events.extrahop.com Open in urlscan Pro
54.84.134.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.wiredata.extrahop.com/e/er?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&u...
Effective URL:
https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=ema...
Submission: On May 04 via manual (May 4th 2023, 2:56:11 pm UTC) from US — Scanned from CA

Summary HTTP 241 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 47 IPs in 4 countries across 38 domains to perform 241 HTTP transactions. The main IP is 54.84.134.174, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is events.extrahop.com.
TLS certificate: Issued by R3 on March 3rd 2023. Valid for: 3 months.

This is the only time events.extrahop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	142.0.173.39 142.0.173.39	7160 (NETDYNAMICS) (NETDYNAMICS)
1 4	142.0.173.28 142.0.173.28	7160 (NETDYNAMICS) (NETDYNAMICS)
12	54.84.134.174 54.84.134.174	14618 (AMAZON-AES) (AMAZON-AES)
8	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
19	18.164.115.227 18.164.115.227	16509 (AMAZON-02) (AMAZON-02)
2	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	54.163.130.149 54.163.130.149	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:202... 2600:9000:202c:ee00:d:9239:1640:21	16509 (AMAZON-02) (AMAZON-02)
12	199.232.38.109 199.232.38.109	54113 (FASTLY) (FASTLY)
10	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
1	99.84.37.32 99.84.37.32	16509 (AMAZON-02) (AMAZON-02)
2	54.237.228.255 54.237.228.255	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:80a::2008	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
2	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
1	34.231.13.252 34.231.13.252	14618 (AMAZON-AES) (AMAZON-AES)
73	13.225.223.48 13.225.223.48	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:900... 2600:141b:9000::1725:7bba	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.73.231.40 23.73.231.40	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.163.218.127 35.163.218.127	16509 (AMAZON-02) (AMAZON-02)
2	18.238.12.115 18.238.12.115	16509 (AMAZON-02) (AMAZON-02)
1	199.232.36.157 199.232.36.157	54113 (FASTLY) (FASTLY)
1	54.230.163.61 54.230.163.61	16509 (AMAZON-02) (AMAZON-02)
1 1	18.200.232.72 18.200.232.72	16509 (AMAZON-02) (AMAZON-02)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:251... 2600:9000:2514:b400:a:b27c:d040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
3	2600:9000:25c... 2600:9000:25c8:4e00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:25c... 2600:9000:25c8:ae00:0:cc59:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
4	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	34.229.30.165 34.229.30.165	14618 (AMAZON-AES) (AMAZON-AES)
2 2	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
9	23.200.1.16 23.200.1.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:900... 2600:141b:9000::b833:94d9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.6.2.140 52.6.2.140	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.86.135.117 3.86.135.117	14618 (AMAZON-AES) (AMAZON-AES)
1	18.209.251.30 18.209.251.30	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.233.137.198 3.233.137.198	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
12	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:1901:0:a... 2600:1901:0:a5e4::	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:46:... 2a04:4e42:46::720	54113 (FASTLY) (FASTLY)
241	47

1 142.0.173.39 (Toronto, Canada) 1 redirects

ASN7160 (NETDYNAMICS, US)

app.wiredata.extrahop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.0.173.28 (Toronto, Canada) 1 redirects

ASN7160 (NETDYNAMICS, US)

s1701.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.84.134.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-134-174.compute-1.amazonaws.com

events.extrahop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

frontend.cdn.splashthat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-prod.splashthat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
splashthat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 18.164.115.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-115-227.jfk50.r.cloudfront.net

d24wuq6o951i2g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.163.130.149 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-130-149.compute-1.amazonaws.com

third-party-tracking-manager.services.splashthat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:202c:ee00:d:9239:1640:21 (United States)

ASN16509 (AMAZON-02, US)

d3m889aznlr23d.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 199.232.38.109 (New York, United States)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:824::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.37.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-32.ewr52.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.237.228.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-228-255.compute-1.amazonaws.com

api.splashthat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80a::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80e::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:809::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.13.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-13-252.compute-1.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 13.225.223.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-48.jfk51.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:9000::1725:7bba (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.73.231.40 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-231-40.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.163.218.127 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-218-127.us-west-2.compute.amazonaws.com

p0.extrahopping.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.12.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-12-115.phl51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.163.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-61.ewr53.r.cloudfront.net

px.airpr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.232.72 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-232-72.eu-west-1.compute.amazonaws.com

adresults-5-adswizz.attribution.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2514:b400:a:b27c:d040:93a1 (United States)

ASN16509 (AMAZON-02, US)

ext.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:25c8:4e00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25c8:ae00:0:cc59:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.229.30.165 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-30-165.compute-1.amazonaws.com

dpx.airpr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.114 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.200.1.16 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-1-16.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:9000::b833:94d9 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.2.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-2-140.compute-1.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.86.135.117 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-86-135-117.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.209.251.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-251-30.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.233.137.198 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-137-198.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.218.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flow.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:a5e4:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

notify.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:46::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	driftt.com js.driftt.com — Cisco Umbrella Rank: 5211	857 KB
20	cloudfront.net d24wuq6o951i2g.cloudfront.net d3m889aznlr23d.cloudfront.net	6 MB
14	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 3078 i.vimeocdn.com — Cisco Umbrella Rank: 3048 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3147	535 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	610 KB
13	extrahop.com 1 redirects app.wiredata.extrahop.com events.extrahop.com	885 KB
12	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 6124 metrics.api.drift.com — Cisco Umbrella Rank: 5997 event.api.drift.com — Cisco Umbrella Rank: 6659 targeting.api.drift.com — Cisco Umbrella Rank: 6355 flow.api.drift.com — Cisco Umbrella Rank: 11469	11 KB
11	splashthat.com frontend.cdn.splashthat.com — Cisco Umbrella Rank: 122979 cdn-prod.splashthat.com — Cisco Umbrella Rank: 230181 third-party-tracking-manager.services.splashthat.com — Cisco Umbrella Rank: 136858 api.splashthat.com — Cisco Umbrella Rank: 124909 splashthat.com — Cisco Umbrella Rank: 59870	549 KB
10	6sc.co j.6sc.co — Cisco Umbrella Rank: 5624 c.6sc.co — Cisco Umbrella Rank: 8648 ipv6.6sc.co — Cisco Umbrella Rank: 5968 b.6sc.co — Cisco Umbrella Rank: 4113	14 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	42 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 253	30 KB
8	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 724 notify.bugsnag.com — Cisco Umbrella Rank: 1120	371 B
6	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1372 insight.adsrvr.org — Cisco Umbrella Rank: 527 match.adsrvr.org — Cisco Umbrella Rank: 304	6 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 347 www.linkedin.com — Cisco Umbrella Rank: 594 px4.ads.linkedin.com — Cisco Umbrella Rank: 6148	4 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	310 B
4	google.ca www.google.ca — Cisco Umbrella Rank: 8595	643 B
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 74	519 B
4	eloqua.com 1 redirects s1701.t.eloqua.com	3 KB
3	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 830	1 KB
3	airpr.com 1 redirects px.airpr.com — Cisco Umbrella Rank: 16045 dpx.airpr.com — Cisco Umbrella Rank: 12748	3 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 150	200 KB
3	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1793 vimeo.com — Cisco Umbrella Rank: 1680	20 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	617 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 198	2 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1413 beacon.krxd.net — Cisco Umbrella Rank: 596	221 B
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10368	578 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 406	2 KB
2	chtbl.com ext.chtbl.com — Cisco Umbrella Rank: 19806 web.chtbl.com — Cisco Umbrella Rank: 18995	4 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 437	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	189 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 5804 api-js.datadome.co — Cisco Umbrella Rank: 4804	57 KB
1	imgix.net driftt.imgix.net — Cisco Umbrella Rank: 14726	5 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 629	394 B
1	t.co t.co — Cisco Umbrella Rank: 503	379 B
1	adswizz.com 1 redirects adresults-5-adswizz.attribution.adswizz.com	164 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 654	15 KB
1	extrahopping.net p0.extrahopping.net	282 B
1	en25.com img.en25.com — Cisco Umbrella Rank: 5880	3 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 736	5 KB
241	38

	Domain	Requested by
73	js.driftt.com	events.extrahop.com js.driftt.com
19	d24wuq6o951i2g.cloudfront.net	events.extrahop.com
12	www.gstatic.com	f.vimeocdn.com www.google.com www.gstatic.com
12	events.extrahop.com	events.extrahop.com
10	www.google-analytics.com	cdn-prod.splashthat.com www.google-analytics.com www.googletagmanager.com events.extrahop.com
8	f.vimeocdn.com	player.vimeo.com
7	b.6sc.co
7	www.google.com	frontend.cdn.splashthat.com events.extrahop.com www.gstatic.com www.google.com
6	frontend.cdn.splashthat.com	events.extrahop.com frontend.cdn.splashthat.com splashthat.com
4	notify.bugsnag.com	frontend.cdn.splashthat.com
4	targeting.api.drift.com	js.driftt.com
4	www.facebook.com	events.extrahop.com
4	www.google.ca	events.extrahop.com
4	i.vimeocdn.com	events.extrahop.com f.vimeocdn.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	sessions.bugsnag.com	frontend.cdn.splashthat.com
4	s1701.t.eloqua.com	1 redirects img.en25.com events.extrahop.com
3	match.adsrvr.org	js.adsrvr.org
3	px.ads.linkedin.com	3 redirects
3	cdn.linkedin.oribi.io	snap.licdn.com
3	connect.facebook.net	events.extrahop.com connect.facebook.net
2	flow.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	metrics.api.drift.com	js.driftt.com
2	bootstrap.api.drift.com	js.driftt.com
2	ups.analytics.yahoo.com	2 redirects
2	dpm.demdex.net	2 redirects
2	epsilon.6sense.com	j.6sc.co
2	secure.adnxs.com	2 redirects
2	dpx.airpr.com	1 redirects
2	pixel.tapad.com	1 redirects events.extrahop.com
2	js.adsrvr.org	www.googletagmanager.com match.adsrvr.org
2	fresnel.vimeocdn.com	f.vimeocdn.com
2	www.googletagmanager.com	frontend.cdn.splashthat.com www.googletagmanager.com
2	api.splashthat.com	frontend.cdn.splashthat.com
2	player.vimeo.com	events.extrahop.com
1	driftt.imgix.net
1	beacon.krxd.net	js.adsrvr.org
1	usermatch.krxd.net	1 redirects
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	insight.adsrvr.org	1 redirects
1	j.6sc.co	events.extrahop.com
1	fonts.gstatic.com	www.google.com
1	analytics.twitter.com	events.extrahop.com
1	t.co	events.extrahop.com
1	web.chtbl.com	ext.chtbl.com
1	px4.ads.linkedin.com	events.extrahop.com
1	www.linkedin.com	1 redirects
1	analytics.google.com	www.googletagmanager.com
1	ext.chtbl.com	events.extrahop.com
1	vimeo.com	f.vimeocdn.com
1	adresults-5-adswizz.attribution.adswizz.com	1 redirects
1	px.airpr.com	events.extrahop.com
1	static.ads-twitter.com	events.extrahop.com
1	p0.extrahopping.net	events.extrahop.com
1	img.en25.com	events.extrahop.com
1	snap.licdn.com	www.googletagmanager.com
1	api-js.datadome.co	js.datadome.co
1	splashthat.com	frontend.cdn.splashthat.com
1	js.datadome.co	events.extrahop.com
1	d3m889aznlr23d.cloudfront.net	events.extrahop.com
1	third-party-tracking-manager.services.splashthat.com	frontend.cdn.splashthat.com
1	cdn-prod.splashthat.com	events.extrahop.com
1	app.wiredata.extrahop.com	1 redirects
241	65

This site contains links to these domains. Also see Links.

Domain
support.splashthat.com
carahevents.carahsoft.com
go.splashthat.com
splashthat.com
howtobuildarocksolidagileevent.splashthat.com
www.extrahop.com

Subject Issuer	Validity	Valid
events.extrahop.com R3	`2023-03-03` - `2023-06-01`	3 months	crt.sh
frontend.cdn.splashthat.com R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
splashthat.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh
third-party-tracking-manager.services.splashthat.com R3	`2023-04-25` - `2023-07-24`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2022-10-13` - `2023-10-21`	a year	crt.sh
prod-api.splashthat.com R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-03-21` - `2023-06-20`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-03-01` - `2023-09-21`	7 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-10` - `2023-05-11`	3 months	crt.sh
p0.extrahopping.net R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.airpr.com Amazon RSA 2048 M02	`2023-02-21` - `2023-12-07`	10 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2022-09-21` - `2023-09-20`	a year	crt.sh
ext.chtbl.com Amazon RSA 2048 M01	`2023-02-23` - `2023-12-22`	10 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
*.t.eloqua.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-04-10`	a year	crt.sh
web.chtbl.com Amazon RSA 2048 M02	`2023-02-21` - `2024-01-28`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
6sc.co R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M02	`2022-12-14` - `2024-01-13`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-05` - `2024-04-05`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Frame ID: 9651DBA4A50BED77C9F09DB61CABD4F6
Requests: 102 HTTP requests in this frame

Frame: https://player.vimeo.com/video/401395656
Frame ID: 99B014D4E9AF7666FEDA2A8003544670
Requests: 11 HTTP requests in this frame

Frame: https://player.vimeo.com/video/401395656
Frame ID: 19823AEC68832996CB1D06019953E50C
Requests: 12 HTTP requests in this frame

Frame: https://cdn-prod.splashthat.com/events/loadGaTrackingForVanityUrl/458659821/revealxhunterchallenge-may
Frame ID: A980FB9B7F7D048184F460BAE933F0E9
Requests: 6 HTTP requests in this frame

Frame: https://splashthat.com/tuning-fork-redirect/revealxhunterchallenge-may.splashthat.com
Frame ID: 2EEBA74DA95359AB1931B07127D2F703
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTTRUTAAAAAFAKqaR-uZdDtmV97lyAbP3SL0p4&co=aHR0cHM6Ly9ldmVudHMuZXh0cmFob3AuY29tOjQ0Mw..&hl=en&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=fff16ffhdm67
Frame ID: F79F65D9DFF9F4F539D3F357F2419E52
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2B8F0F708CE145EA1FE0073CD0A576F8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9C9CAB3BCB14A2717DB5B0FC7A02D762
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=1h-hbVSJRMOQsmO_2qL9cO0z&k=6LdTTRUTAAAAAFAKqaR-uZdDtmV97lyAbP3SL0p4
Frame ID: 4BBB2249BA5E21B05E46705395CAC3CC
Requests: 3 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
Frame ID: B5085750BD5409307F3446CD798C1F5A
Requests: 42 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
Frame ID: B6DAE312268ED39CDFEE228A6396E41A
Requests: 39 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=2fvosvc&ref=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&upid=nhxwmcz&upv=1.1.0
Frame ID: 108FA7B472AD31F7F7B19277A90B2F14
Requests: 2 HTTP requests in this frame

Frame: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5644655d-686f-48db-82c0-58ce8b4de724
Frame ID: 15F5C5FB95239D64DA01D8361DE848EF
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Frame ID: 83D634E0BF6E6674EAE64A3552C99641
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-AaYCHDxE2uL6Zg.ONICQ_NtM61L.RCQ-~A&gdpr=0
Frame ID: 0E18F9E3579DBFDFDFBEADE3D91CE0CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Reveal (x) Hunter Challenge - May

Page URL History Show full URLs

https://app.wiredata.extrahop.com/e/er?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email... HTTP 302
https://s1701.t.eloqua.com/e/er?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email... HTTP 302
https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-in... Page URL

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

241
Requests

98 %
HTTPS

36 %
IPv6

38
Domains

65
Subdomains

47
IPs

4
Countries

9977 kB
Transfer

20053 kB
Size

47
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://support.splashthat.com/hc/en-us/articles/360037826112
Title: How do I resize an iFrame?

Search URL Search Domain Scan URL

URL: https://support.splashthat.com/hc/en-us/articles/360037963911
Title: What's the difference between iFrame elements and Video elements?

Search URL Search Domain Scan URL

URL: https://support.splashthat.com/hc/en-us/articles/115001470363
Title: How do I embed webinars or livestreams using an iFrame element?

Search URL Search Domain Scan URL

URL: https://support.splashthat.com/hc/en-us/articles/360041483332
Title: What can I embed using an iframe into Splash?

Search URL Search Domain Scan URL

URL: https://carahevents.carahsoft.com/Event/Details/355458-cpemay17
Title: click here.

Search URL Search Domain Scan URL

URL: http://go.splashthat.com/rs/985-MUN-268/images/EB-A-Guide-to-Agile-Event-Programs.pdf
Title: Download

Search URL Search Domain Scan URL

URL: https://splashthat.com/webinars/how-to-manage-events-in-crisis-mode
Title: Register

Search URL Search Domain Scan URL

URL: https://howtobuildarocksolidagileevent.splashthat.com/
Title: Watch now

Search URL Search Domain Scan URL

URL: https://www.extrahop.com/
Title: ExtraHop.com

Search URL Search Domain Scan URL

URL: https://splashthat.com/sites/view/hunterchallengetest.splashthat.com?csrfToken=ac62907e446bf262fd1e8ceda2a682c1&touchpointType=page&cmsPage=1
Title: ExtraHop.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.wiredata.extrahop.com/e/er?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=&s=1701&lid=6015&elqTrackId=62e9c28b4b1d47848e050faf14cb23f2&elq=193d8337d28d4d62a6fafed525a00b54&elqaid=7154&elqat=1 HTTP 302
https://s1701.t.eloqua.com/e/er?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=&s=1701&lid=6015&elqTrackId=62e9c28b4b1d47848e050faf14cb23f2&elq=193d8337d28d4d62a6fafed525a00b54&elqaid=7154&elqat=1 HTTP 302
https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://adresults-5-adswizz.attribution.adswizz.com/fire?pixelId=05838ba9-d56a-4bcc-8833-375b3a214e10&type=sitevisit&subtype=HomePage&aw_0_req.gdpr=true HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2994&partner_device_id=f2df6daa05bd179de0a918602a3212ee HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=f2df6daa05bd179de0a918602a3212ee

Request Chain 98

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=939092%2C1347020&time=1683212164665&url=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=939092%2C1347020&time=1683212164665&url=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D939092%252C1347020%26time%3D1683212164665%26url%3Dhttps%253A%252F%252Fevents.extrahop.com%252Frevealxhunterchallenge-may%253Futm_campaign%253D2023-q2-may-hunter-challenge-natl-inv-em2%2526utm_medium%253Demail%2526utm_source%253DEloqua%2526utm_version%253D%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=939092%2C1347020&time=1683212164665&url=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=939092%2C1347020&time=1683212164665&url=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLsJPxpzAyDMAAAAYfnQ1_K4vU-G4JAAerxRzkwZ2Mwpj3vKZILxT74RYW6SORfh0B0-TcG

Request Chain 130

https://dpx.airpr.com/px?hostname=events.extrahop.com&profile=699363&ga_account_id=UA-6551454-1&ga_account_type=UA&ga_c=128866291.1683212165&an=true HTTP 302
https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=20713649946 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D20713649946 HTTP 302
https://dpx.airpr.com/anpx?adnxs_uid=91697578740747193&airpr_id=20713649946

Request Chain 134

https://insight.adsrvr.org/track/up?adv=2fvosvc&ref=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&upid=nhxwmcz&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=2fvosvc&ref=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&upid=nhxwmcz&upv=1.1.0

Request Chain 194

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5644655d-686f-48db-82c0-58ce8b4de724 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5644655d-686f-48db-82c0-58ce8b4de724

Request Chain 195

https://dpm.demdex.net/ibs:dpid=903&dpuuid=5644655d-686f-48db-82c0-58ce8b4de724&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=5644655d-686f-48db-82c0-58ce8b4de724&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam

Request Chain 196

https://ups.analytics.yahoo.com/ups/55953/sync?uid=5644655d-686f-48db-82c0-58ce8b4de724&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=5644655d-686f-48db-82c0-58ce8b4de724&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-AaYCHDxE2uL6Zg.ONICQ_NtM61L.RCQ-~A&gdpr=0

241 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request revealxhunterchallenge-may Show response
events.extrahop.com/
Redirect Chain

https://app.wiredata.extrahop.com/e/er?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=&s=1701&lid=6015&elqTrackId=62e9c28b4b1d47848e050faf14cb...
https://s1701.t.eloqua.com/e/er?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=&s=1701&lid=6015&elqTrackId=62e9c28b4b1d47848e050faf14cb23f2&el...
https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

