970-01-19 12:32:45	Name: _uetsid Value: 00b666303a9cf53330fd30372b79b8c4
.go.proofpoint.com/	1970-01-19 13:14:31	Name: __cfduid Value: d1da4dc09a4a8c9ba2fd441c0843480261600279317

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://munchkin.marketo.net/159/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 309-RHV-619 [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

309-rhv-619.mktoresp.com
4788165.fls.doubleclick.net
ads.avct.cloud
ads.avocet.io
ads.yahoo.com
ajax.googleapis.com
api.company-target.com
bat.bing.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
dsum-sec.casalemedia.com
eb2.3lift.com
go.proofpoint.com
ib.adnxs.com
idsync.rlcdn.com
match.prod.bidr.io
munchkin.marketo.net
pixel.advertising.com
pixel.rubiconproject.com
px.ads.linkedin.com
s.adroll.com
scripts.demandbase.com
segments.company-target.com
simage2.pubmatic.com
snap.licdn.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
tag.demandbase.com
templates.marketo.net
tracking.g2crowd.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.proofpoint.com
x.bidswitch.net
www.proofpoint.com
104.111.250.210
104.17.71.206
141.226.228.48
143.204.201.40
143.204.94.67
18.158.112.40
18.197.47.23
185.33.221.53
185.64.190.80
192.28.144.124
216.58.206.2
216.58.212.166
23.210.248.216
23.210.249.164
2606:4700::6812:1bbe
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:803::200e
2a00:1450:4001:809::2003
2a00:1450:4001:814::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:821::2008
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9b
2a02:26f0:10c:58e::25ea
2a02:e980:107::cf
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
3.126.56.137
34.240.2.137
34.98.64.218
35.244.174.68
52.210.50.2
52.57.124.49
63.32.63.32
69.173.144.138
70.42.32.63
99.84.144.107
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
09fb4e2181b10d4a4b7529273656febe51df54439c9b6ffa74c3e77b79359a38
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
1faa147f9e3af1c5d5521faab08042b21cf5e8a18e4d11b9d45320922b66ce4c
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2faa448c2df1c640c983d5ca3b470dc1b09ff7bb55880ef369a168ee473bbf0a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c858ea92bdc30e89d30d477c30228c47b19648e1539829bb2303a176f0c23dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cf29d80419ab46480353b70eec1b626bbfbe32ef2eb93d63a96311f3f6155b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5dd8ad22e1e81a4893cf112c7b4418a89d8ddec85e2e1ecf280bbe73090a6676
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
613972fd318c78351f8882469823573c8f84152d7d49e5d9268522c5339ecb55
6816773a0d4fdbd5c29599927c57d84626c26c9b01c7dff69526fb97c038ae84
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
982fa97eccae21e893548687e91b35de93861805706a57fa1eab73455f9ed72f
a53296dca2db04589f7fd86e7285e37c2c9d0a0270b494bc8d8182efe11d56f7
a7e88f211cbc3cdde554d504f26601d47e490d98660d8c331b7a383ee8aabd2f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6a2963b319b9d12c73b32baaec0d6942fb056bb49a14e7897a2403b58e5588d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcafc5a0a1b98e854d2545bad02ec3813619ea9ea882f30ce61eefd31218335d
bf5e6c5d3b0558a58481395e5f66adf4c0374c0ecf8f0cb5cf940d827239120c
c23ebf2c0ec8e37a6a0a179720c9763bf4e1f0ed993fe7d0ad41d4d9774fe957
c3a7b608ebfa8d1dfe658bc119e6236a6aaf878a779e7c560aa11dd30881a56a
c942686010e285633d77a24341c43850ccd6162fcc7e8281ae8a70c2921a9af5
ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852
d02f3b8d118b383623066432d7ea95ff03ecad593c70b57c7eb3f8e8d9e5222f
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e086c78fe810eceba34f2f4aee4770ae2df92db026a80bcb8301a8a0461f727d
e2293bf3c76a601ee77824c900f7da8fcbc3668d65d664a9c523ae7815cc312a
e3a6fb8edae8055879ad2a5c80a291502c6bb9329d0a57cdefe03a6bf296123e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5832e4fef3a985714d3ef158faff48db0dc3e1932044815530e159a5ef2904a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24c51a94a931f1bdd7c3dacc9ebb3848305f5eb5a3feddf0b01227f6c778c17
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
fa176af3695a7e918096d7d71a501167980482180f48dc0e4515855901b42969
fe2d17af141af028f87c2cfdd10b4b8b954c094e25ba69ab656f8779b7354d49

go.proofpoint.com Open in urlscan Pro 104.17.71.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

74 Requests

97 %HTTPS

40 %IPv6

34 Domains

43 Subdomains

36 IPs

7 Countries

1125 kBTransfer

2490 kBSize

15 Cookies

3 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

go.proofpoint.com Open in urlscan Pro
104.17.71.206 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

97 %
HTTPS

40 %
IPv6

34
Domains

43
Subdomains

36
IPs

7
Countries

1125 kB
Transfer

2490 kB
Size

15
Cookies

74 HTTP transactions
0 data transactions