499 KB
81 KB

99ms
33ms

Document
text/html

54.84.134.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.134.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-134-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5d1d7a10980b6ea88789bb2500041c101761310753c0fdbbd1391f76f0f08cdb

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 3227
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 82305
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 May 2023 14:56:02 GMT
Fastly-Restarts: 1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Server: nginx
Strict-Transport-Security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: HIT
X-Cache-Hits: 1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Served-By: cache-iad-kiad7000034-IAD
X-Splash-Vanity: 1
X-Timer: S1683212163.840402,VS0,VS0,VE8
X-XSS-Protection: 1; mode=block
x-datadome: protected

Redirect headers

Cache-Control: no-store
Content-Length: 286
Content-Type: text/html; charset=utf-8
Date: Thu, 04 May 2023 14:56:01 GMT
Expires: -1
Location: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-Xss-Protection: 1; mode=block

GET
H2 200 tuning-fork-redirect.63ba914d8b54ca8de034.js Show response
frontend.cdn.splashthat.com/build/standalone/ 49 KB
15 KB 43ms
11ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.cdn.splashthat.com/build/standalone/tuning-fork-redirect.63ba914d8b54ca8de034.js

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2a4d5b124d496652a1221f58b24b407b196fc6002064a0e1173ea5619c586100

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: BmwJarqbJn4hv7Og6tt_l2bkx9exdPZY
content-encoding: gzip
via: 1.1 varnish
date: Thu, 04 May 2023 14:56:02 GMT
strict-transport-security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: 07WFAZ5SVPGRB7D5
age: 18644
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14780
x-amz-id-2: zWuEfCgzARVQwQVsFyQIbu7qJcNOMT41KxGxcUCwI0sEG0aSCcWSB8uP9RrfqX0+QraSkMLpQ7E=
x-served-by: cache-yul12830-YUL
last-modified: Mon, 17 Apr 2023 06:36:03 GMT
server: AmazonS3
x-timer: S1683212163.903652,VS0,VE0
etag: "c3900e4ec20b180d89fe1ef2be6b4026"
vary: Accept-Encoding
content-type: application/javascript
cache-control: Cache-Control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 21

GET
H2 200 splash-page.82dc1559e562b8f6de7f.css
frontend.cdn.splashthat.com/build/standalone/ 98 KB
12 KB 42ms
10ms Stylesheet
text/css 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.cdn.splashthat.com/build/standalone/splash-page.82dc1559e562b8f6de7f.css

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

72341babd18eb9c8af83b037034963de32d7a940057aab295862b9835f50d570

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: ECfpsxU9F_Kczt_gMRsn0YO.TLYkceFG
content-encoding: gzip
via: 1.1 varnish
date: Thu, 04 May 2023 14:56:02 GMT
strict-transport-security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: EMGDN8JYD1SES1Z2
age: 17289
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12026
x-amz-id-2: Nalr99wlw9P8yp+q5xvkAwe592Q2xDZUtB8Y/V9a5ih6UQSQ+ieanmm32MOrVAgSFoZDIQlSvnA=
x-served-by: cache-yul12830-YUL
last-modified: Mon, 24 Apr 2023 06:37:01 GMT
server: AmazonS3
x-timer: S1683212163.903387,VS0,VE0
etag: "22e79f80b2ecc034fca9f0790aba57c1"
vary: Accept-Encoding
content-type: text/css
cache-control: Cache-Control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 2562

GET
H/1.1 200
OK shared-vendor.bundle.css
events.extrahop.com/css/dist/ 148 KB
30 KB 82ms
37ms Stylesheet
text/css 54.84.134.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.extrahop.com/css/dist/shared-vendor.bundle.css?_v=cda7750793b7001b6f73d5ed72bf15f1

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.134.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-134-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ced579132dc68cfbac32e7d525ddb86d031a97c9d9d043789078ada005e58102

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Expires: Thu, 11 May 2023 13:18:05 GMT
Date: Thu, 04 May 2023 14:56:02 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Strict-Transport-Security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Splash-Vanity: 1
Age: 4519
X-Cache: HIT
Connection: keep-alive
Content-Length: 29658
X-Served-By: cache-iad-kcgs7200175-IAD
Pragma: public
Last-Modified: Tue, 25 Apr 2023 18:37:20 GMT
Server: nginx
X-Timer: S1683212163.929240,VS0,VE1
ETag: W/"64481de0-24f60"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK shared.bundle.css
events.extrahop.com/css/dist/ 392 KB
78 KB 72ms
27ms Stylesheet
text/css 54.84.134.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.extrahop.com/css/dist/shared.bundle.css?_v=bfd97a991789aba46f6543067a9dabb9

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.134.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-134-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5f40fce121184f0489066d5129f35bb881482979c349f9d8ff7352e905e492a1

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Expires: Thu, 11 May 2023 13:07:50 GMT
Date: Thu, 04 May 2023 14:56:02 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Strict-Transport-Security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Splash-Vanity: 1
Age: 5878
X-Cache: HIT
Connection: keep-alive
Content-Length: 79122
X-Served-By: cache-iad-kiad7000173-IAD
Pragma: public
Last-Modified: Tue, 25 Apr 2023 18:37:20 GMT
Server: nginx
X-Timer: S1683212163.926137,VS0,VE1
ETag: W/"64481de0-62117"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK cms-page-preview.bundle.css
events.extrahop.com/css/dist/ 967 B
1 KB 73ms
28ms Stylesheet
text/css 54.84.134.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.extrahop.com/css/dist/cms-page-preview.bundle.css?_v=ae66e31f4433d2eefeb05fc52329d414

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.134.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-134-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2c8a80b5a25ba6c81d389714f5070c89b46702ecbe02b62dc9de0d5f25e41d97

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Expires: Thu, 11 May 2023 13:07:50 GMT
Date: Thu, 04 May 2023 14:56:02 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Strict-Transport-Security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Splash-Vanity: 1
Age: 5878
X-Cache: HIT
Connection: keep-alive
Content-Length: 378
X-Served-By: cache-iad-kjyo7100118-IAD
Pragma: public
Last-Modified: Tue, 25 Apr 2023 18:37:20 GMT
Server: nginx
X-Timer: S1683212163.927157,VS0,VE1
ETag: W/"64481de0-3c7"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK baseLibs.bundle.js Show response
events.extrahop.com/lgcy/ 776 KB
244 KB 113ms
68ms Script
application/javascript 54.84.134.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.extrahop.com/lgcy/baseLibs.bundle.js?_v=adfa0b3a9b955272ca82bfb134d53141

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.134.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-134-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7c1dbd10d934d537e32ee89d4e57a9c5b29db9a8d88a1b4e79866d371661d725

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Expires: Thu, 11 May 2023 14:56:02 GMT
Date: Thu, 04 May 2023 14:56:02 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Strict-Transport-Security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Splash-Vanity: 1
Age: 0
X-Cache: MISS
Connection: keep-alive
Content-Length: 249070
X-Served-By: cache-ewr18135-EWR
Pragma: public
Last-Modified: Mon, 01 May 2023 21:32:47 GMT
Server: nginx
X-Timer: S1683212163.940777,VS0,VE25
ETag: W/"64502fff-c21a8"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK thirdPartyTrackerTriggers.bundle.js Show response
events.extrahop.com/lgcy/ 1 KB
1 KB 72ms
27ms Script
application/javascript 54.84.134.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.extrahop.com/lgcy/thirdPartyTrackerTriggers.bundle.js?_v=14737568307e4776b21ab7bda65a3879

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.134.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-134-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

84d270bdb66380b47de9c92ebf028d4b9a73ca362a535d142bc2d0bb22a5bb92

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Expires: Thu, 11 May 2023 13:07:50 GMT
Date: Thu, 04 May 2023 14:56:02 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Strict-Transport-Security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Splash-Vanity: 1
Age: 5878
X-Cache: HIT
Connection: keep-alive
Content-Length: 538
X-Served-By: cache-iad-kcgs7200174-IAD
Pragma: public
Last-Modified: Tue, 25 Apr 2023 18:39:54 GMT
Server: nginx
X-Timer: S1683212163.927010,VS0,VE1
ETag: W/"64481e7a-477"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK 1631142052.png
d24wuq6o951i2g.cloudfront.net/org-logos/2869/ 8 KB
9 KB 69ms
19ms Image
image/png 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/org-logos/2869/1631142052.png
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c32ca706e12a05b989a428a8727d3b4d46275d18154fd98d7590f05f1450894

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 17:20:56 GMT
x-amz-version-id: null
Via: 1.1 d98647edce17345f3d148190339e9d8c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 8112908
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 8635
Last-Modified: Wed, 29 Jun 2022 02:03:15 GMT
Server: AmazonS3
ETag: "b0d4af140532d98d6df2b815d84b7a65"
Content-Type: image/png
Cache-Control: max-age=25920000
Accept-Ranges: bytes
X-Amz-Cf-Id: 2o7L4FTWbvGFHKqPnrWbIp9bxitdRUpvJMgq7DR2B1ri9Srvdd2UmQ==

GET
H/1.1 200
OK 1631142045.png
d24wuq6o951i2g.cloudfront.net/org-logos/2869/ 11 KB
12 KB 67ms
17ms Image
image/png 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/org-logos/2869/1631142045.png
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 225147eb708f88bd6b3e6f4213019dd17fb6b0c400285b9bfb0b42400600cdf3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 17:20:56 GMT
x-amz-version-id: null
Via: 1.1 b33e91c066f49dc7c18162b9a344e266.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 8112908
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 11228
Last-Modified: Wed, 29 Jun 2022 02:03:13 GMT
Server: AmazonS3
ETag: "33e05de3e9d6fd19f311b40a16947bbb"
Content-Type: image/png
Cache-Control: max-age=25920000
Accept-Ranges: bytes
X-Amz-Cf-Id: Ve6ozWG9FD-QPFUfGSM1H0PMFD6oyNqIjS4DAuWBgUA61GYCj5m9rg==

GET
H/1.1 200
OK google-icon.svg
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 1 KB
1 KB 68ms
19ms Image
image/svg+xml 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/google-icon.svg
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9d9831d621296d3c12a4976576e9cebe816b549ef516b33ecdbd11d3e39da25

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 15:21:08 GMT
x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 4923296
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Wed, 15 Feb 2023 22:51:06 GMT
Server: AmazonS3
ETag: W/"8b4fe373e7821d08a76956db55c22f3f"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=25920000
X-Amz-Cf-Id: Q3WwL-fFmMMSeSfrrfm7yjr_4W1iEknS8hPDwlkquODoMmuBP-pSFw==

GET
H/1.1 200
OK outlook-icon.svg
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 2 KB
2 KB 69ms
19ms Image
image/svg+xml 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/outlook-icon.svg
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8dbd8021424c9f3069bd131360bb5f7e6421c4039fd284f750978cc4cc557aad

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 15:21:08 GMT
x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 578ec28f8e6f7c6503e2a4d2ab7532a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 4923296
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Wed, 15 Feb 2023 22:51:30 GMT
Server: AmazonS3
ETag: W/"2f44b4eee1715ea6e3b2adfd94ec194d"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=25920000
X-Amz-Cf-Id: Pr8b4yje-bjqYJyZGwFmi9jseir8GIV_nFSmLOWzC4mGwjaW8NPBaQ==

GET
H/1.1 200
OK apple-icon.svg
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 1 KB
1 KB 69ms
20ms Image
image/svg+xml 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/apple-icon.svg
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3179f4e154e785ff1de37f634d3ceaba3bf116bef703bb2709b6e11b76c6a5ea

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 15:21:08 GMT
x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 079cd4553da15b2329bffae6abe6157e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 4923296
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Wed, 15 Feb 2023 22:52:48 GMT
Server: AmazonS3
ETag: W/"ed7d2afe5ef9d61fafb2ecb4a64d357a"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=25920000
X-Amz-Cf-Id: Gdb4cVdk0tf5aoW56NXYolD5JXRnmkWsBU-YD3ZCyAskT-wLMNfR7g==

GET
H/1.1 200
OK yahoo-icon.svg
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 544 B
1 KB 67ms
17ms Image
image/svg+xml 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/yahoo-icon.svg
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e9dc0974276e9c5a4349969060086d62f56f3eb18b0c3efb45c415fd9efeacd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 15:21:08 GMT
x-amz-version-id: null
Via: 1.1 54a56da0fe0bae919389c7d572d4720e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 4923296
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 544
Last-Modified: Wed, 15 Feb 2023 22:53:35 GMT
Server: AmazonS3
ETag: "5a8e113e7198ab2c7f0c40bac5f96da0"
Content-Type: image/svg+xml
Cache-Control: max-age=25920000
Accept-Ranges: bytes
X-Amz-Cf-Id: hWT62VthB4o0P06lmWHAW99BuvrHT12r6fPzqcdrYq9Va7B6Oi0sHg==

GET
H2 200 third-party-tracking-manager.eaf6803f7b5a6acdc589.js Show response
frontend.cdn.splashthat.com/build/standalone/ 169 KB
50 KB 10ms
10ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.cdn.splashthat.com/build/standalone/third-party-tracking-manager.eaf6803f7b5a6acdc589.js

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3fc96299b7f1ed04ffb51b8a2bc8a6967e52dec387ad495f5b3c72b2fc090e0

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: C.kdeFFWInQv6w.jGd1ZyYPwjB0TkHnb
content-encoding: gzip
via: 1.1 varnish
date: Thu, 04 May 2023 14:56:02 GMT
strict-transport-security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: EMGA7GA0QBGW0JCD
age: 13157
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 51298
x-amz-id-2: AYGbb5nsSxQBUPXnlgXwB31FddrpsoldYmGgnENxSKhb9t6bAVRj5y176gP068xpqCe+aIVzlSg=
x-served-by: cache-yul12830-YUL
last-modified: Mon, 24 Apr 2023 06:37:01 GMT
server: AmazonS3
x-timer: S1683212163.990403,VS0,VE0
etag: "20e1478a140eaa9f0daa038965c827fb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: Cache-Control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 2254

GET
H2 200 splash-page.455bcd5656011ebd9be0.js Show response
frontend.cdn.splashthat.com/build/standalone/ 2 MB
443 KB 12ms
11ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.cdn.splashthat.com/build/standalone/splash-page.455bcd5656011ebd9be0.js

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7ece6fc578f4db409633afcac974480ce471dea8306d96368a5491cb20badd25

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: IgYt_Zdu8sY.IRcddgt3jn7Q0Kdcxp4G
content-encoding: gzip
via: 1.1 varnish
date: Thu, 04 May 2023 14:56:03 GMT
strict-transport-security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: NVJ28PJ8F82JDWQB
age: 18644
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 453033
x-amz-id-2: d/sEQA0dph59vIgycIh1NNtgz24lKREGB5LZM+ZzGpj9wq0He2EWfL/VZIzfbBy89lD0vNbXdpI=
x-served-by: cache-yul12830-YUL
last-modified: Mon, 24 Apr 2023 06:37:00 GMT
server: AmazonS3
x-timer: S1683212163.011831,VS0,VE1
etag: "56983c6ada13e6cbc104e27609e4d307"
vary: Accept-Encoding
content-type: application/javascript
cache-control: Cache-Control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK baseLibs.js Show response
events.extrahop.com/lgcy/ 58 KB
18 KB 26ms
25ms Script
application/javascript 54.84.134.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.extrahop.com/lgcy/baseLibs.js?_v=3171ecfb73167b4e41ec4aba79f51be0

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.134.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-134-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cb352a51153abd4ed400505d9aae536549d65a2abbab9948fb7e597442914266

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Expires: Thu, 11 May 2023 13:40:45 GMT
Date: Thu, 04 May 2023 14:56:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Strict-Transport-Security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Splash-Vanity: 1
Age: 3155
X-Cache: HIT
Connection: keep-alive
Content-Length: 18068
X-Served-By: cache-iad-kiad7000061-IAD
Pragma: public
Last-Modified: Tue, 25 Apr 2023 18:37:20 GMT
Server: nginx
X-Timer: S1683212163.088102,VS0,VE1
ETag: W/"64481de0-e90d"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK sui.bundle.js Show response
events.extrahop.com/lgcy/ 366 KB
96 KB 44ms
44ms Script
application/javascript 54.84.134.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.extrahop.com/lgcy/sui.bundle.js?_v=be579f256868be6379b813a4cb44e4ab

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.134.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-134-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

708bd3f42169bef9812ebc56ee9ec56b84214824718c5ad13c3bc04c441a5934

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Expires: Wed, 10 May 2023 15:32:26 GMT
Date: Thu, 04 May 2023 14:56:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Strict-Transport-Security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Splash-Vanity: 1
Age: 72139
X-Cache: HIT
Connection: keep-alive
Content-Length: 98086
X-Served-By: cache-nyc-kteb1890047-NYC
Pragma: public
Last-Modified: Tue, 25 Apr 2023 18:40:42 GMT
Server: nginx
X-Timer: S1683212163.158353,VS0,VE0
ETag: W/"64481eaa-5b801"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
X-Cache-Hits: 2

GET
H/1.1 200
OK legacySui.js Show response
events.extrahop.com/lgcy/ 15 KB
5 KB 28ms
27ms Script
application/javascript 54.84.134.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.extrahop.com/lgcy/legacySui.js?_v=bcb249dc7a8407781a3d64966f1c0cec

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.134.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-134-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

23d692ce8542baf7661710f69ce7e6c4b8e3e2a9e36af5c4f2907f4202add42a

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Expires: Thu, 11 May 2023 13:18:05 GMT
Date: Thu, 04 May 2023 14:56:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Strict-Transport-Security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Splash-Vanity: 1
Age: 4518
X-Cache: HIT
Connection: keep-alive
Content-Length: 4800
X-Served-By: cache-iad-kiad7000128-IAD
Pragma: public
Last-Modified: Tue, 25 Apr 2023 18:37:20 GMT
Server: nginx
X-Timer: S1683212163.214723,VS0,VE1
ETag: W/"64481de0-3ccd"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK cmsShared.js Show response
events.extrahop.com/lgcy/ 74 KB
23 KB 29ms
27ms Script
application/javascript 54.84.134.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.extrahop.com/lgcy/cmsShared.js?_v=3655f9d21e58a7ff325fdfbe123f28af

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.134.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-134-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f696b024c2e2dbfbbac0d9eb5f2ebaf5d525101bd46d3a37a96a974f3832ea62

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Expires: Thu, 11 May 2023 13:07:50 GMT
Date: Thu, 04 May 2023 14:56:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Strict-Transport-Security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Splash-Vanity: 1
Age: 5877
X-Cache: HIT
Connection: keep-alive
Content-Length: 23312
X-Served-By: cache-iad-kjyo7100086-IAD
Pragma: public
Last-Modified: Tue, 25 Apr 2023 18:37:20 GMT
Server: nginx
X-Timer: S1683212163.215021,VS0,VE3
ETag: W/"64481de0-126c7"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK cmsShared.bundle.js Show response
events.extrahop.com/lgcy/ 52 KB
21 KB 48ms
46ms Script
application/javascript 54.84.134.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.extrahop.com/lgcy/cmsShared.bundle.js?_v=8648e03209af73ed6915f0f256cc13c9

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.134.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-134-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fd158ceeeb440d6ba2efdd9ec9c6f88a1af0c6799c9cbbbc0b6115148ee43282

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Expires: Mon, 08 May 2023 06:54:56 GMT
Date: Thu, 04 May 2023 14:56:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Strict-Transport-Security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Splash-Vanity: 1
Age: 284536
X-Cache: HIT
Connection: keep-alive
Content-Length: 20381
X-Served-By: cache-nyc-kteb1890052-NYC
Pragma: public
Last-Modified: Tue, 25 Apr 2023 18:40:31 GMT
Server: nginx
X-Timer: S1683212163.230781,VS0,VE1
ETag: W/"64481e9f-d1a7"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK cmsPagePreview.bundle.js Show response
events.extrahop.com/lgcy/ 955 KB
286 KB 31ms
29ms Script
application/javascript 54.84.134.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.extrahop.com/lgcy/cmsPagePreview.bundle.js?_v=c500850d12cd6cbf4f303d266ed5c799

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.134.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-134-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c7e960027852a054edec0a6d2fba34c738834d22cab8ac9eedd29ec590174634

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Expires: Thu, 11 May 2023 14:51:09 GMT
Date: Thu, 04 May 2023 14:56:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Strict-Transport-Security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Splash-Vanity: 1
Age: 294
X-Cache: HIT
Connection: keep-alive
Content-Length: 291824
X-Served-By: cache-iad-kcgs7200138-IAD
Pragma: public
Last-Modified: Tue, 25 Apr 2023 18:41:03 GMT
Server: nginx
X-Timer: S1683212163.217710,VS0,VE2
ETag: W/"64481ebf-eebe2"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK 401395656 Show response
player.vimeo.com/video/ Frame 99B0 20 KB
9 KB 255ms
195ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/401395656

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e259e52dff8b3d968670b02d9a94a07d756e3de8a17eaf2bd4a3089a93ae431

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app/ https://.hivestreaming.com/ https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://events.extrahop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 7c2196948e67549d-YYZ
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 May 2023 14:56:03 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-yyz4550-YYZ
X-Timer: S1683212163.300468,VS0,VE127
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://*.hivestreaming.com/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://*.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-6f95f5887b-g427c
x-content-type-options: nosniff
x-host: player-backend-6f95f5887b-g427c
x-player-backend: g
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 401395656 Show response
player.vimeo.com/video/ Frame 1982 20 KB
9 KB 228ms
172ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/401395656

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a307487b01c3e8b77f662cdda35a89a512966eee3969b1d07e1e59c368d33172

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app/ https://.hivestreaming.com/ https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://events.extrahop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 7c2196948b41a211-YYZ
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 May 2023 14:56:03 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-yyz4576-YYZ
X-Timer: S1683212163.299652,VS0,VE132
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://*.hivestreaming.com/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://*.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-6f95f5887b-26pdx
x-content-type-options: nosniff
x-host: player-backend-6f95f5887b-26pdx
x-player-backend: g
x-xss-protection: 1; mode=block

GET
H2 200 revealxhunterchallenge-may Show response
cdn-prod.splashthat.com/events/loadGaTrackingForVanityUrl/458659821/ Frame A980 948 B
1 KB 50ms
17ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.splashthat.com/events/loadGaTrackingForVanityUrl/458659821/revealxhunterchallenge-may

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a9973d5c67fb6ce2a3c689ea14cb46ab6bb4f6a65790462056d9d4a0b911642b

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://events.extrahop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 293
content-encoding: gzip
content-length: 584
content-type: text/html; charset=UTF-8
date: Thu, 04 May 2023 14:56:03 GMT
fastly-restarts: 1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
strict-transport-security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-datadome: protected
x-served-by: cache-yul12822-YUL
x-timer: S1683212163.262791,VS0,VS0,VE5
x-xss-protection: 1; mode=block

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 121ms
74ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://events.extrahop.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 04 May 2023 14:56:03 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
141 B 77ms
74ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: frontend.cdn.splashthat.com
URL: https://frontend.cdn.splashthat.com/build/standalone/third-party-tracking-manager.eaf6803f7b5a6acdc589.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://events.extrahop.com/
Bugsnag-Sent-At: 2023-05-04T14:56:03.280Z
accept-language: en-CA,en;q=0.9
Bugsnag-Api-Key: a5edc2d9646c0fd0d4c94866c01f005f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 04 May 2023 14:56:03 GMT
via: 1.1 google
bugsnag-session-uuid: 27f4da45-8ff5-414b-8d24-41a4ddbcccf5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H/1.1 200
OK trackers Show response
third-party-tracking-manager.services.splashthat.com/api/v1/events/458659821/ 355 B
722 B 84ms
26ms XHR
application/json 54.163.130.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://third-party-tracking-manager.services.splashthat.com/api/v1/events/458659821/trackers

Requested by

Host: frontend.cdn.splashthat.com
URL: https://frontend.cdn.splashthat.com/build/standalone/third-party-tracking-manager.eaf6803f7b5a6acdc589.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.163.130.149 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-163-130-149.compute-1.amazonaws.com

Software

Resource Hash

a2db11674d2eaa22a5ce39346b7cc14005d0d8845d8e4830e1d5026f51ce04de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://events.extrahop.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 04 May 2023 14:56:03 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Via: kong/2.3.3
ETag: W/"163-U5vFgDQ6g4LlvLsbQ7UT3Z5QqLk"
X-Kong-Proxy-Latency: 1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
X-Kong-Upstream-Latency: 2
Connection: keep-alive
Content-Length: 355

GET
H/1.1 200
OK 7cd17ad76811418023758e702bb1e9ed.red-vs-blue-hero-compressed.gif
d24wuq6o951i2g.cloudfront.net/img/events/id/458/458259019/assets/ 5 MB
5 MB 24ms
24ms Image
image/gif 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/events/id/458/458259019/assets/7cd17ad76811418023758e702bb1e9ed.red-vs-blue-hero-compressed.gif
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d21a6467dc31aad2162ecae9e468d76ca8cbb379b20fa323b6293038b347ab3d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 21:28:10 GMT
x-amz-version-id: null
Via: 1.1 079cd4553da15b2329bffae6abe6157e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 1272474
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 5338459
Last-Modified: Wed, 29 Jun 2022 03:38:56 GMT
Server: AmazonS3
ETag: "27ca10f7deeea4ded7eceeaefd1ed5fe"
Content-Type: image/gif
Cache-Control: max-age=25920000
Accept-Ranges: bytes
X-Amz-Cf-Id: zTgYQedKK-74Y421XziyIRQEDCxevq07rdrzphdH1qJFUFESCCeI6w==

GET
H/1.1 200
OK 250155713a0d5b64715a3e07dfb9c0d2.Hunter.png
d24wuq6o951i2g.cloudfront.net/img/events/id/458/458259019/assets/ 1 KB
2 KB 19ms
19ms Image
image/png 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/events/id/458/458259019/assets/250155713a0d5b64715a3e07dfb9c0d2.Hunter.png
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 344183d4edc963489b98be0e77b7f3b72af953a5b212075fc8352e34c9365726

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 21:28:10 GMT
x-amz-version-id: null
Via: 1.1 578ec28f8e6f7c6503e2a4d2ab7532a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 1272474
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1400
Last-Modified: Wed, 29 Jun 2022 03:38:56 GMT
Server: AmazonS3
ETag: "68249ef342a357cdf7384cee9cd89d0a"
Content-Type: image/png
Cache-Control: max-age=25920000
Accept-Ranges: bytes
X-Amz-Cf-Id: kuyjIXlLZqYSvbu_p4wLGPyglX1toyr9lDcVYlzCugbY8q2udkIXJQ==

GET
H/1.1 200
OK 681bb15b2637e52b066f3d4143d24de9.Lunch.png
d24wuq6o951i2g.cloudfront.net/img/events/id/458/458259019/assets/ 1 KB
2 KB 20ms
19ms Image
image/png 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/events/id/458/458259019/assets/681bb15b2637e52b066f3d4143d24de9.Lunch.png
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2bdf77d58d4182e17faa927db22348817f9f0f30de7561d45dce06ccd55d7ca

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 21:28:10 GMT
x-amz-version-id: null
Via: 1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 1272474
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1103
Last-Modified: Wed, 29 Jun 2022 03:38:55 GMT
Server: AmazonS3
ETag: "56e2c539003f3a9e85df06526d5c6cab"
Content-Type: image/png
Cache-Control: max-age=25920000
Accept-Ranges: bytes
X-Amz-Cf-Id: llE5p2Gdz0DhFk5mQTyBJYwqHjE20IrbI1T7R9ER-QZQ_Gi96n2mjQ==

GET
H/1.1 200
OK 1bcfef8df6d68c5be419b7a764de0240.Cash.png
d24wuq6o951i2g.cloudfront.net/img/events/id/458/458259019/assets/ 1 KB
2 KB 21ms
20ms Image
image/png 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/events/id/458/458259019/assets/1bcfef8df6d68c5be419b7a764de0240.Cash.png
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc36bfc030463ebd7c7f975e9e130f1039cbb9c42ec4f17234483946e301ee9c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 21:28:10 GMT
x-amz-version-id: null
Via: 1.1 54a56da0fe0bae919389c7d572d4720e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 1272474
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1317
Last-Modified: Wed, 29 Jun 2022 03:38:56 GMT
Server: AmazonS3
ETag: "044aba6686c3f835027c632c1f37f705"
Content-Type: image/png
Cache-Control: max-age=25920000
Accept-Ranges: bytes
X-Amz-Cf-Id: VLZUmgfcH5DvxTo2IerRMQFbxUNjv6deW6EUs1G1cvGCK9b6TdwG8Q==

GET
H2 200 4653c01045a91eeba3206945b0cf3b39.stackedregandqasv4bandw-copy.png
d3m889aznlr23d.cloudfront.net/img/events/id/458/458623088/assets/ 38 KB
39 KB 88ms
22ms Image
image/png 2600:9000:202c:ee00:d:9239:1640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3m889aznlr23d.cloudfront.net/img/events/id/458/458623088/assets/4653c01045a91eeba3206945b0cf3b39.stackedregandqasv4bandw-copy.png
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:ee00:d:9239:1640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69ae756b57c1931e9368ccef6503e6fe4c12849eb1a267016a0c69e15680fb89

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 15:29:04 GMT
x-amz-version-id: null
via: 1.1 7b6b24479d403ba8e499b225c726a688.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C2
age: 170819
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 39002
last-modified: Mon, 13 Feb 2023 17:14:51 GMT
server: AmazonS3
etag: "81e378f1dc560fd606e81e6563bf8421"
content-type: image/png
cache-control: max-age=25920000
accept-ranges: bytes
x-amz-cf-id: 8ZeHExRTmbzwsIcO1vQisL4arKfHCWA2jLM4K246a30DdP02oGEVAw==

GET
H/1.1 200
OK burst-tile.png
d24wuq6o951i2g.cloudfront.net/images/ 1 KB
2 KB 20ms
19ms Image
image/png 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24wuq6o951i2g.cloudfront.net/images/burst-tile.png
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/css/dist/shared.bundle.css?_v=bfd97a991789aba46f6543067a9dabb9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a57a36856843347c611be4f82a4de24be9a90afc16cb8ac74e5824a111d78c17

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 09:01:27 GMT
x-amz-version-id: null
Via: 1.1 d98647edce17345f3d148190339e9d8c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 1058077
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1048
Last-Modified: Wed, 29 Jun 2022 00:40:41 GMT
Server: AmazonS3
ETag: "eef11983c51c237e2e687e1559b749b2"
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: ZLgKbI0GHO0yhG4Lo8BbkWPcMDWbiwVI3ZwWemc6loJAtV6_YCBKKA==

GET
H/1.1 200
OK Lato-Bold.woff2
d24wuq6o951i2g.cloudfront.net/assets/fonts/ 181 KB
181 KB 57ms
17ms Font
binary/octet-stream 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/assets/fonts/Lato-Bold.woff2
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/css/dist/shared-vendor.bundle.css?_v=cda7750793b7001b6f73d5ed72bf15f1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6

Request headers

Referer: https://events.extrahop.com/
Origin: https://events.extrahop.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 23:06:54 GMT
x-amz-version-id: null
Via: 1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 8005750
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 184912
Last-Modified: Wed, 29 Jun 2022 00:40:38 GMT
Server: AmazonS3
ETag: "cccb897485813c7c256901dbca54ecf2"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Vary: Origin
Accept-Ranges: bytes
X-Amz-Cf-Id: 0kwHgZM-nDm3pz7md34PCCpf659b5BifLZKf5XAOCOEutPaohFQnxQ==

GET
H/1.1 200
OK kohtello-4f4af0df263554133f2ba494342fcfd9.woff2
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 47 KB
47 KB 57ms
18ms Font
binary/octet-stream 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/kohtello-4f4af0df263554133f2ba494342fcfd9.woff2
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/css/dist/shared-vendor.bundle.css?_v=cda7750793b7001b6f73d5ed72bf15f1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1340014dd0a0076fb5fd688f1e226dbb7b0717871a63e34a7d5fdc9ef16872d5

Request headers

Referer: https://events.extrahop.com/
Origin: https://events.extrahop.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 18:43:16 GMT
x-amz-version-id: null
Via: 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 3787968
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 47860
Last-Modified: Mon, 13 Mar 2023 20:09:08 GMT
Server: AmazonS3
ETag: "8cbf2170ebe68646151a4d845a018d2b"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=25920000
Vary: Origin
Accept-Ranges: bytes
X-Amz-Cf-Id: 1X9BKv1c3-vQN00M6XrvH-Anlp8qE1Bt3bN1zMwEKCzY5KU5luycOw==

GET
H/1.1 200
OK 1631142078.ttf
d24wuq6o951i2g.cloudfront.net/org-fonts/2869/ 74 KB
75 KB 58ms
18ms Font
application/octet-stream 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/org-fonts/2869/1631142078.ttf
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2278474be1e53293c09b556395000c00a886449e89aab06a2276c27d1378ff4e

Request headers

Referer: https://events.extrahop.com/
Origin: https://events.extrahop.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 19:01:41 GMT
x-amz-version-id: null
Via: 1.1 5a588475f9a075d76c33229107634f8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 7761263
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 75712
Last-Modified: Wed, 29 Jun 2022 02:03:09 GMT
Server: AmazonS3
ETag: "ff2b668b4f34a2c1c110e92ae1c01f56"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: max-age=25920000
Vary: Origin
Accept-Ranges: bytes
X-Amz-Cf-Id: -6TvmJohT4BrV1OmpCGlgBB3LV7nc0LI6dtRx8FXZfdW0fS2yCU6rw==

GET
H/1.1 200
OK 1631142064.ttf
d24wuq6o951i2g.cloudfront.net/org-fonts/2869/ 70 KB
71 KB 58ms
18ms Font
application/octet-stream 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/org-fonts/2869/1631142064.ttf
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04a4eecf2a074304c50bb59dace1b07b568d2f57f6ae5481bf676ee98ee5e814

Request headers

Referer: https://events.extrahop.com/
Origin: https://events.extrahop.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 18:29:40 GMT
x-amz-version-id: null
Via: 1.1 7bf47dc1c691ee43f7c8db83aa03a3cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 1196783
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 72000
Last-Modified: Wed, 29 Jun 2022 02:03:09 GMT
Server: AmazonS3
ETag: "99930ae20914193e574afddfce179428"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: max-age=25920000
Vary: Origin
Accept-Ranges: bytes
X-Amz-Cf-Id: SHSHd3Gl-FpAROMJTeV7XupiN6Byhhum-LsoNkb4qGEfPLzluUDYNA==

GET
H/1.1 200
OK 1631142096.ttf
d24wuq6o951i2g.cloudfront.net/org-fonts/2869/ 70 KB
71 KB 59ms
19ms Font
application/octet-stream 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/org-fonts/2869/1631142096.ttf
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1720955cb1752f38d3581bf68a490d1e97089dd6b1ca74cf416d45639eade97c

Request headers

Referer: https://events.extrahop.com/
Origin: https://events.extrahop.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 19:01:41 GMT
x-amz-version-id: null
Via: 1.1 86a640712a72b4264f1681744fa48612.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 7761263
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 71744
Last-Modified: Wed, 29 Jun 2022 02:03:09 GMT
Server: AmazonS3
ETag: "dab08aa47b09844c8c82c5075046841f"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: max-age=25920000
Vary: Origin
Accept-Ranges: bytes
X-Amz-Cf-Id: QO-YOseVP9XPnkPkqpaAcN46dzhXlsteVQuGLFXyhEmTe6ALyidBgw==

GET
H/1.1 200
OK Lato-Regular.woff2
d24wuq6o951i2g.cloudfront.net/assets/fonts/ 178 KB
179 KB 92ms
17ms Font
binary/octet-stream 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/assets/fonts/Lato-Regular.woff2
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/css/dist/shared-vendor.bundle.css?_v=cda7750793b7001b6f73d5ed72bf15f1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Request headers

Referer: https://events.extrahop.com/
Origin: https://events.extrahop.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 23:06:55 GMT
x-amz-version-id: null
Via: 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 8005749
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 182708
Last-Modified: Wed, 29 Jun 2022 00:40:39 GMT
Server: AmazonS3
ETag: "bd03a2cc277bbbc338d464e679fe9942"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Vary: Origin
Accept-Ranges: bytes
X-Amz-Cf-Id: ckikmdZaNCBWphRR7OmRMd5-BvtqnjM9nwUjxuuCjBUlhrEgL7wRiA==

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 75ms
75ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://events.extrahop.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 04 May 2023 14:56:03 GMT
via: 1.1 google

POST
H3 202 / Show response
sessions.bugsnag.com/ 21 B
35 B 79ms
79ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: frontend.cdn.splashthat.com
URL: https://frontend.cdn.splashthat.com/build/standalone/splash-page.455bcd5656011ebd9be0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://events.extrahop.com/
Bugsnag-Sent-At: 2023-05-04T14:56:03.358Z
accept-language: en-CA,en;q=0.9
Bugsnag-Api-Key: a5edc2d9646c0fd0d4c94866c01f005f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 04 May 2023 14:56:03 GMT
via: 1.1 google
bugsnag-session-uuid: d0803d99-c7a3-4687-ac7c-53f041d072f9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 712.004eee5c.js Show response
frontend.cdn.splashthat.com/build/chunks/ 3 KB
2 KB 11ms
11ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.cdn.splashthat.com/build/chunks/712.004eee5c.js

Requested by

Host: frontend.cdn.splashthat.com
URL: https://frontend.cdn.splashthat.com/build/standalone/third-party-tracking-manager.eaf6803f7b5a6acdc589.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7a15500fcff5918dc623ad1db1bd81cb8d55f970a60853f215511318dd1eab3f

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: y0_k1M9PAhE0P8SdUsebFNs4z.pQxo7z
content-encoding: gzip
via: 1.1 varnish
date: Thu, 04 May 2023 14:56:03 GMT
strict-transport-security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: V502ET6RYZAX6120
age: 16874
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1553
x-amz-id-2: 338/FVbAVO5JgB1K47Mz/MFZeEyfHM/6enfqCe2JoFXy+unvJJF7z+jbCkuX4VjNiVXaEfOv0t8aKIJqzBEjfitzyBO8u1RK
x-served-by: cache-yul12830-YUL
last-modified: Mon, 24 Apr 2023 06:36:58 GMT
server: AmazonS3
x-timer: S1683212164.513923,VS0,VE1
etag: "c5872ef12e8eff2d491395d56ada4a6b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: Cache-Control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.23.14/js/ Frame 1982 493 KB
119 KB 88ms
22ms Script
application/javascript 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.14/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/401395656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ddf1a26c4ef5be769f202e7b6bd36dd66ef01b9bebf2cd3e9c6a867d51e65ee0

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100161-IAD, cache-lga21954-LGA
date: Thu, 04 May 2023 14:56:03 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 166840
x-timer: S1683212164.622495,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 121857
x-cache-hits: 8, 56175

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.23.14/js/ Frame 1982 389 KB
94 KB 88ms
22ms Script
application/javascript 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.14/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/401395656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c143d47ff5feea907e9d18572420764f6c70a4d5a770ad2f7f34c1681542846d

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000103-IAD, cache-lga21954-LGA
date: Thu, 04 May 2023 14:56:03 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 166840
x-timer: S1683212164.622474,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 95852
x-cache-hits: 7, 57145

GET
H2 200 player.css
f.vimeocdn.com/p/4.23.14/css/ Frame 1982 211 KB
21 KB 91ms
25ms Stylesheet
text/css 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.14/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/401395656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dcef9fd2bce693a00927fd01436bce94a261cba31e18710f10b04edeb7ab9768

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000091-IAD, cache-lga21931-LGA
date: Thu, 04 May 2023 14:56:03 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 166840
x-timer: S1683212164.627571,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21664
x-cache-hits: 10, 34174

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame A980 51 KB
21 KB 67ms
18ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn-prod.splashthat.com
URL: https://cdn-prod.splashthat.com/events/loadGaTrackingForVanityUrl/458659821/revealxhunterchallenge-may

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn-prod.splashthat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 May 2023 13:55:21 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3642
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 04 May 2023 15:55:21 GMT

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.23.14/js/ Frame 99B0 493 KB
119 KB 53ms
21ms Script
application/javascript 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.14/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/401395656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ddf1a26c4ef5be769f202e7b6bd36dd66ef01b9bebf2cd3e9c6a867d51e65ee0

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100161-IAD, cache-lga21954-LGA
date: Thu, 04 May 2023 14:56:03 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 166840
x-timer: S1683212164.622448,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 121857
x-cache-hits: 8, 56175

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.23.14/js/ Frame 99B0 389 KB
94 KB 50ms
18ms Script
application/javascript 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.14/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/401395656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c143d47ff5feea907e9d18572420764f6c70a4d5a770ad2f7f34c1681542846d

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000103-IAD, cache-lga21954-LGA
date: Thu, 04 May 2023 14:56:03 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 166840
x-timer: S1683212164.622419,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 95852
x-cache-hits: 7, 57144

GET
H2 200 player.css
f.vimeocdn.com/p/4.23.14/css/ Frame 99B0 211 KB
21 KB 57ms
25ms Stylesheet
text/css 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.14/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/401395656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dcef9fd2bce693a00927fd01436bce94a261cba31e18710f10b04edeb7ab9768

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000091-IAD, cache-lga21931-LGA
date: Thu, 04 May 2023 14:56:03 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 166840
x-timer: S1683212164.627544,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21664
x-cache-hits: 10, 34173

GET
H2 200 tags.js Show response
js.datadome.co/ 273 KB
57 KB 80ms
19ms Script
text/javascript 99.84.37.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.37.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-37-32.ewr52.r.cloudfront.net

Software

Apache /

Resource Hash

b2cbff271b2a424800d91db247d534e06414e5c5a91a6fcf6b9ce59539097f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
via: 1.1 8f8a44665236c177df56aa58b84d84de.cloudfront.net (CloudFront)
date: Thu, 04 May 2023 14:49:26 GMT
x-amz-cf-pop: EWR52-C4
age: 397
x-cache: Hit from cloudfront
content-length: 57667
last-modified: Mon, 24 Apr 2023 12:48:19 GMT
server: Apache
etag: "445f8-5fa146bd7ac68-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: _iP-8HcFBkeG9BSnEPrK6snCFQjsR3SECt4WCsvZCa10ts1prZXhsg==
expires: Thu, 04 May 2023 15:49:26 GMT

OPTIONS
H/1.1 200
OK registration-form
api.splashthat.com/public/event/revealxhunterchallenge-may/ Frame 0
0 109ms
35ms Preflight
text/html 54.237.228.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.splashthat.com/public/event/revealxhunterchallenge-may/registration-form

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.228.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-228-255.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-max-age
Access-Control-Request-Method: GET
Origin: https://events.extrahop.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization, origin, x-requested-with, content-type, accept, access-control-max-age, x-userformsubmittoken, x-splash-event-id
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, HEAD, OPTIONS, PATCH
Access-Control-Allow-Origin: https://events.extrahop.com
Access-Control-Max-Age: 3600
Cache-Control: max-age=0, must-revalidate, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 May 2023 14:56:03 GMT
Expires: Thu, 04 May 2023 14:56:03 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Origin
Via: kong/2.3.3
X-Content-Type-Options: nosniff
X-Kong-Proxy-Latency: 0
X-Kong-Upstream-Latency: 12
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK registration-form Show response
api.splashthat.com/public/event/revealxhunterchallenge-may/ 8 KB
9 KB 86ms
86ms XHR
application/json 54.237.228.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.splashthat.com/public/event/revealxhunterchallenge-may/registration-form

Requested by

Host: frontend.cdn.splashthat.com
URL: https://frontend.cdn.splashthat.com/build/standalone/splash-page.455bcd5656011ebd9be0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.228.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-228-255.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a86663a751e7c81d9b99fc767a7bc280c4437e82e79a2b648a9324bd94e3683f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://events.extrahop.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Access-Control-Max-Age: 3600

Response headers

Date: Thu, 04 May 2023 14:56:03 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Via: kong/2.3.3
Server: nginx
X-Kong-Proxy-Latency: 1
Transfer-Encoding: chunked
Allow: GET
Content-Type: application/json
Access-Control-Allow-Origin: https://events.extrahop.com
X-Kong-Upstream-Latency: 62
Cache-Control: no-cache, private
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 revealxhunterchallenge-may.splashthat.com Show response
splashthat.com/tuning-fork-redirect/ Frame 2EEB 988 B
1 KB 80ms
52ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://splashthat.com/tuning-fork-redirect/revealxhunterchallenge-may.splashthat.com

Requested by

Host: frontend.cdn.splashthat.com
URL: https://frontend.cdn.splashthat.com/build/standalone/splash-page.455bcd5656011ebd9be0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cfd809263820ffcfb1e9157a2babc025c63eca43f4135b1b387e25a59b2a62c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors splashthat.com https://splashthat.com https://app.splashthat.com revealxhunterchallenge-may.splashthat.com http://revealxhunterchallenge-may.splashthat.com https://revealxhunterchallenge-may.splashthat.com events.extrahop.com http://events.extrahop.com https://events.extrahop.com http://www.events.extrahop.com https://www.events.extrahop.com;
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://events.extrahop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, no-store
content-encoding: gzip
content-security-policy: frame-ancestors splashthat.com https://splashthat.com https://app.splashthat.com revealxhunterchallenge-may.splashthat.com http://revealxhunterchallenge-may.splashthat.com https://revealxhunterchallenge-may.splashthat.com events.extrahop.com http://events.extrahop.com https://events.extrahop.com http://www.events.extrahop.com https://www.events.extrahop.com;
content-type: text/html; charset=UTF-8
date: Thu, 04 May 2023 14:56:03 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
strict-transport-security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-datadome: protected
x-served-by: cache-yul12822-YUL
x-timer: S1683212164.762336,VS0,VS0,VE42
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK mapbox-styles.css
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 41 KB
14 KB 19ms
19ms Stylesheet
text/css 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/mapbox-styles.css
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89f125b7633bf1dd3b9cb333af71341748cec8bcb21210ce5722b36c631f635e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 09:02:32 GMT
x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 079cd4553da15b2329bffae6abe6157e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 1058012
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 02:02:08 GMT
Server: AmazonS3
ETag: W/"94dac7332276d71da0552155517a5268"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=25920000
X-Amz-Cf-Id: mVruJPn-lfNGXFhU53_-tfVt78tINN1IpUqA9jfVD2_Za-IuFgCnYQ==

GET
H/1.1 200
OK jquery-ui-smooth.css
d24wuq6o951i2g.cloudfront.net/img/site-assets/ 31 KB
7 KB 18ms
18ms Stylesheet
text/css 18.164.115.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24wuq6o951i2g.cloudfront.net/img/site-assets/jquery-ui-smooth.css
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-227.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4f2876a599f90a2bd52fe770b5f00b070fedfb085f4e2d49b170248ae54a723

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 09:01:05 GMT
x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 d98647edce17345f3d148190339e9d8c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 1058099
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 02:02:08 GMT
Server: AmazonS3
ETag: W/"29115555d9d54f1031eb8c6b2b18ffaf"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=25920000
X-Amz-Cf-Id: 5vlOMCpfZbinqoFGtHN1vPobCxbpsKO8LFfk4kGbJ2SF_cDjvvi8eg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame A980 4 B
215 B 33ms
33ms XHR
text/plain 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&aip=1&a=2087029616&t=pageview&_s=1&dl=https%3A%2F%2Fcdn-prod.splashthat.com%2Fevents%2FloadGaTrackingForVanityUrl%2F458659821%2Frevealxhunterchallenge-may&dr=https%3A%2F%2Fevents.extrahop.com%2F&dp=%2Fsites%2Fview%2Frevealxhunterchallenge-may.splashthat.com&ul=en-us&de=UTF-8&dt=Reveal%20(x)%20Hunter%20Challenge%20-%20May&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAAABAAAAACACAC~&jid=969675195&gjid=1741276740&cid=1385144324.1683212164&tid=UA-24489962-1&_gid=381154876.1683212164&_r=1&_slc=1&cd1=458659821&z=1815458801

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn-prod.splashthat.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 May 2023 14:56:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cdn-prod.splashthat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 380 KB
102 KB 100ms
50ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MB8XC6

Requested by

Host: frontend.cdn.splashthat.com
URL: https://frontend.cdn.splashthat.com/build/chunks/712.004eee5c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe0d89d7bedfe1c286bcc72ca72e66089b5190053ccf4b1171bbfc4dfdf86231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103605
x-xss-protection: 0
last-modified: Thu, 04 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 May 2023 14:56:03 GMT

GET
H2 200 tuning-fork-redirect.63ba914d8b54ca8de034.js Show response
frontend.cdn.splashthat.com/build/standalone/ Frame 2EEB 49 KB
15 KB 10ms
10ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.cdn.splashthat.com/build/standalone/tuning-fork-redirect.63ba914d8b54ca8de034.js

Requested by

Host: splashthat.com
URL: https://splashthat.com/tuning-fork-redirect/revealxhunterchallenge-may.splashthat.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2a4d5b124d496652a1221f58b24b407b196fc6002064a0e1173ea5619c586100

Security Headers

Name	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://splashthat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: BmwJarqbJn4hv7Og6tt_l2bkx9exdPZY
content-encoding: gzip
via: 1.1 varnish
date: Thu, 04 May 2023 14:56:03 GMT
strict-transport-security: Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
x-amz-request-id: 07WFAZ5SVPGRB7D5
age: 18645
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14780
x-amz-id-2: zWuEfCgzARVQwQVsFyQIbu7qJcNOMT41KxGxcUCwI0sEG0aSCcWSB8uP9RrfqX0+QraSkMLpQ7E=
x-served-by: cache-yul12830-YUL
last-modified: Mon, 17 Apr 2023 06:36:03 GMT
server: AmazonS3
x-timer: S1683212164.905371,VS0,VE0
etag: "c3900e4ec20b180d89fe1ef2be6b4026"
vary: Accept-Encoding
content-type: application/javascript
cache-control: Cache-Control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 22

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame A980 4 B
355 B 131ms
81ms XHR
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-24489962-1&cid=1385144324.1683212164&jid=969675195&gjid=1741276740&_gid=381154876.1683212164&_u=YEBAAAAAAAAAACACAC~&z=1104011327

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn-prod.splashthat.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 04 May 2023 14:56:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cdn-prod.splashthat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
880 B 129ms
43ms Script
text/javascript 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: frontend.cdn.splashthat.com
URL: https://frontend.cdn.splashthat.com/build/standalone/splash-page.455bcd5656011ebd9be0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

70131da85a97ecbfd4f28d48d74eb7ba4e0f7466b3e7d0d417399ec7ac3d9356

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 558
x-xss-protection: 1; mode=block
expires: Thu, 04 May 2023 14:56:04 GMT

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 1982 2 KB
1 KB 35ms
35ms Script
application/javascript 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/401395656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-lga21931-LGA
date: Thu, 04 May 2023 14:56:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1498730
x-timer: S1683212164.185976,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 14, 25754

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1982 4 KB
2 KB 104ms
56ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.14/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 May 2023 14:56:04 GMT

GET
H2 200 870120408-0d8f681e19afb4a621f90e11cf6d456f37b816e6744637005a5829da84065a88-d
i.vimeocdn.com/video/ Frame 1982 31 KB
32 KB 27ms
19ms Image
image/avif 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/870120408-0d8f681e19afb4a621f90e11cf6d456f37b816e6744637005a5829da84065a88-d
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8e0db5d25998f6614a2200f8273b18277bd60614f032291531a7831a68770eb5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 3869
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 32098
viewmaster-server: viewmaster-us-central1-jzkb
x-served-by: cache-dfw-kdfw8210108-DFW, cache-lga21931-LGA
x-timer: S1683212164.212109,VS0,VE1
etag: 90d6f374cb950ace5f0af426147e5d3b
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 549, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 1982 0
41 B 71ms
41ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=3f2c4fca4ac7654e189b6497d776b383f2af07fd1683212163
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.14/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Thu, 04 May 2023 14:56:04 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 99B0 2 KB
1 KB 17ms
17ms Script
application/javascript 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/401395656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-lga21931-LGA
date: Thu, 04 May 2023 14:56:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1498730
x-timer: S1683212164.219981,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 14, 25755

GET
H2 200 870120408-0d8f681e19afb4a621f90e11cf6d456f37b816e6744637005a5829da84065a88-d
i.vimeocdn.com/video/ Frame 99B0 31 KB
31 KB 23ms
22ms Image
image/avif 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/870120408-0d8f681e19afb4a621f90e11cf6d456f37b816e6744637005a5829da84065a88-d
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.14/js/player.module.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8e0db5d25998f6614a2200f8273b18277bd60614f032291531a7831a68770eb5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 3869
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 32098
viewmaster-server: viewmaster-us-central1-jzkb
x-served-by: cache-dfw-kdfw8210108-DFW, cache-lga21931-LGA
x-timer: S1683212164.223547,VS0,VE0
etag: 90d6f374cb950ace5f0af426147e5d3b
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 549, 2

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 99B0 4 KB
2 KB 113ms
95ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.14/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 May 2023 14:56:04 GMT

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 99B0 0
143 B 44ms
40ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=3f2c4fca4ac7654e189b6497d776b383f2af07fd1683212163
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.14/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Thu, 04 May 2023 14:56:04 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ Frame A980 42 B
297 B 44ms
43ms Image
image/gif 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-24489962-1&cid=1385144324.1683212164&jid=969675195&_u=YEBAAAAAAAAAACACAC~&z=1896150445

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn-prod.splashthat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 14:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ Frame A980 42 B
409 B 104ms
48ms Image
image/gif 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-24489962-1&cid=1385144324.1683212164&jid=969675195&_u=YEBAAAAAAAAAACACAC~&z=1896150445

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn-prod.splashthat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 14:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api-js.datadome.co/js/ 233 B
412 B 119ms
30ms XHR
application/json 34.231.13.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.13.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-13-252.compute-1.amazonaws.com
Software: DataDome /
Resource Hash: 9b9646212dc0b01d706647434433cc9a3787b065c2afb945f6d8d29a630d72dc

Request headers

Referer: https://events.extrahop.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 04 May 2023 14:56:04 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 233
expires: 0

GET
H2 200 42488092_60x60
i.vimeocdn.com/portrait/ Frame 1982 580 B
739 B 19ms
19ms Image
image/avif 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/portrait/42488092_60x60
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fc5343e3ac1362826da2e42424649826c8797efb526aba4dd3ae8438f1681d17

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 253944
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 580
viewmaster-server: viewmaster-us-central1-l25c
x-served-by: cache-dfw-kdfw8210116-DFW, cache-lga21931-LGA
x-timer: S1683212164.481544,VS0,VE1
etag: 78068e42faf0bb80a81f01449322f34f
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 87, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
88 KB 44ms
43ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D5WW8QB02S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB8XC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0d05511ef743ec8cdccc36abe1a962e88993ef91372522c97795ae82bca8946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89503
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 May 2023 14:56:04 GMT

GET
H2 200 r5gwvvkz53c9.js Show response
js.driftt.com/include/1683212400000/ 221 KB
62 KB 140ms
66ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1683212400000/r5gwvvkz53c9.js

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8989f87b90cacdbca5875bdfbed7dd3c3f2acee982b9353c04d86e8c123906c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: x8TZ8iebDtxhM0duvZHFnO4hbRoyqYO1
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 04 May 2023 14:56:04 GMT
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Fri, 28 Apr 2023 19:39:03 GMT
server: istio-envoy
etag: W/"1aa02cf06cb1a631ba2d08d343214ad7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kp3-6lYaal6hJZ8X0HUFVwb37Y4t5a5QzIHnJ6Y0BS8ox26N5hkfrg==

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 51 KB
20 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB8XC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 May 2023 13:55:21 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3643
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 04 May 2023 15:55:21 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 88ms
20ms Script
application/x-javascript 2600:141b:9000::1725:7bba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB8XC6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000::1725:7bba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=84417
accept-ranges: bytes
content-length: 4777

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 114ms
22ms Script
application/x-javascript 23.73.231.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.73.231.40 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-231-40.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 04 May 2023 14:56:04 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Wed, 11 Jan 2023 20:34:04 GMT
ETag: "39c1adbfc25d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Thu, 04 May 2023 14:56:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 105 KB
28 KB 71ms
18ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 May 2023 14:56:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27428
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6R5IIHVlEBCS5J94XSNrwfluMeATJatX0uBfwWez+C4BPKBYpbmsB1qRryX1UH9gXPy6U+NyeWK004x5voYDww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK clear.gif Show response
p0.extrahopping.net/ 43 B
282 B 338ms
92ms XHR
image/gif 35.163.218.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p0.extrahopping.net/clear.gif
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.163.218.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-218-127.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 04 May 2023 14:56:04 GMT
Cache-Control: public, max-age=86400
Last-Modified: Tue, 09 Apr 2019 18:50:40 GMT
Accept-Ranges: bytes
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 72ms
19ms Script
application/x-javascript 18.238.12.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB8XC6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.12.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-12-115.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 20:06:41 GMT
Content-Encoding: gzip
Via: 1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PHL51-P1
Age: 67764
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: Wo14Af9yp4476zyA9EeO9-jkWWmV94xh852rUkM2IynHCG65xVx78Q==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 113ms
19ms Script
application/javascript 199.232.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 15:55:14 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100040-IAD, cache-lga21978-LGA

GET
H2 200 airpr.js Show response
px.airpr.com/ 7 KB
2 KB 93ms
17ms Script
application/javascript 54.230.163.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.airpr.com/airpr.js
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-61.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash: 529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 10:13:25 GMT
content-encoding: gzip
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
last-modified: Wed, 01 Aug 2018 01:39:57 GMT
server: nginx
x-amz-cf-pop: EWR53-C3
age: 16959
etag: "5b610f6d-853"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 2131
x-amz-cf-id: 9iE4vGD35edF6BoKk-lv3FviRcMJUHHp1A0ggCavlz4Vulzh6iwihw==
expires: Thu, 04 May 2023 22:13:25 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://adresults-5-adswizz.attribution.adswizz.com/fire?pixelId=05838ba9-d56a-4bcc-8833-375b3a214e10&type=sitevisit&subtype=HomePage&aw_0_req.gdpr=true
https://pixel.tapad.com/idsync/ex/receive?partner_id=2994&partner_device_id=f2df6daa05bd179de0a918602a3212ee
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=f2df6daa05bd179de0a918602a3212ee

95 B
438 B

41ms
40ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=f2df6daa05bd179de0a918602a3212ee

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 04 May 2023 14:56:04 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=f2df6daa05bd179de0a918602a3212ee
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 1982 0
894 B 134ms
90ms Ping
text/plain 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=3f2c4fca4ac7654e189b6497d776b383f2af07fd1683212163

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 04 May 2023 02:56:04 GMT
Date: Thu, 04 May 2023 14:56:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kiad7000121-IAD, cache-yyz4525-YYZ
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1683212165.585235,VS0,VE54
x-backend-proxy: webproxy46
x-frame-options: sameorigin
Vary: User-Agent
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-5d89b88f54-bwr86
Accept-Ranges: bytes
CF-RAY: 7c21969c8b67ab3d-YYZ
X-Cache-Hits: 0, 0

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ 405 KB
162 KB 61ms
19ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12c5a5f6c4176f49743e6fe7c298b563c375e968ff744745fbb60a7ba8bd1b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://events.extrahop.com/
Origin: https://events.extrahop.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 09:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165536
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 May 2024 09:47:09 GMT

GET
H2 200 42488092_60x60
i.vimeocdn.com/portrait/ Frame 99B0 580 B
693 B 22ms
21ms Image
image/avif 199.232.38.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/portrait/42488092_60x60
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.14/js/vendor.module.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.38.109 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fc5343e3ac1362826da2e42424649826c8797efb526aba4dd3ae8438f1681d17

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 253944
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 580
viewmaster-server: viewmaster-us-central1-l25c
x-served-by: cache-dfw-kdfw8210116-DFW, cache-lga21931-LGA
x-timer: S1683212165.536666,VS0,VE0
etag: 78068e42faf0bb80a81f01449322f34f
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 87, 2

GET
H2 200 trackable.js Show response
ext.chtbl.com/ 4 KB
4 KB 97ms
18ms Script
application/javascript 2600:9000:2514:b400:a:b27c:d040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ext.chtbl.com/trackable.js
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2514:b400:a:b27c:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 13:59:05 GMT
via: 1.1 4c1a2d98b0820f90f630f0721b0b6538.cloudfront.net (CloudFront)
last-modified: Fri, 12 Feb 2021 20:28:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 3420
etag: "4a494dbb82444463b6fd8bff0e5593d6"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4092
x-amz-cf-id: CbgTipfqg1mT4R5nayJQuifS49_BawKuWTqFQp8Jtakza5NKBWEU6Q==

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 1982 35 KB
12 KB 58ms
42ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Thu, 04 May 2023 14:56:04 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/113/ Frame 1982 51 KB
15 KB 38ms
22ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/113/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15228
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 15:06:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 05 May 2023 14:07:49 GMT

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 99B0 35 KB
12 KB 78ms
66ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Thu, 04 May 2023 14:56:04 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/113/ Frame 99B0 51 KB
15 KB 40ms
28ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/113/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15228
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 15:06:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 05 May 2023 14:07:49 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 20ms
19ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 May 2023 15:44:51 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
257 B 77ms
33ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-D5WW8QB02S&gtm=45je3510&_p=1827384813&_gaz=1&cid=128866291.1683212165&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683212164&sct=1&seg=0&dl=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&dt=Reveal%20(x)%20Hunter%20Challenge%20-%20May&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D5WW8QB02S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 14:56:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://events.extrahop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
68 B 33ms
32ms Ping
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D5WW8QB02S&cid=128866291.1683212165&gtm=45je3510&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D5WW8QB02S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 14:56:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://events.extrahop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
108 B 39ms
38ms Image
image/gif 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D5WW8QB02S&cid=128866291.1683212165&gtm=45je3510&aip=1&z=587100084

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 14:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1347020,939092/domain/events.extrahop.com/ 36 B
377 B 76ms
32ms XHR
application/json 2600:9000:25c8:4e00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1347020,939092/domain/events.extrahop.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:4e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://events.extrahop.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:02:18 GMT
content-encoding: gzip
via: 1.1 4ac9029cca7343b507846071d1d5dbc8.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 3226
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: QsRgCkoJAE4RjvKzC3Pk39OeP1VSI_I6VOPJWITSqjSRsalcxWijOQ==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1347020,939092/domain/events.extrahop.com/ 36 B
377 B 75ms
32ms XHR
application/json 2600:9000:25c8:4e00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1347020,939092/domain/events.extrahop.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:4e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://events.extrahop.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:02:18 GMT
content-encoding: gzip
via: 1.1 4ac9029cca7343b507846071d1d5dbc8.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 3226
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: uMBWxx2mZ6FOMGKVI9vXdQz73RtKOPOOndjLKIPuPDowveKCv0Ng8w==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1347020,939092/domain/events.extrahop.com/ 36 B
375 B 74ms
33ms XHR
application/json 2600:9000:25c8:4e00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1347020,939092/domain/events.extrahop.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:4e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://events.extrahop.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:02:18 GMT
content-encoding: gzip
via: 1.1 4ac9029cca7343b507846071d1d5dbc8.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 3226
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 2SyM3mnBPBnIBQXGHbyj3p1lfSImyOwcbuv1wQ7SVume_SVml4628g==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=939092%2C1347020&time=1683212164665&url=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challen...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=939092%2C1347020&time=1683212164665&url=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challen...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D939092%252C1347020%26time%3D1683212164665%26url%3Dhttps%253A%252F%252Fevents.extr...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=939092%2C1347020&time=1683212164665&url=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challen...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=939092%2C1347020&time=1683212164665&url=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challe...

0
491 B

117ms
92ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=939092%2C1347020&time=1683212164665&url=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLsJPxpzAyDMAAAAYfnQ1_K4vU-G4JAAerxRzkwZ2Mwpj3vKZILxT74RYW6SORfh0B0-TcG
Requested by: Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:04 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 80D48E45574A40F999EB55D95476CDA0 Ref B: YMQ01EDGE0811 Ref C: 2023-05-04T14:56:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6318v+EmFg9u2fSArqA==

Redirect headers

date: Thu, 04 May 2023 14:56:04 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B64F40C354D944D3A1C05D909C99B4EB Ref B: YMQ01EDGE0320 Ref C: 2023-05-04T14:56:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=939092%2C1347020&time=1683212164665&url=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLsJPxpzAyDMAAAAYfnQ1_K4vU-G4JAAerxRzkwZ2Mwpj3vKZILxT74RYW6SORfh0B0-TcG
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6318uExSmgjjBvuXfrg==

GET
H2 200 1049095138473035 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1049095138473035?v=2.9.103&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8b6392ffd36ff6d26abaafabba79fe05a43eedcea4594308cd38840b5f3f388

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 May 2023 14:56:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87864
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: EcQqzTCugTxPUyd+C8mSpt+cea0IyRmFZgDC/pFZ6BguHa+K8OvozVevALcvVfQ6WLVTcS+ugnvQ5QCbSFnxFA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
71 B 32ms
32ms XHR
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-6551454-1&cid=128866291.1683212165&jid=2046988152&gjid=1714447032&_gid=497792889.1683212165&_u=aGBAgAAjAAAAAE~&z=1039578691

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.extrahop.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 04 May 2023 14:56:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://events.extrahop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1827384813&t=pageview&_s=1&dl=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&dp=%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&ul=en-us&de=UTF-8&dt=Reveal%20(x)%20Hunter%20Challenge%20-%20May&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=2046988152&gjid=1714447032&cid=128866291.1683212165&tid=UA-6551454-1&_gid=497792889.1683212165&gtm=45He3510n71MB8XC6&z=1335807627

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 18:34:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73266
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK svrGP Show response
s1701.t.eloqua.com/visitor/v200/ 79 B
689 B 113ms
113ms Script
application/javascript 142.0.173.28
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://s1701.t.eloqua.com/visitor/v200/svrGP?pps=41&siteid=1701&ref=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&ms=680

Requested by

Host: img.en25.com
URL: https://img.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.173.28 Toronto, Canada, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

02b1540a0f6b97af3a20a3e664dfd278a2e99e98ca3347c5bd2d88effbbbade3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 04 May 2023 14:56:04 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 98
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK svrGP Show response
s1701.t.eloqua.com/visitor/v200/ 79 B
580 B 104ms
40ms Script
application/javascript 142.0.173.28
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://s1701.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=1701&ms=680

Requested by

Host: img.en25.com
URL: https://img.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.173.28 Toronto, Canada, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

eb18e6f1f3cc6f0aec0d9c2eff09de99a70920f932c159a8ef87844ad2a3a18d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 04 May 2023 14:56:04 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 105
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK svrGP
s1701.t.eloqua.com/visitor/v200/ 49 B
448 B 159ms
87ms Image
image/gif 142.0.173.28
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1701.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1701&ref2=elqNone&tzo=0&ms=680&optin=disabled

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.173.28 Toronto, Canada, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 04 May 2023 14:56:04 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

OPTIONS
H2 503 track
web.chtbl.com/ Frame 0
0 133ms
26ms Preflight
text/html 2600:9000:25c8:ae00:0:cc59:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:ae00:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://events.extrahop.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-length: 564
content-type: text/html
date: Thu, 04 May 2023 14:56:04 GMT
server: awselb/2.0
via: 1.1 33529157e9445af08b5b7d15e72166ea.cloudfront.net (CloudFront)
x-amz-cf-id: zHhPUyM_5th6re_p3xPXeoYbP_groNNHdDyFivjcj-wi8whqPEVFaA==
x-amz-cf-pop: PHL51-P1
x-cache: Error from cloudfront

POST track
web.chtbl.com/ 0
0

GET
H2 200 adsct
t.co/i/ 43 B
379 B 120ms
41ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=923d0dd4-2950-4ae6-9d30-355df1dac875&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d38ab161-d5b5-4aef-b8ca-18f0c16054ae&tw_document_href=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nz4z6&type=javascript&version=2.3.29

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-response-time: 5
date: Thu, 04 May 2023 14:56:04 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 5003bde0e37e3f0f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 94977bd34b84bf4b7d075bdb54f4e43938288ed3e5447f61faade3ae3437679f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 144ms
48ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=923d0dd4-2950-4ae6-9d30-355df1dac875&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d38ab161-d5b5-4aef-b8ca-18f0c16054ae&tw_document_href=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nz4z6&type=javascript&version=2.3.29

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-response-time: 5
date: Thu, 04 May 2023 14:56:04 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: c498210ccdea0879
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f63703240a0d8248a0ef23320e5e6057a88fb9a9cdeda9a1d48c88c7d0ff9b1f
content-length: 43

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 41ms
40ms Image
image/gif 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-6551454-1&cid=128866291.1683212165&jid=2046988152&_u=aGBAgAAjAAAAAE~&z=66411952

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 14:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 42ms
41ms Image
image/gif 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-6551454-1&cid=128866291.1683212165&jid=2046988152&_u=aGBAgAAjAAAAAE~&z=66411952

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 14:56:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 511627396050190 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/511627396050190?v=2.9.103&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dcd7cb8ac1ffe7d78d562d9b92d826738b474f85839708cb7f24bb4b65fe0727

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 May 2023 14:56:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87894
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: l/vWLzOnMT11+6SjTrWXfTHHiQxbIeehTu9Fqch034H8m8zw3akGB8qL0IPGxJZntC9x58/A3a3+sSeIDQGykQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 64ms
18ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1049095138473035&ev=PageView&dl=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&rl=&if=false&ts=1683212164749&sw=1600&sh=1200&v=2.9.103&r=stable&ec=0&o=30&fbp=fb.1.1683212164748.629368106&it=1683212164673&coo=false&rqm=GET

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 04 May 2023 14:56:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 18ms
17ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=511627396050190&ev=PageView&dl=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&rl=&if=false&ts=1683212164815&sw=1600&sh=1200&v=2.9.103&r=stable&ec=0&o=30&fbp=fb.1.1683212164748.629368106&it=1683212164673&coo=false&rqm=GET

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 04 May 2023 14:56:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F79F 50 KB
27 KB 58ms
57ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTTRUTAAAAAFAKqaR-uZdDtmV97lyAbP3SL0p4&co=aHR0cHM6Ly9ldmVudHMuZXh0cmFob3AuY29tOjQ0Mw..&hl=en&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=fff16ffhdm67

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1193c432fbddf20949b0532d5b512b775e4ed4984f6f4560da9447d2cf92d774

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YZ5nqpU2CgRWKWPWfDzTmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://events.extrahop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28064
content-security-policy: script-src 'report-sample' 'nonce-YZ5nqpU2CgRWKWPWfDzTmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 14:56:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame F79F 55 KB
24 KB 20ms
19ms Stylesheet
text/css 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTTRUTAAAAAFAKqaR-uZdDtmV97lyAbP3SL0p4&co=aHR0cHM6Ly9ldmVudHMuZXh0cmFob3AuY29tOjQ0Mw..&hl=en&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=fff16ffhdm67

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 09:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 May 2024 09:46:41 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame F79F 405 KB
162 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12c5a5f6c4176f49743e6fe7c298b563c375e968ff744745fbb60a7ba8bd1b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 09:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165536
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 May 2024 09:47:09 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 2B8F 0
75 B 18ms
17ms Document
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://events.extrahop.com
Referer: https://events.extrahop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://events.extrahop.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 14:56:05 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
DATA 200
OK truncated
/ Frame F79F 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F79F 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F79F 2 KB
2 KB 20ms
19ms Image
image/png 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 08:22:23 GMT
x-content-type-options: nosniff
age: 455622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 06 May 2023 08:22:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F79F 15 KB
16 KB 178ms
128ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 16:14:59 GMT
x-content-type-options: nosniff
age: 427266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 16:14:59 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F79F 102 B
134 B 155ms
155ms Other
text/javascript 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=1h-hbVSJRMOQsmO_2qL9cO0z

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af231a497b200013ff525b69ba375f6d0d2c8dfdd82c1f0baaf831b2102c03fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTTRUTAAAAAFAKqaR-uZdDtmV97lyAbP3SL0p4&co=aHR0cHM6Ly9ldmVudHMuZXh0cmFob3AuY29tOjQ0Mw..&hl=en&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=fff16ffhdm67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 04 May 2023 14:56:05 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9C9C 0
18 B 74ms
74ms Document
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://events.extrahop.com
Referer: https://events.extrahop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://events.extrahop.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 14:56:05 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 4BBB 7 KB
1 KB 43ms
42ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=1h-hbVSJRMOQsmO_2qL9cO0z&k=6LdTTRUTAAAAAFAKqaR-uZdDtmV97lyAbP3SL0p4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8c648b902a20340c574d138d6272f318bf1526c778081863a04a262c81ce42b3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uH2I1I_RAZpfnOeGpPMZLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://events.extrahop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1154
content-security-policy: script-src 'report-sample' 'nonce-uH2I1I_RAZpfnOeGpPMZLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 14:56:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame 4BBB 55 KB
24 KB 20ms
19ms Stylesheet
text/css 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=1h-hbVSJRMOQsmO_2qL9cO0z&k=6LdTTRUTAAAAAFAKqaR-uZdDtmV97lyAbP3SL0p4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 09:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 May 2024 09:46:41 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame 4BBB 405 KB
162 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=1h-hbVSJRMOQsmO_2qL9cO0z&k=6LdTTRUTAAAAAFAKqaR-uZdDtmV97lyAbP3SL0p4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12c5a5f6c4176f49743e6fe7c298b563c375e968ff744745fbb60a7ba8bd1b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 09:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165536
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 May 2024 09:47:09 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame B508 2 KB
1 KB 45ms
45ms Document
text/html 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1683212400000/r5gwvvkz53c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e2a0c716824375ab3b6ba3d71119d6ea8658ec6d3afbe6efa8e49b07cc1e858b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://events.extrahop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 04 May 2023 14:56:05 GMT
etag: W/"d24683eab735beaadd07b2ec060ce6d9"
last-modified: Fri, 28 Apr 2023 19:38:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-id: YY9AQZIDLk84jXkEjZPn-Om8JaUjLc6Y-S-nRd-4rHygHRR1TkOMgw==
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: Tj4_13N0iwCYRl75UDfc15zCZqfNJI.x
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 17

GET
H2 200 chat Show response
js.driftt.com/core/ Frame B6DA 2 KB
1 KB 43ms
43ms Document
text/html 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1683212400000/r5gwvvkz53c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e2a0c716824375ab3b6ba3d71119d6ea8658ec6d3afbe6efa8e49b07cc1e858b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://events.extrahop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 04 May 2023 14:56:05 GMT
etag: W/"d24683eab735beaadd07b2ec060ce6d9"
last-modified: Fri, 28 Apr 2023 19:38:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-id: cs9XosHW_DMA7Qsoln9ZdxPBQ9MXLubnjRMWZ8k5lbSj4HiWxBAi_A==
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: Tj4_13N0iwCYRl75UDfc15zCZqfNJI.x
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 14

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1827384813&t=event&ni=1&_s=2&dl=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&dp=%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&ul=en-us&de=UTF-8&dt=Reveal%20(x)%20Hunter%20Challenge%20-%20May&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=airpr&ea=visitor%20hit&_u=aHBAgAAjAAAAAE~&jid=&gjid=&cid=128866291.1683212165&tid=UA-6551454-1&_gid=497792889.1683212165&gtm=45He3510n71MB8XC6&cd20=128866291.1683212165&z=2022609169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 18:34:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73267
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

204

anpx
dpx.airpr.com/
Redirect Chain

https://dpx.airpr.com/px?hostname=events.extrahop.com&profile=699363&ga_account_id=UA-6551454-1&ga_account_type=UA&ga_c=128866291.1683212165&an=true
https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=20713649946
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D20713649946
https://dpx.airpr.com/anpx?adnxs_uid=91697578740747193&airpr_id=20713649946

0
64 B

27ms
27ms

Image
text/plain

34.229.30.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpx.airpr.com/anpx?adnxs_uid=91697578740747193&airpr_id=20713649946
Protocol: H2
Server: 34.229.30.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-30-165.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:05 GMT
cache-control: private
server: nginx

Redirect headers

Date: Thu, 04 May 2023 14:56:05 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: cf80c009-8ccf-4de8-9dec-d93ee739548a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dpx.airpr.com/anpx?adnxs_uid=91697578740747193&airpr_id=20713649946
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 33 KB
11 KB 92ms
18ms Script
application/javascript 23.200.1.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: events.extrahop.com
URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.1.16 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-200-1-16.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 14:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Apr 2023 21:13:35 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "642c92ff-8319"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10492
expires: Thu, 04 May 2023 14:56:05 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 41ms
41ms XHR
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-6551454-4&cid=128866291.1683212165&jid=1306968017&gjid=1705931017&_gid=497792889.1683212165&_u=aHHAgAAjAAAAAE~&z=1945987511

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.extrahop.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 04 May 2023 14:56:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://events.extrahop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1827384813&t=pageview&_s=1&dl=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&ul=en-us&de=UTF-8&dt=Reveal%20(x)%20Hunter%20Challenge%20-%20May&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHHAgAAjAAAAAE~&jid=1306968017&gjid=1705931017&cid=128866291.1683212165&tid=UA-6551454-4&_gid=497792889.1683212165&gtm=45He3510n71MB8XC6&cd5=&z=493666167

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 18:34:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73267
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 108F
Redirect Chain

https://insight.adsrvr.org/track/up?adv=2fvosvc&ref=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26...
https://match.adsrvr.org/track/upb/?adv=2fvosvc&ref=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26...

838 B
1 KB

31ms
26ms

Document
text/html

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=2fvosvc&ref=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&upid=nhxwmcz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 913bf7a863d5500815a8c6180d189d00c9f9230adc5f483c7594aec349e03572

Request headers

Referer: https://events.extrahop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Thu, 04 May 2023 14:56:05 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Thu, 04 May 2023 14:56:05 GMT
location: https://match.adsrvr.org/track/upb/?adv=2fvosvc&ref=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&upid=nhxwmcz&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1827384813&t=timing&_s=3&dl=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&dp=%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&ul=en-us&de=UTF-8&dt=Reveal%20(x)%20Hunter%20Challenge%20-%20May&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3300&pdt=55&dns=18&rrt=487&srt=33&tcp=47&dit=1378&clt=1384&_gst=2213&_gbt=2312&_u=aHHAgAAjAAAAAE~&jid=&gjid=&cid=128866291.1683212165&tid=UA-6551454-1&_gid=497792889.1683212165&gtm=45He3510n71MB8XC6&z=1311319101

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 18:34:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73267
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime~main.288ca7cf.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 6 KB
3 KB 20ms
18ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a3986521f7e895cf3175098026f4471920366f5b3d3d1d0299a3c710a779e2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: RlY44XUgIyFaw723OVFcTKdHmmxqiGSD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 501434
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Fri, 28 Apr 2023 19:33:24 GMT
server: istio-envoy
etag: W/"6d70ba943e02b1750bd44bdd0c539787"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1zG0snKuk8yw9hDZttuILW-fMEsarO3R9NU5PIGnWy1vATuqFhaJ5w==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 35 KB
13 KB 21ms
19ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 10:15:05 GMT
x-amz-version-id: umDRh3UQS9dYpmKCPtw.RQIXsyWJwF9b
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2781660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 31 Mar 2023 03:20:36 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aecFcj9b-yff2ASQNmWqGNnyppMuhYM0GQKp3THZbY4RBNfRLGDAfQ==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 7 KB
3 KB 22ms
19ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 17:08:38 GMT
x-amz-version-id: GeEu4y5ogkTLvG9nQWQR5SjDp.WHrJPZ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2843247
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 74
last-modified: Fri, 31 Mar 2023 03:20:40 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: p1D3GDW6IXcFvKyJfj46v6ZHTULM9rkS9h8B5XGXEunu4nrls22o8w==

GET
H2 200 runtime~main.288ca7cf.js Show response
js.driftt.com/core/assets/js/ Frame B508 6 KB
3 KB 22ms
20ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a3986521f7e895cf3175098026f4471920366f5b3d3d1d0299a3c710a779e2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: RlY44XUgIyFaw723OVFcTKdHmmxqiGSD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 501434
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Fri, 28 Apr 2023 19:33:24 GMT
server: istio-envoy
etag: W/"6d70ba943e02b1750bd44bdd0c539787"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hLbUTpR5rp-iJLuF7gTSHcmdVMEU4wdgEI57SR1vNVDfkqt0fDSKzQ==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 35 KB
13 KB 23ms
21ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 10:15:05 GMT
x-amz-version-id: umDRh3UQS9dYpmKCPtw.RQIXsyWJwF9b
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2781660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 31 Mar 2023 03:20:36 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2OAdYdSnuBd31JVPjuVquj1cQIfMHx_CYj0nvsI4U7yWYJBuyptdeQ==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 7 KB
3 KB 23ms
22ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 17:08:38 GMT
x-amz-version-id: GeEu4y5ogkTLvG9nQWQR5SjDp.WHrJPZ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2843247
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 74
last-modified: Fri, 31 Mar 2023 03:20:40 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DSQzto0ANpvk3V23xSmnMFTmc5X_KVAL3vlprapatXxPHXnGrhfzdg==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1827384813&t=timing&_s=2&dl=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&ul=en-us&de=UTF-8&dt=Reveal%20(x)%20Hunter%20Challenge%20-%20May&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3300&pdt=55&dns=18&rrt=487&srt=33&tcp=47&dit=1378&clt=1384&_gst=2213&_gbt=2312&_u=aHHAgAAjAAAAAE~&jid=&gjid=&cid=128866291.1683212165&tid=UA-6551454-4&_gid=497792889.1683212165&gtm=45He3510n71MB8XC6&cd5=&z=382270976

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 18:34:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73267
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 42ms
41ms Image
image/gif 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-6551454-4&cid=128866291.1683212165&jid=1306968017&_u=aHHAgAAjAAAAAE~&z=424047646

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 14:56:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 37ms
37ms Image
image/gif 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-6551454-4&cid=128866291.1683212165&jid=1306968017&_u=aHHAgAAjAAAAAE~&z=424047646

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 14:56:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 23 KB
8 KB 19ms
18ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 07:50:30 GMT
x-amz-version-id: Sn3EkueCHC_tRtPqOFFwTznveO4.Ubsv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 5295935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 03 Mar 2023 18:56:10 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GqlaLqbOyT1JA2sg0wh4K4PB8pdhpmCX3SK_BGvYUNDpJ_DwPGlVTw==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 36 KB
10 KB 19ms
18ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 14:17:25 GMT
x-amz-version-id: MdGIvvi9YQ2J9_G5jz.yGOdFqcXwYS05
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4927120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Tue, 07 Mar 2023 18:47:39 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lUoOUBAr8uDwSe4pb2Tw9r_Etpg46l9w_AwGkhkOjOI6e5xolyBBUQ==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 32 KB
11 KB 20ms
19ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 06:56:04 GMT
x-amz-version-id: xQr6ANfVlQ8ZNn8hdXa_W5U6ZfwWeUA7
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4348801
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tuhIdOlxaQYsfzSGjtpDA-gjpyNfbKdvi5l1VuPXHemCM83O22_dyg==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 17 KB
6 KB 20ms
20ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 07:50:00 GMT
x-amz-version-id: ybw1GI09u1lKCGavyikm1inUvvRdufu3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 5641565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Mon, 27 Feb 2023 18:09:14 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: F80NTU-6BGqYsFuCeCOixqlduPmcPD3TrfNX23tzN-dl-5S1gd-SaQ==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 25 KB
8 KB 21ms
21ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 13:57:30 GMT
x-amz-version-id: jad7ciYmD1.UhEFDgYSX13KMAlfo2TQd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3545915
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Wed, 22 Mar 2023 19:45:37 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XyIqoBHhq7ypb93kwN83l8LAs--qB9WSUze19FTD3Xrp3z9Ola02ow==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 74 KB
23 KB 23ms
22ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 13:57:30 GMT
x-amz-version-id: eYkhGQjP40unMXdcN3HHYihjadR4802e
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3545915
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 86
last-modified: Wed, 22 Mar 2023 19:45:36 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6LpG_cohOfBGen2Vr2XuNVy4z_WzZGlUEnpVt31GzHg2qH2YezZEsA==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 66 KB
20 KB 26ms
25ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:24:39 GMT
x-amz-version-id: aivTM5q4EqbjZyr6ZPDp3uMtkv8Qsctw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2622686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Mon, 03 Apr 2023 20:09:54 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _u5hq2j4sMUSO16VLuQvjwZ4A1Mqbd7VNlBsqsCRCnaUduAJkeEUig==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 91 KB
28 KB 28ms
28ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:27:21 GMT
x-amz-version-id: KF_bDZ.1exmwYIyY06clZwyCnDWvALFo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3709724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 81
last-modified: Wed, 22 Mar 2023 14:57:52 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CRQk_H0fFW5k5LGsRGVWFjKpZTQIZyGA71oExxMsBNmRwkiUan5CAw==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 23 KB
7 KB 30ms
29ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 07:05:28 GMT
x-amz-version-id: 7gSekl93DRdHS1ssd38pWgXby3n2Vww2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 5385037
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Thu, 02 Mar 2023 19:44:20 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RK9r4yf1lAjcTFDFPHKOt71H6ppxpnN5FAnE4zC-NVT8y63U6fpH_w==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 62 KB
20 KB 32ms
31ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 06:45:15 GMT
x-amz-version-id: sBgpDPg4E8n1uoNzBbNz7l_qusJlmRBu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4608650
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8HZA2zOXa3hpLLqlEZPCX6ZdYmMhMWSB2qhU-OV8ctBqpVmvEjrj8g==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 105 KB
34 KB 35ms
34ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:15:32 GMT
x-amz-version-id: .Jp3H9IwroEnQF4Gakvu11ViwJAtAJzd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3825633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 88
last-modified: Mon, 20 Mar 2023 19:06:57 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pQdqchMOyHvXm3KKAk_EbkowpOL94KilMEJqSnW91Da5XOYJjViFAw==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 12 KB
4 KB 37ms
35ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 07:20:09 GMT
x-amz-version-id: 5LomjhgUm7._fyzrQBTKl0XmRhJgm3pa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4260956
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3M8B2M7GWPncyhmhftGirAVOgLeBn9JVyJXwlYvh2hl3PyVh9ZkEOw==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 13 KB
6 KB 37ms
36ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:27:23 GMT
x-amz-version-id: KfFiV07Qwge7fnCeWZbfTMhDt2mAlVTi
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3871722
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Mon, 20 Mar 2023 19:06:57 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6Irus_blwz1LCxB8bdhzaceJCQWDdlcYlliV3VMp1srf3U8bS4lgYA==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 17 KB
7 KB 38ms
38ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 06:40:20 GMT
x-amz-version-id: 7tFKkY8k35k4vJ09bMwXA3x5y_p.mEn4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2535345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 60
last-modified: Tue, 04 Apr 2023 15:21:34 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9cgkGWhjTt5ZpnhUoFJzxHrWrusJIkEQndyBE1gb6V130O-XV7Ncgw==

GET
H2 200 9.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame B6DA 31 KB
4 KB 38ms
38ms Stylesheet
text/css 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:08:37 GMT
x-amz-version-id: LhcyJeU2kFf26i1b16YWESXZ4pGeN9QF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2785648
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
last-modified: Wed, 29 Mar 2023 16:46:52 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ohFMXirRrnG2z5K4yWU2aIXfmAnCxs1bp1xP2CqubAmaXQtJZns8_Q==

GET
H2 200 9.c3fb736e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 80 KB
25 KB 39ms
39ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.c3fb736e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 20:10:33 GMT
x-amz-version-id: ky.11J_dzfrQl7TBwMrL03LxCIIayqY7
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3005132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 69
last-modified: Wed, 29 Mar 2023 16:46:56 GMT
server: istio-envoy
etag: W/"b4ca5f0ecc404e3c35769971c076a425"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0V4tvOtMsdNExKmIfafG1KWwMc3WMECsePFmDct2Pkb7G1OdfxxYCQ==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame B6DA 24 B
696 B 40ms
40ms Stylesheet
text/css 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 11:02:43 GMT
x-amz-version-id: 9ti2s36gCLYUtp4L.4GakqTilGIjKEb5
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 3815602
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
content-length: 24
last-modified: Mon, 20 Mar 2023 19:06:53 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cvyR5DZOjlz_VF7eZneXZ_vbe7qFDSuKYZFIXaxnIcWoVPIjOa-tTQ==

GET
H2 200 17.81f008ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 91 KB
23 KB 41ms
41ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.81f008ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 16:01:28 GMT
x-amz-version-id: pq2QZWEko7dMDbeq5q9U3.Qr6wYVodOo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1378477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 140
last-modified: Mon, 17 Apr 2023 18:50:41 GMT
server: istio-envoy
etag: W/"2c5463d20bb9c942f4cb26607893067b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iLA2ml4FpvBolMvV6xZ_P4y49rkYSddv0tqpegIkqsrTiNSj-sQHXA==

GET
H2 200 26.a55c1f38.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 50 KB
14 KB 43ms
42ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.a55c1f38.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7616b033adbe366f235d70696b659f554051c0e578508896aab0ff5b169491db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: CLxBuTmXn3tjxxf_j0OncAOh499FdB3n
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 501434
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Fri, 28 Apr 2023 19:33:22 GMT
server: istio-envoy
etag: W/"89bd8cf777e065fa7ca75d777c943155"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bobhhoREW47-Ud7iAhNhgTM0BFekh2RwbZ-Vx4iKS3bSMj1izYvWOw==

GET
H2 200 18.12d8d932.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 40 KB
13 KB 44ms
43ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.12d8d932.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2ff2b9a5434137bda235f2847f5939dcd06977e5437ae82bfa197e00faabc6a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: 51lzaeDhcNerEWUeOM6e5tRXtG.B7lli
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 501434
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Fri, 28 Apr 2023 19:33:21 GMT
server: istio-envoy
etag: W/"f8d07bd5dd786d7b8a311fde8e1e4859"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iUCsqvNrngm-jvMUEZAD0BDpJW3rM4ayadMdGkOFWYPbELRJ-nQ7oQ==

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 23 KB
8 KB 41ms
40ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 07:50:30 GMT
x-amz-version-id: Sn3EkueCHC_tRtPqOFFwTznveO4.Ubsv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 5295935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 03 Mar 2023 18:56:10 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DzHnonChOE_m384WBQDMAjIQgUgPr6hr8ctq6Gr5zyd8fAk7Js68iw==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 36 KB
10 KB 42ms
37ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 14:17:25 GMT
x-amz-version-id: MdGIvvi9YQ2J9_G5jz.yGOdFqcXwYS05
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4927120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Tue, 07 Mar 2023 18:47:39 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 40Kem2nkmiISgECziEhg5mi6iU6nKfPymc_oLmJyfPegoOoCSqIMFw==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 32 KB
11 KB 43ms
38ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 06:56:04 GMT
x-amz-version-id: xQr6ANfVlQ8ZNn8hdXa_W5U6ZfwWeUA7
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4348801
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: B9Dq7MmhvY0X6y0W4irvUfyXQfIqgGB3tB8Rnbj2-RtgQZSdVtad9A==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 17 KB
6 KB 43ms
39ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 07:50:00 GMT
x-amz-version-id: ybw1GI09u1lKCGavyikm1inUvvRdufu3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 5641565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Mon, 27 Feb 2023 18:09:14 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xhCCVuKuW3Im2-wxmctM88d68Nlewc8jNl3sQ-ea9HgBXZLGbdQT5A==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 25 KB
8 KB 43ms
38ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 13:57:30 GMT
x-amz-version-id: jad7ciYmD1.UhEFDgYSX13KMAlfo2TQd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3545915
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Wed, 22 Mar 2023 19:45:37 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XbBT8XbQTLUncupNqeHhU6q5byCPlZ496nCLZaYdpMq44bg-eIEBcg==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 74 KB
23 KB 44ms
39ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 13:57:30 GMT
x-amz-version-id: eYkhGQjP40unMXdcN3HHYihjadR4802e
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3545915
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 86
last-modified: Wed, 22 Mar 2023 19:45:36 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LedQCGqdfsIYKRywI5hl4hyKiWEaD4CNb1ivXCN5tdMseh0j0edGog==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 66 KB
20 KB 44ms
39ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:24:39 GMT
x-amz-version-id: aivTM5q4EqbjZyr6ZPDp3uMtkv8Qsctw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2622686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Mon, 03 Apr 2023 20:09:54 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: i0uq-tt5SuL9-YXmm_RiX4C_oEzT1a-Oo0JHwrpcy5GWWDl7wyZYew==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 91 KB
28 KB 45ms
40ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:27:21 GMT
x-amz-version-id: KF_bDZ.1exmwYIyY06clZwyCnDWvALFo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3709724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 81
last-modified: Wed, 22 Mar 2023 14:57:52 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: I2kOPJFTvTTxiHCkyYPyOJX8JSYKw6GoEtFluh2VUScY9ucbjfG7iQ==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 23 KB
7 KB 45ms
41ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 07:05:28 GMT
x-amz-version-id: 7gSekl93DRdHS1ssd38pWgXby3n2Vww2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 5385037
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Thu, 02 Mar 2023 19:44:20 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LBHTkf-k0uxwbR7tTZbscei7fgx7Ng-3VyiITPvz0KlvTORIjAlmpQ==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 62 KB
20 KB 46ms
42ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 06:45:15 GMT
x-amz-version-id: sBgpDPg4E8n1uoNzBbNz7l_qusJlmRBu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4608650
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VbpLCgBwu3hBwiQDhUlESjn2I0bKucimJgySQd4PB_HHCH9v81k_nw==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 105 KB
34 KB 47ms
43ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:15:32 GMT
x-amz-version-id: .Jp3H9IwroEnQF4Gakvu11ViwJAtAJzd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3825633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 88
last-modified: Mon, 20 Mar 2023 19:06:57 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ezfJt6ZgBFYEHDDikGIy_NsCKZwx6EfJbGA6HIvwzO3z_ttsZrL9jw==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 12 KB
4 KB 48ms
45ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 07:20:09 GMT
x-amz-version-id: 5LomjhgUm7._fyzrQBTKl0XmRhJgm3pa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4260956
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bCdMGYMXTY9XRAvWNVrKGtw5PMUSYoVP4xzqaeo3OiRP2MY4EqlhiQ==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 13 KB
6 KB 49ms
46ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:27:23 GMT
x-amz-version-id: KfFiV07Qwge7fnCeWZbfTMhDt2mAlVTi
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3871722
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Mon, 20 Mar 2023 19:06:57 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CnRvi6zW14aXd5YO6efjLJndXUeakukuXyFZxSCyBRh0u2d1lFAuPw==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 17 KB
7 KB 49ms
46ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 06:40:20 GMT
x-amz-version-id: 7tFKkY8k35k4vJ09bMwXA3x5y_p.mEn4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2535345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 60
last-modified: Tue, 04 Apr 2023 15:21:34 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _0W19OQkXtkVWPtLiVJhdyas0ZUJJFAGfKgzDn0RGmMhOWIN7isjCQ==

GET
H2 200 9.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame B508 31 KB
4 KB 50ms
47ms Stylesheet
text/css 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:08:37 GMT
x-amz-version-id: LhcyJeU2kFf26i1b16YWESXZ4pGeN9QF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2785648
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
last-modified: Wed, 29 Mar 2023 16:46:52 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7Oigd_Ss0_gmbJp64BaYPtMeAHLdsoqMSO16jQYZ62ovw9xLkXBnGw==

GET
H2 200 9.c3fb736e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 80 KB
25 KB 51ms
49ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.c3fb736e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 20:10:33 GMT
x-amz-version-id: ky.11J_dzfrQl7TBwMrL03LxCIIayqY7
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3005132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 69
last-modified: Wed, 29 Mar 2023 16:46:56 GMT
server: istio-envoy
etag: W/"b4ca5f0ecc404e3c35769971c076a425"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xTNXwOOCWh5lDvsabp30GGZ8d0MEi7-BC77D4YTwdAj1A2ZxRBYTAA==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame B508 24 B
694 B 50ms
48ms Stylesheet
text/css 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 11:02:43 GMT
x-amz-version-id: 9ti2s36gCLYUtp4L.4GakqTilGIjKEb5
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 3815602
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
content-length: 24
last-modified: Mon, 20 Mar 2023 19:06:53 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 77_-JfvWZ6PnRjYozckd-nuBeYAdtIvTUGiJ72kuu_gAlaww1eYehA==

GET
H2 200 17.81f008ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 91 KB
23 KB 52ms
50ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.81f008ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 16:01:28 GMT
x-amz-version-id: pq2QZWEko7dMDbeq5q9U3.Qr6wYVodOo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1378477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 140
last-modified: Mon, 17 Apr 2023 18:50:41 GMT
server: istio-envoy
etag: W/"2c5463d20bb9c942f4cb26607893067b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5QhmaOJ6FbDyXtB63KSlbYCaKBj41sPVaCmJuoi_DggaR7iHje0sCw==

GET
H2 200 26.a55c1f38.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 50 KB
14 KB 53ms
51ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.a55c1f38.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7616b033adbe366f235d70696b659f554051c0e578508896aab0ff5b169491db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: CLxBuTmXn3tjxxf_j0OncAOh499FdB3n
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 501434
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Fri, 28 Apr 2023 19:33:22 GMT
server: istio-envoy
etag: W/"89bd8cf777e065fa7ca75d777c943155"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sxP38jMWJGpIUXWMF1kBW_d3rPi4M-yR50TgU7ZQAOQICVP3fd28qQ==

GET
H2 200 18.12d8d932.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 40 KB
13 KB 54ms
53ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.12d8d932.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2ff2b9a5434137bda235f2847f5939dcd06977e5437ae82bfa197e00faabc6a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: 51lzaeDhcNerEWUeOM6e5tRXtG.B7lli
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 501434
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Fri, 28 Apr 2023 19:33:21 GMT
server: istio-envoy
etag: W/"f8d07bd5dd786d7b8a311fde8e1e4859"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W2dld85LFfOd0OBjzj9OuVuln6pHf3H8-IPwrpspLoooGdvJq17hVg==

GET
H2 200 / Show response
c.6sc.co/ 7 B
205 B 62ms
20ms XHR
text/html 23.200.1.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.1.16 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-1-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:05 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://events.extrahop.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
316 B 170ms
19ms XHR
text/html 2600:141b:9000::b833:94d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::b833:94d9 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7909ac26c94c9592b7f3d0ce6d28b3921556d78b8bf9c72e91c35f410333685b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 May 2023 14:56:05 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://events.extrahop.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2607:5300:60:7867::6
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467558_3090388181_416701860_29_1098_17_0";dur=1
content-length: 20
expires: Thu, 04 May 2023 14:56:05 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
495 B 76ms
38ms Image
image/gif 23.200.1.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6179e0bb11f1cd3b4b917082ccdc5e55&svisitor=null&visitor=6404570a-8df9-4046-876a-d9b526487648&session=0bc41814-7984-42f3-8f3a-22d03ae2d8c4&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2004%20May%202023%2014%3A56%3A05%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20May%202023%2014%3A56%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%226179e0bb11f1cd3b4b917082ccdc5e55%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20May%202023%2014%3A56%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2233fe00390ce3953fe37dc8876edf9e3315921979%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20May%202023%2014%3A56%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20May%202023%2014%3A56%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20May%202023%2014%3A56%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Reveal%20(x)%20Hunter%20Challenge%20-%20May%20-%20Join%20ExtraHop%20for%20a%20Capture%20the%20Flag%20style%20event%20that%20will%20test%20your%20knowledge%20and%20skills%20in%20targeted%20attacks.%20Will%20you%20rise%20with%20the%20Hunters%20or%20fall%20among%20the%20Hunted%3F%C2%A0During%20the%20Reveal(x)%20Hunter%20Challenge%2C%20you%20will%20focus%20on%20solving%20a%20series%20of%20challenges%20that%20vary%20in%20their%20degree%20of%20difficulty%20and%20may%20require%20several%20different%20skill%20sets%20to%20solve.%20The%20challenges%20will%20include%20real%20world%20scenarios%20around%20incident%20investigation%2C%20threat%20hunting%2C%20security%20and%20network%20hygiene%2C%20network%20performance%20and%20more.%20Both%20network%20performance%20and%20security%20tasks%20will%20be%20included%20in%20mastering%20the%20challenge.%20We%27ve%20designed%20this%20game%20to%20be%20both%20fun%20and%20competitive%2C%20while%20giving%20you%20the%20experience%20of%20using%20a%20full%20featured%20demo%20instance%20of%20ExtraHop%27s%20Cloud-Native%20NDR%20platform.%C2%A0Before%20we%20set%20you%20loose%20to%20start%20the%20hunt%2C%20an%20ExtraHop%20engineer%20will%20kick%20off%20the%20event%20with%20a%20brief%20tactical%20training%20on%20the%20demo%20interface%20that%20will%20arm%20you%20with%20all%20of%20the%20information%20you%20will%20need%20to%20navigate%20the%20platform%20and%20solve%20the%20challenges.%20All%20levels%20of%20expertise%20are%20encouraged%20to%20participate%20and%20no%20prior%20knowledge%20of%20ExtraHop%27s%20platform%20is%20necessary.%C2%A0See%20if%20you%20have%20what%20it%20takes%20to%20master%20the%20Reveal(x)%20Hunter%20Challenge!%20-%20Wednesday%2C%20May%2017%2C%202023%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Reveal%20(x)%20Hunter%20Challenge%20-%20May%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&pageViewId=c64fc8f0-6a6f-4263-891c-08b12b5771d9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.1.16 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-200-1-16.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:05 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 108F 487 B
987 B 23ms
21ms Script
application/x-javascript 18.238.12.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=2fvosvc&ref=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&upid=nhxwmcz&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.12.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-12-115.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 16:51:59 GMT
Via: 1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PHL51-P1
Age: 79447
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: OQH7aK6hPsCo69wF5AGg_gHLZZWA5AeTCjwaleEBwxJa_SbBAbmxYw==

GET
H2 200 38.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame B6DA 3 KB
1 KB 19ms
18ms Stylesheet
text/css 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/38.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 06:45:16 GMT
x-amz-version-id: P3aycBysthgmcENcPayqohBO44enSkZR
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4608649
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Thu, 09 Mar 2023 19:38:32 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d5Jtv7LgVgJOcXtvaDW78fozNlQuWXtOJYONC-2t0qKiSSQo9eoAHQ==

GET
H2 200 38.2c907ce3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 3 KB
2 KB 20ms
19ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.2c907ce3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

0c07bf805e857013386ec7ea2d26911aed5c827ee90e71a94188553c6d8ef337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:46:57 GMT
x-amz-version-id: UxCT8aDYj_hNgM93MexUSctwVxa1i.5F
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4831748
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Thu, 09 Mar 2023 16:34:01 GMT
server: istio-envoy
etag: W/"ad63bf20f878fb64a363281ee85aa567"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JyqPq2pqmiiChtb-ps5HG6Fx6AE7ec8ac3uRpz5iVOZ-r952zGSuhw==

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 728 B
578 B 76ms
26ms XHR
application/json 52.6.2.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.2.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-2-140.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7b3cd3c10f2b00ffe9b2275648e095d8f93b3294f4ee008b76f7d7977e1867bc

Request headers

Referer: https://events.extrahop.com/
accept-language: en-CA,en;q=0.9
Authorization: Token 33fe00390ce3953fe37dc8876edf9e3315921979
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://events.extrahop.com
access-control-allow-credentials: true
content-length: 390

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 156ms
25ms Preflight 52.6.2.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.2.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-2-140.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://events.extrahop.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://events.extrahop.com
access-control-max-age: 1800
date: Thu, 04 May 2023 14:56:06 GMT
server: nginx

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
495 B 99ms
99ms Image
image/gif 23.200.1.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6179e0bb11f1cd3b4b917082ccdc5e55&svisitor=null&visitor=6404570a-8df9-4046-876a-d9b526487648&session=0bc41814-7984-42f3-8f3a-22d03ae2d8c4&event=ipv6&q=%7B%22address%22%3A%222607%3A5300%3A60%3A7867%3A%3A6%22%7D&isIframe=false&m=%7B%22description%22%3A%22Reveal%20(x)%20Hunter%20Challenge%20-%20May%20-%20Join%20ExtraHop%20for%20a%20Capture%20the%20Flag%20style%20event%20that%20will%20test%20your%20knowledge%20and%20skills%20in%20targeted%20attacks.%20Will%20you%20rise%20with%20the%20Hunters%20or%20fall%20among%20the%20Hunted%3F%C2%A0During%20the%20Reveal(x)%20Hunter%20Challenge%2C%20you%20will%20focus%20on%20solving%20a%20series%20of%20challenges%20that%20vary%20in%20their%20degree%20of%20difficulty%20and%20may%20require%20several%20different%20skill%20sets%20to%20solve.%20The%20challenges%20will%20include%20real%20world%20scenarios%20around%20incident%20investigation%2C%20threat%20hunting%2C%20security%20and%20network%20hygiene%2C%20network%20performance%20and%20more.%20Both%20network%20performance%20and%20security%20tasks%20will%20be%20included%20in%20mastering%20the%20challenge.%20We%27ve%20designed%20this%20game%20to%20be%20both%20fun%20and%20competitive%2C%20while%20giving%20you%20the%20experience%20of%20using%20a%20full%20featured%20demo%20instance%20of%20ExtraHop%27s%20Cloud-Native%20NDR%20platform.%C2%A0Before%20we%20set%20you%20loose%20to%20start%20the%20hunt%2C%20an%20ExtraHop%20engineer%20will%20kick%20off%20the%20event%20with%20a%20brief%20tactical%20training%20on%20the%20demo%20interface%20that%20will%20arm%20you%20with%20all%20of%20the%20information%20you%20will%20need%20to%20navigate%20the%20platform%20and%20solve%20the%20challenges.%20All%20levels%20of%20expertise%20are%20encouraged%20to%20participate%20and%20no%20prior%20knowledge%20of%20ExtraHop%27s%20platform%20is%20necessary.%C2%A0See%20if%20you%20have%20what%20it%20takes%20to%20master%20the%20Reveal(x)%20Hunter%20Challenge!%20-%20Wednesday%2C%20May%2017%2C%202023%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Reveal%20(x)%20Hunter%20Challenge%20-%20May%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&pageViewId=c64fc8f0-6a6f-4263-891c-08b12b5771d9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.1.16 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-200-1-16.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:05 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 15F5
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5644655d-686f-48db-82c0-58ce8b4de724
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5644655d-686f-48db-82c0-58ce8b4de724

0
0

79ms
23ms

Document
text/plain

18.209.251.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5644655d-686f-48db-82c0-58ce8b4de724
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.251.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-251-30.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, no-cache, no-store
date: Thu, 04 May 2023 14:56:06 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-request-time: D=43 t=1683212166
x-served-by: beacon-n031-ash-prod.krxd.net

Redirect headers

content-length: 0
date: Thu, 04 May 2023 14:56:06 GMT
location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5644655d-686f-48db-82c0-58ce8b4de724
x-age: 0
x-cache: MISS
x-cache-hits: 0
x-served-by: usermatch-a020-ash-prod.krxd.net

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 83D6
Redirect Chain

https://dpm.demdex.net/ibs:dpid=903&dpuuid=5644655d-686f-48db-82c0-58ce8b4de724&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=5644655d-686f-48db-82c0-58ce8b4de724&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam

70 B
570 B

25ms
25ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Thu, 04 May 2023 14:56:06 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
DCS: dcs-prod-va6-1-v047-01a4c542e.edge-va6.demdex.com 13 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Ebx/ZSnsT0A=

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 0E18
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=5644655d-686f-48db-82c0-58ce8b4de724&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=5644655d-686f-48db-82c0-58ce8b4de724&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-AaYCHDxE2uL6Zg.ONICQ_NtM61L.RCQ-~A&gdpr=0

70 B
570 B

24ms
24ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-AaYCHDxE2uL6Zg.ONICQ_NtM61L.RCQ-~A&gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Thu, 04 May 2023 14:56:06 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Thu, 04 May 2023 14:56:06 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-AaYCHDxE2uL6Zg.ONICQ_NtM61L.RCQ-~A&gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.57
strict-transport-security: max-age=31536000

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 9 KB
3 KB 81ms
80ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 13:00:26 GMT
x-amz-version-id: KvqHsSugExbr72yVkbDLy5PpQDT2ioCd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3117340
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 57
last-modified: Tue, 28 Mar 2023 20:42:56 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h-SB4T9O32ZTPV1vMZsvfnf9G6CFgutwuVwp8AE8njITmvByNVtPQA==

GET
H2 200 28.01a0fe87.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 35 KB
35 KB 82ms
81ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.01a0fe87.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:22:49 GMT
x-amz-version-id: neSopBF0zHVZ2Zs8icGDQEPMBXWE9Dni
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 5423597
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 63
content-length: 35483
last-modified: Thu, 02 Mar 2023 19:44:21 GMT
server: istio-envoy
etag: "0ad089f0617a0fa8014a23c2afa90ddd"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CXcRHrUoSpGCfijIXf4CzEnyO1tEForDfpQVjhe5AuomVQb2edEjFA==

GET
H2 200 29.9bf46b67.chunk.css
js.driftt.com/core/assets/css/ Frame B508 8 KB
2 KB 81ms
80ms Stylesheet
text/css 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.9bf46b67.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 11:02:44 GMT
x-amz-version-id: UFE22JlREJuiBg.jVL7yG7vdjdjU5pnT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3815602
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Mon, 20 Mar 2023 19:06:53 GMT
server: istio-envoy
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ieQ9vjuq9kNLSK8RsyXh4P3ipVIiX3GUL9VmP8iITy9fYb_mgg-mLQ==

GET
H2 200 29.98c2b316.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 14 KB
6 KB 82ms
81ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.98c2b316.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c6b2815294e64eb3d9e30955673ae3b60a486ae5b7dfcc7e48c0e2a4fe7301de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:08:56 GMT
x-amz-version-id: aizM0H1Fdw3zzppb3P2Ok7x7JUMOS1IQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3271630
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 52
last-modified: Mon, 27 Mar 2023 17:53:25 GMT
server: istio-envoy
etag: W/"6526b5009cc642f706e7156982e7429b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qPEMb8dj8PYBTb6hAETfFhdsTb5_oDAIajxIvobJ7aCsQDh1iUB4XA==

GET
H2 200 23.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame B508 365 B
1 KB 83ms
82ms Stylesheet
text/css 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/23.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:11:29 GMT
x-amz-version-id: 7vZxo7ymCEpTMOiGbASq140o6O_xaOt7
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 3109477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
content-length: 365
last-modified: Mon, 27 Mar 2023 17:53:22 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YRD4mrdNnXvFx9t1wwvXlyXG2BEbpfRzOmYb5H40kWvBnpwXWLmDIQ==

GET
H2 200 23.ed4e6d8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 91 KB
25 KB 83ms
82ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.ed4e6d8f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7c4cddc44e59d49ccbfdaf1b57cca9884b74ee1710671c7d9fa974e3fae6f507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 16:38:37 GMT
x-amz-version-id: xN70QZOgyKQKNnP0o5N59vnLWimajx0E
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 685049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 53
last-modified: Wed, 26 Apr 2023 15:35:22 GMT
server: istio-envoy
etag: W/"697b9f051ece7b5f2c5dbe85f673b6cd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vM5NbtdNoRwaXVTo66RTZo2-GDNXXhl5vWZWldeLLKgWTGjel3GEtw==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 9 KB
3 KB 56ms
55ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 13:00:26 GMT
x-amz-version-id: KvqHsSugExbr72yVkbDLy5PpQDT2ioCd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3117340
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 57
last-modified: Tue, 28 Mar 2023 20:42:56 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Sg7-HxzqPAKcIJi4HbatE8PggbNmk0S3Le840wuBaovWLIUhmMFP7w==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame B6DA 7 KB
2 KB 57ms
56ms Stylesheet
text/css 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:49:44 GMT
x-amz-version-id: Q2PqwaAGurDGgY8YzFfQs2Uv742NLD.g
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3949582
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Fri, 17 Mar 2023 17:38:15 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eSptEZec7gPyoQimYrsyNNp9xD5QWSd0xWzLJ_JxGYdZK1Kt7aRGig==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 54 KB
15 KB 57ms
56ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 13:57:30 GMT
x-amz-version-id: Y8UJ84CmfvTL1vvwN0fzWZBCq4eSl45h
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3545916
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Wed, 22 Mar 2023 19:45:37 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eaHqjRqh6yDb1eTy9cjemKPWMMvN9u0HGxsufM1NvlUSF2uFpX0gww==

GET
H2 200 1.02a6af84.chunk.css
js.driftt.com/core/assets/css/ Frame B6DA 44 KB
7 KB 58ms
57ms Stylesheet
text/css 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.02a6af84.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 09:15:37 GMT
x-amz-version-id: nJZ6zADpWV11YakUyza533NKRNONyBtw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2612429
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Mon, 03 Apr 2023 20:09:51 GMT
server: istio-envoy
etag: W/"295093fc512c5e44a90c3c28242de8ae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VLGkll5jkcDuNRlT8VUCvDd36V1WKuydxCfxqbLF20R6tjRPAJHzLw==

GET
H2 200 1.dd688aaf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 53 KB
17 KB 58ms
57ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.dd688aaf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d3ed94b69049a6046b0472b87a4d1be0a1c9482c9edc3793bf72714c82c7ce0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 20:29:52 GMT
x-amz-version-id: EYuyMkYTdV6Sz.Tu3e2Qz8Z_YPV77rIe
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2485574
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Wed, 05 Apr 2023 19:06:48 GMT
server: istio-envoy
etag: W/"456df11dba646f06e80bbae67a65aad8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WVKApG7UP5yhP0x0422nvMxp4yvkLxGty6ytvjKLTHs41pC7ODxW0Q==

GET
H2 200 4.b4477698.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 23 KB
10 KB 60ms
59ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.b4477698.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

277725f80d5c0175c2a996fe1eea07395b87ec1bd0496353409e99e96024816e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 20:29:52 GMT
x-amz-version-id: 0s5HvDu7I8ZUWeiRZtf_7BJNbUsVlUik
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2485574
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Wed, 05 Apr 2023 19:06:49 GMT
server: istio-envoy
etag: W/"ec2b0368f8359c0e46e2bfb9cf8e79ef"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aX5doGAUsVrmbAhN_WJpwXa9OrtVYguOndWHzD14cLVezDmWABOytw==

GET
H2 200 35.a3318c5e.chunk.css
js.driftt.com/core/assets/css/ Frame B6DA 14 KB
3 KB 59ms
59ms Stylesheet
text/css 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/35.a3318c5e.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:11:06 GMT
x-amz-version-id: .Qx9Y0gU9g3o.rVP1g.ErQa6wXaiIqXc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4153500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 67
last-modified: Mon, 13 Mar 2023 18:41:48 GMT
server: istio-envoy
etag: W/"b06e02b360914b25e58305b1b9b954dc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: V69xb5zCOkNta612D8UtTWD5WND-8i33dPaZFziwIoNrfEjeIL_wQg==

GET
H2 200 35.46d29dea.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 12 KB
5 KB 60ms
60ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.46d29dea.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2693e158a319fe2c6576e7fdd76ad78ca5e0235cce4418503e5fee2e7426b2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: xuvYWNeKM10RQbhB8D3mlc4N6CStBtYA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 501435
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Fri, 28 Apr 2023 19:33:22 GMT
server: istio-envoy
etag: W/"8195467360aaef75c927565e2e787326"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G6TvRvEVlpPxNC5X3Py7fDwHAoNfFP9mfHuK4flFQpMcK21BaL_u_g==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1827384813&t=event&ni=1&_s=1&dl=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&ul=en-us&de=UTF-8&dt=Reveal%20(x)%20Hunter%20Challenge%20-%20May&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aHHAgAAjAAAAAE~&jid=&gjid=&cid=128866291.1683212165&tid=UA-6551454-4&_gid=497792889.1683212165&gtm=45He3510n71MB8XC6&cd5=&cd10=&cd11=&cd12=Canada&cd13=&cd14=&cd15=&z=694273471

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 18:34:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73268
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame B508 147 B
589 B 128ms
28ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

3e2deb8536c3ce0a0787394933f39782774de4b7e97b8a287c91ff29a67d96f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 May 2023 14:56:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 94fa1d262d01f193
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame B508 25 B
89 B 102ms
39ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 May 2023 14:56:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: c621520f17b9ef38
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame B508 20 KB
7 KB 272ms
272ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

ab63c4fa16d08da2e5fdb094dc4b01c7220cfaebed3357a0f7d4af3aeccedf99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 May 2023 14:56:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 5dfd8cef366bb3a
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 247
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 37ms
37ms Image
image/gif 23.200.1.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6179e0bb11f1cd3b4b917082ccdc5e55&svisitor=null&visitor=6404570a-8df9-4046-876a-d9b526487648&session=0bc41814-7984-42f3-8f3a-22d03ae2d8c4&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20May%202023%2014%3A56%3A06%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20May%202023%2014%3A56%3A05%20GMT%22%2C%22timeSpent%22%3A%221008%22%2C%22totalTimeSpent%22%3A%221008%22%7D&isIframe=false&m=%7B%22description%22%3A%22Reveal%20(x)%20Hunter%20Challenge%20-%20May%20-%20Join%20ExtraHop%20for%20a%20Capture%20the%20Flag%20style%20event%20that%20will%20test%20your%20knowledge%20and%20skills%20in%20targeted%20attacks.%20Will%20you%20rise%20with%20the%20Hunters%20or%20fall%20among%20the%20Hunted%3F%C2%A0During%20the%20Reveal(x)%20Hunter%20Challenge%2C%20you%20will%20focus%20on%20solving%20a%20series%20of%20challenges%20that%20vary%20in%20their%20degree%20of%20difficulty%20and%20may%20require%20several%20different%20skill%20sets%20to%20solve.%20The%20challenges%20will%20include%20real%20world%20scenarios%20around%20incident%20investigation%2C%20threat%20hunting%2C%20security%20and%20network%20hygiene%2C%20network%20performance%20and%20more.%20Both%20network%20performance%20and%20security%20tasks%20will%20be%20included%20in%20mastering%20the%20challenge.%20We%27ve%20designed%20this%20game%20to%20be%20both%20fun%20and%20competitive%2C%20while%20giving%20you%20the%20experience%20of%20using%20a%20full%20featured%20demo%20instance%20of%20ExtraHop%27s%20Cloud-Native%20NDR%20platform.%C2%A0Before%20we%20set%20you%20loose%20to%20start%20the%20hunt%2C%20an%20ExtraHop%20engineer%20will%20kick%20off%20the%20event%20with%20a%20brief%20tactical%20training%20on%20the%20demo%20interface%20that%20will%20arm%20you%20with%20all%20of%20the%20information%20you%20will%20need%20to%20navigate%20the%20platform%20and%20solve%20the%20challenges.%20All%20levels%20of%20expertise%20are%20encouraged%20to%20participate%20and%20no%20prior%20knowledge%20of%20ExtraHop%27s%20platform%20is%20necessary.%C2%A0See%20if%20you%20have%20what%20it%20takes%20to%20master%20the%20Reveal(x)%20Hunter%20Challenge!%20-%20Wednesday%2C%20May%2017%2C%202023%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Reveal%20(x)%20Hunter%20Challenge%20-%20May%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&pageViewId=c64fc8f0-6a6f-4263-891c-08b12b5771d9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.1.16 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-200-1-16.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:06 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 26ms
24ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 04 May 2023 14:56:06 GMT
requestid: driftdba210f468a8ea1efbe0a0247d3
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 track Show response
event.api.drift.com/ Frame B508 693 B
752 B 27ms
27ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

1c6edddbe2b2a8deacbddd3f3ba49fb6dc1577f2a644e5dd2b28379eaf483d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODE0NDkzMDUwNCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE1MTQzMTEiLCJleHAiOjE3MTQ4MzQ1NjYsImlhdCI6MTY4MzIxMjE2Nn0.jZVtBmwTrQMb_SKjn3G2wbryy0oDW1ApYL1ajwFK1s1gag2kWA3uTcID6GPvIw7LjcmdKAkjlh9PcyQcvqq59g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 May 2023 14:56:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 3fc5a8cdba5041d5
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 693

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 40ms
27ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 04 May 2023 14:56:06 GMT
requestid: driftad60790434e9b65fdb7fa0090c9
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame B508 983 B
454 B 27ms
26ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

143b19a1ede2075f9ab6376e9f702eebcc049bc41b6e1217354496180fea9033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODE0NDkzMDUwNCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE1MTQzMTEiLCJleHAiOjE3MTQ4MzQ1NjYsImlhdCI6MTY4MzIxMjE2Nn0.jZVtBmwTrQMb_SKjn3G2wbryy0oDW1ApYL1ajwFK1s1gag2kWA3uTcID6GPvIw7LjcmdKAkjlh9PcyQcvqq59g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 May 2023 14:56:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 4a0c19f1739f5dd3
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 393

POST
H2 200 render_initial_v3 Show response
flow.api.drift.com/flows/ Frame B508 4 KB
2 KB 56ms
56ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

a745aed40b2c9e561cfafce7db128d77f0d43fee4529730971aef94a2434d3a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODE0NDkzMDUwNCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE1MTQzMTEiLCJleHAiOjE3MTQ4MzQ1NjYsImlhdCI6MTY4MzIxMjE2Nn0.jZVtBmwTrQMb_SKjn3G2wbryy0oDW1ApYL1ajwFK1s1gag2kWA3uTcID6GPvIw7LjcmdKAkjlh9PcyQcvqq59g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 May 2023 14:56:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: e31e2876fc0208b3
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 31
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2042

OPTIONS
H2 200 render_initial_v3
flow.api.drift.com/flows/ Frame 0
0 76ms
25ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 04 May 2023 14:56:06 GMT
requestid: drift1d88c8e48de93f7f9d3072c578f
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 28ms
27ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 04 May 2023 14:56:07 GMT
requestid: drift57719c14ff395119b54ae9314dd
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame B508 0
37 B 33ms
32ms XHR
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODE0NDkzMDUwNCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE1MTQzMTEiLCJleHAiOjE3MTQ4MzQ1NjYsImlhdCI6MTY4MzIxMjE2Nn0.jZVtBmwTrQMb_SKjn3G2wbryy0oDW1ApYL1ajwFK1s1gag2kWA3uTcID6GPvIw7LjcmdKAkjlh9PcyQcvqq59g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 May 2023 14:56:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 7fc2f31d78d9e7c0
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

OPTIONS
H2 200 /
notify.bugsnag.com/ Frame 0
0 127ms
75ms Preflight 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://events.extrahop.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 04 May 2023 14:56:07 GMT
via: 1.1 google

OPTIONS
H2 200 /
notify.bugsnag.com/ Frame 0
0 120ms
73ms Preflight 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://events.extrahop.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 04 May 2023 14:56:07 GMT
via: 1.1 google

POST
H2 200 / Show response
notify.bugsnag.com/ 2 B
81 B 85ms
84ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: frontend.cdn.splashthat.com
URL: https://frontend.cdn.splashthat.com/build/standalone/splash-page.455bcd5656011ebd9be0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4
Referer: https://events.extrahop.com/
Bugsnag-Sent-At: 2023-05-04T14:56:07.089Z
accept-language: en-CA,en;q=0.9
Bugsnag-Api-Key: a5edc2d9646c0fd0d4c94866c01f005f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 04 May 2023 14:56:07 GMT
via: 1.1 google
bugsnag-event-id: 6453c78700bce362bc370000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8

POST
H2 200 / Show response
notify.bugsnag.com/ 2 B
114 B 78ms
75ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: frontend.cdn.splashthat.com
URL: https://frontend.cdn.splashthat.com/build/standalone/third-party-tracking-manager.eaf6803f7b5a6acdc589.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4
Referer: https://events.extrahop.com/
Bugsnag-Sent-At: 2023-05-04T14:56:07.094Z
accept-language: en-CA,en;q=0.9
Bugsnag-Api-Key: a5edc2d9646c0fd0d4c94866c01f005f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 04 May 2023 14:56:07 GMT
via: 1.1 google
bugsnag-event-id: 6453c78700bcde02e8f00000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 58.377a2854.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B508 18 KB
7 KB 18ms
18ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/58.377a2854.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=r5gwvvkz53c9&eId=r5gwvvkz53c9&region=US&forceShow=false&skipCampaigns=false&sessionId=3836ed68-4f5c-47db-9ea6-6d6c5b303215&sessionStarted=1683212165.566&campaignRefreshToken=abe628c0-c94e-455b-82f9-17d2ef129c75&hideController=false&pageLoadStartTime=1683212162915&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 10:15:05 GMT
x-amz-version-id: k5uZ.9PW.JvNHCZ_RpRIj6kuYFtHIceG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2781662
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Fri, 31 Mar 2023 03:20:38 GMT
server: istio-envoy
etag: W/"33f417d96bdfff4c4e2ac5468c815f07"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1OoW54oMFLZPiZS1elLDWIFTzWkGfGRcchWX2rqbIw2WFSLtCQD2tg==

GET
H2 200 58.377a2854.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 18 KB
7 KB 18ms
17ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/58.377a2854.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 10:15:05 GMT
x-amz-version-id: k5uZ.9PW.JvNHCZ_RpRIj6kuYFtHIceG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2781662
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Fri, 31 Mar 2023 03:20:38 GMT
server: istio-envoy
etag: W/"33f417d96bdfff4c4e2ac5468c815f07"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tWNxJ6dMNyO7vHJuS7JRz3E65OZaiosVvLBVeE1MUOTmiUUbfAzRLA==

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2252225%252Fdac36af77b20fb10f0fe9cf67f91ae37yarabg8gxnbr%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w...
driftt.imgix.net/ Frame B508 5 KB
5 KB 74ms
28ms Image
image/png 2a04:4e42:46::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2252225%252Fdac36af77b20fb10f0fe9cf67f91ae37yarabg8gxnbr%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D9d98ce5cc0a46d5faa04f1f809fc22d8?fit=max&fm=png&h=200&w=200&s=172134573d28d7b0a9f2e0f778b5940e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

5a25180f01c93f47c9bf9785ac10af6ce9922b75e5b9eb83098b03ad33865503

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:07 GMT
x-content-type-options: nosniff
age: 2278573
x-cache: HIT, HIT
x-imgix-id: 2406bbffecf0d23ed8531a7faa802083d0251857
cross-origin-resource-policy: cross-origin
content-length: 5263
x-served-by: cache-sjc10075-SJC, cache-lga21921-LGA
x-imgix-render-farm: 01.9040
last-modified: Sat, 08 Apr 2023 05:59:54 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 44.e483d03f.chunk.css
js.driftt.com/core/assets/css/ Frame B6DA 900 B
2 KB 20ms
19ms Stylesheet
text/css 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/44.e483d03f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 09:30:58 GMT
x-amz-version-id: 4vkwT6nMEPsvXUnePH8fVmf8HRwW2pG1
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 3389109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 52
content-length: 900
last-modified: Fri, 24 Mar 2023 15:27:28 GMT
server: istio-envoy
etag: "0bd11a8facc0a9d41713c64ed1ba1289"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n-S4BxNRvm8uHcAOsu4P_H1eW3AfCP50-4hlxCrfNPsCy2AO0F6eIA==

GET
H2 200 44.5fe09e33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B6DA 303 B
998 B 20ms
20ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.5fe09e33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

60aba1bf940f0eab5f96c4685f8e3db2ec334233b3af4be0728999b2f417b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683212162915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 18:42:03 GMT
x-amz-version-id: 6IaOYTt3hTatAG1zSk4bZULu86MefOJi
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 3096844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
content-length: 303
last-modified: Wed, 29 Mar 2023 16:46:55 GMT
server: istio-envoy
etag: "d4df19d0f31cce10a7f2cc508ece4bf6"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D6ULGvfqP4fr_ukdBUFVamc3lhyqc5M1_XBvwmRYJjXRO1TsHGdpNQ==

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame B6DA 14 KB
14 KB 18ms
18ms Font
font/woff2 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:29:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3709575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
content-length: 13976
last-modified: Fri, 03 Mar 2023 14:35:52 GMT
server: istio-envoy
etag: "e7e52c955aa33e618baf437a16539524"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MT1eU10sPw0Qa3NtyhQv5jsncNqi5xToyfKt5r0Yg8NBCpggmLBK_Q==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame B6DA 14 KB
14 KB 19ms
19ms Font
font/woff2 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 04:50:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3060325
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
content-length: 14148
last-modified: Fri, 03 Mar 2023 14:35:52 GMT
server: istio-envoy
etag: "69b28056044be6438ce7e5214c66ba82"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EsmvLdyc1K6u5Y9mwNMYKpwE9NN29mazXjIvx_hHAW2mGYZv8Srb_A==

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame B508 14 KB
14 KB 19ms
18ms Font
font/woff2 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:29:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3709575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
content-length: 13976
last-modified: Fri, 03 Mar 2023 14:35:52 GMT
server: istio-envoy
etag: "e7e52c955aa33e618baf437a16539524"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7VQW21RAmUtpL8og10vSomQEDF3A2aLgXd7wbPP9On3SgAiUBxOcKA==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame B508 14 KB
14 KB 19ms
19ms Font
font/woff2 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 04:50:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3060325
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
content-length: 14148
last-modified: Fri, 03 Mar 2023 14:35:52 GMT
server: istio-envoy
etag: "69b28056044be6438ce7e5214c66ba82"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ym1gXp1oaCoemNEFQWosJDGP45zPRAbNO1kU_fa2F-rsVkjOwiwkpg==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 40ms
39ms Image
image/gif 23.200.1.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6179e0bb11f1cd3b4b917082ccdc5e55&svisitor=null&visitor=6404570a-8df9-4046-876a-d9b526487648&session=0bc41814-7984-42f3-8f3a-22d03ae2d8c4&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20May%202023%2014%3A56%3A07%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20May%202023%2014%3A56%3A06%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222009%22%7D&isIframe=false&m=%7B%22description%22%3A%22Reveal%20(x)%20Hunter%20Challenge%20-%20May%20-%20Join%20ExtraHop%20for%20a%20Capture%20the%20Flag%20style%20event%20that%20will%20test%20your%20knowledge%20and%20skills%20in%20targeted%20attacks.%20Will%20you%20rise%20with%20the%20Hunters%20or%20fall%20among%20the%20Hunted%3F%C2%A0During%20the%20Reveal(x)%20Hunter%20Challenge%2C%20you%20will%20focus%20on%20solving%20a%20series%20of%20challenges%20that%20vary%20in%20their%20degree%20of%20difficulty%20and%20may%20require%20several%20different%20skill%20sets%20to%20solve.%20The%20challenges%20will%20include%20real%20world%20scenarios%20around%20incident%20investigation%2C%20threat%20hunting%2C%20security%20and%20network%20hygiene%2C%20network%20performance%20and%20more.%20Both%20network%20performance%20and%20security%20tasks%20will%20be%20included%20in%20mastering%20the%20challenge.%20We%27ve%20designed%20this%20game%20to%20be%20both%20fun%20and%20competitive%2C%20while%20giving%20you%20the%20experience%20of%20using%20a%20full%20featured%20demo%20instance%20of%20ExtraHop%27s%20Cloud-Native%20NDR%20platform.%C2%A0Before%20we%20set%20you%20loose%20to%20start%20the%20hunt%2C%20an%20ExtraHop%20engineer%20will%20kick%20off%20the%20event%20with%20a%20brief%20tactical%20training%20on%20the%20demo%20interface%20that%20will%20arm%20you%20with%20all%20of%20the%20information%20you%20will%20need%20to%20navigate%20the%20platform%20and%20solve%20the%20challenges.%20All%20levels%20of%20expertise%20are%20encouraged%20to%20participate%20and%20no%20prior%20knowledge%20of%20ExtraHop%27s%20platform%20is%20necessary.%C2%A0See%20if%20you%20have%20what%20it%20takes%20to%20master%20the%20Reveal(x)%20Hunter%20Challenge!%20-%20Wednesday%2C%20May%2017%2C%202023%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Reveal%20(x)%20Hunter%20Challenge%20-%20May%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&pageViewId=c64fc8f0-6a6f-4263-891c-08b12b5771d9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.1.16 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-200-1-16.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:07 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event3/ Frame B508 25 B
112 B 40ms
40ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event3/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 May 2023 14:56:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 19f811f2862aa2c4
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 40ms
39ms Image
image/gif 23.200.1.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.1.16 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-200-1-16.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:08 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 37ms
36ms Image
image/gif 23.200.1.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6179e0bb11f1cd3b4b917082ccdc5e55&svisitor=null&visitor=6404570a-8df9-4046-876a-d9b526487648&session=0bc41814-7984-42f3-8f3a-22d03ae2d8c4&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20May%202023%2014%3A56%3A09%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20May%202023%2014%3A56%3A08%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224012%22%7D&isIframe=false&m=%7B%22description%22%3A%22Reveal%20(x)%20Hunter%20Challenge%20-%20May%20-%20Join%20ExtraHop%20for%20a%20Capture%20the%20Flag%20style%20event%20that%20will%20test%20your%20knowledge%20and%20skills%20in%20targeted%20attacks.%20Will%20you%20rise%20with%20the%20Hunters%20or%20fall%20among%20the%20Hunted%3F%C2%A0During%20the%20Reveal(x)%20Hunter%20Challenge%2C%20you%20will%20focus%20on%20solving%20a%20series%20of%20challenges%20that%20vary%20in%20their%20degree%20of%20difficulty%20and%20may%20require%20several%20different%20skill%20sets%20to%20solve.%20The%20challenges%20will%20include%20real%20world%20scenarios%20around%20incident%20investigation%2C%20threat%20hunting%2C%20security%20and%20network%20hygiene%2C%20network%20performance%20and%20more.%20Both%20network%20performance%20and%20security%20tasks%20will%20be%20included%20in%20mastering%20the%20challenge.%20We%27ve%20designed%20this%20game%20to%20be%20both%20fun%20and%20competitive%2C%20while%20giving%20you%20the%20experience%20of%20using%20a%20full%20featured%20demo%20instance%20of%20ExtraHop%27s%20Cloud-Native%20NDR%20platform.%C2%A0Before%20we%20set%20you%20loose%20to%20start%20the%20hunt%2C%20an%20ExtraHop%20engineer%20will%20kick%20off%20the%20event%20with%20a%20brief%20tactical%20training%20on%20the%20demo%20interface%20that%20will%20arm%20you%20with%20all%20of%20the%20information%20you%20will%20need%20to%20navigate%20the%20platform%20and%20solve%20the%20challenges.%20All%20levels%20of%20expertise%20are%20encouraged%20to%20participate%20and%20no%20prior%20knowledge%20of%20ExtraHop%27s%20platform%20is%20necessary.%C2%A0See%20if%20you%20have%20what%20it%20takes%20to%20master%20the%20Reveal(x)%20Hunter%20Challenge!%20-%20Wednesday%2C%20May%2017%2C%202023%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Reveal%20(x)%20Hunter%20Challenge%20-%20May%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.extrahop.com%2Frevealxhunterchallenge-may%3Futm_campaign%3D2023-q2-may-hunter-challenge-natl-inv-em2%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_version%3D&pageViewId=c64fc8f0-6a6f-4263-891c-08b12b5771d9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.1.16 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-200-1-16.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 48ms
48ms Image
image/gif 23.200.1.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.1.16 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-200-1-16.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.extrahop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:56:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: web.chtbl.com
URL: https://web.chtbl.com/track

Verdicts & Comments Add Verdict or Comment

274 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eloqua.com/	1970-01-20 21:05:12	Name: ELOQUA Value: GUID=B8BB25A2E2D64F3A882D6AC16DA56E2F
.eloqua.com/	1970-01-20 21:05:12	Name: ELQSTATUS Value: OK
.vimeo.com/	1970-01-20 11:33:33	Name: __cf_bm Value: 6jx.ozUZ4LuzBW8.7djRmagWFXduaU1DyQAXOBUIUl8-1683212163-0-ASpuN0eT+QwtThk+/apX7LsiEDN7KGF9DvDS9A6fYy5mF9Xask/LtDtRXXwXiKbKl5RYecPt/s6e4RZm1S37nG8=
.splashthat.com/	1970-01-20 20:11:56	Name: devspl Value: 2sdbl589op0peedrl68n6f8dtd
.cdn-prod.splashthat.com/	1970-01-20 21:09:32	Name: _ga Value: GA1.3.1385144324.1683212164
.cdn-prod.splashthat.com/	1970-01-20 11:34:58	Name: _gid Value: GA1.3.381154876.1683212164
.cdn-prod.splashthat.com/	1970-01-20 11:33:32	Name: _gat_splash Value: 1
.extrahop.com/	1970-01-20 13:43:08	Name: _gcl_au Value: 1.1.385896310.1683212164
.vimeo.com/	1970-01-20 21:09:32	Name: vuid Value: pl1410409369.5279472
.extrahop.com/	1970-01-20 20:19:08	Name: datadome Value: 3SSctn_mWd2WJxG45ceg9pS1TspGMCowIdlLQH7Y~dVl2HnxCcfP5F~4MItnzHhQLTHrQDdmq9oV_hxwXo-a13Z983yoF96cWNgGX5ImeBpfeDgb9SRk59EKpeM_uPTh
.events.extrahop.com/	1970-01-20 21:09:32	Name: _ga Value: GA1.3.128866291.1683212165
.events.extrahop.com/	1970-01-20 11:34:58	Name: _gid Value: GA1.3.497792889.1683212165
.extrahop.com/	1970-01-20 21:09:32	Name: _ga Value: GA1.1.128866291.1683212165
.events.extrahop.com/	1970-01-20 11:33:32	Name: _dc_gtm_UA-6551454-1 Value: 1
events.extrahop.com/	1970-01-20 20:20:34	Name: _wchtbl_uid Value: e1f7c435-b0f8-4c3e-8d28-ff99594a00bc
events.extrahop.com/	1969-12-31 23:59:59	Name: _wchtbl_sid Value: 2ce7e1b7-0130-44f0-99e3-17d05bbd67d2
.extrahop.com/	1970-01-20 13:43:08	Name: _fbp Value: fb.1.1683212164748.629368106
events.extrahop.com/	1970-01-20 11:34:58	Name: ln_or Value: eyIxMzQ3MDIwLDkzOTA5MiI6ImQifQ%3D%3D
.linkedin.com/	1970-01-20 13:43:08	Name: li_sugr Value: 4df546dc-8652-4124-b2c0-4b9a33c7497a
.linkedin.com/	1970-01-20 20:19:08	Name: bcookie Value: "v=2&ab3c4659-821f-4536-8091-86f867250bcd"
.linkedin.com/	1970-01-20 11:34:58	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2966:u=1:x=1:i=1683212164:t=1683298564:v=2:sig=AQGE3waPwOLI4GeNArrl_8bQKo9_haNT"
.eloqua.com/	1970-01-20 21:05:12	Name: OPTOUT Value: s1701=1
.t.co/	1970-01-20 21:09:32	Name: muc_ads Value: 9fbb1628-c14b-423f-9da1-a8310db9ffd6
.twitter.com/	1970-01-20 21:09:32	Name: personalization_id Value: "v1_xZmDfs/58Qe+LGOG9cBz4A=="
.linkedin.com/	1970-01-20 12:16:44	Name: UserMatchHistory Value: AQK9bo-o1oNdfgAAAYfnQ17yY2Y0b3V4oorZhTWUM1HeEUrHY-sakCxDwp_1xAQmac1rQhVHONuZwA
.linkedin.com/	1970-01-20 12:16:44	Name: AnalyticsSyncHistory Value: AQKkiT6iAi2aVAAAAYfnQ17ypnE0ProP3ZlClIDlBJ1XlEHqdADmvdKYuP-Thq5kGZ_QduKyBnQVjImEPtMtfQ
.tapad.com/	1970-01-20 12:59:56	Name: TapAd_TS Value: 1683212164926
.tapad.com/	1970-01-20 12:59:56	Name: TapAd_DID Value: 2ecbfeae-9d67-437b-9d38-850a1607edf8
.tapad.com/	1970-01-20 12:59:56	Name: TapAd_3WAY_SYNCS Value:
.www.linkedin.com/	1970-01-20 20:19:08	Name: bscookie Value: "v=1&202305041456047b233c85-0f48-4881-808b-001ec55a5adfAQHv_RwlWjbKXYx_T2FyoH1bpEOooaT9"
events.extrahop.com/	1970-01-20 11:33:33	Name: drift_campaign_refresh Value: abe628c0-c94e-455b-82f9-17d2ef129c75
.events.extrahop.com/	1970-01-20 11:33:32	Name: _dc_gtm_UA-6551454-4 Value: 1
dpx.airpr.com/	1970-01-20 11:33:33	Name: an_airpr_recent_visit Value: 1
.adsrvr.org/	1970-01-20 20:20:34	Name: TDID Value: 5644655d-686f-48db-82c0-58ce8b4de724
events.extrahop.com/	1970-01-20 21:09:32	Name: _gd_visitor Value: 6404570a-8df9-4046-876a-d9b526487648
events.extrahop.com/	1970-01-20 11:33:46	Name: _gd_session Value: 0bc41814-7984-42f3-8f3a-22d03ae2d8c4
.adnxs.com/	1970-01-20 13:43:08	Name: uuid2 Value: 91697578740747193
.6sc.co/	1970-01-20 21:09:32	Name: 6suuid Value: 10973017f80e000085c753640d0300009da60000
.yahoo.com/	1970-01-20 20:19:29	Name: A3 Value: d=AQABBIbHU2QCED1hJ_u46R6mxdIDlPoTQhQFEgEBAQEZVWRdZCXcxyMA_eMAAA&S=AQAAAtpbaqZOW0pkKSZ09VvRgP8
.demdex.net/	1970-01-20 15:52:44	Name: demdex Value: 17911934727023659331965413983420798634
.analytics.yahoo.com/	1970-01-20 20:19:08	Name: IDSYNC Value: 1769~2bge
.dpm.demdex.net/	1970-01-20 15:52:44	Name: dpm Value: 17911934727023659331965413983420798634
.adsrvr.org/	1970-01-20 20:20:34	Name: TDCPM Value: CAESEwoEa3J1eBILCLjA6IK3ruY7EAUSEgoDYWFtEgsIuMDogreu5jsQBRIZCgpyaWdodG1lZGlhEgsIuMDogreu5jsQBRgFIAEoAzILCLi466_NruY7EAU4AUIEIgIIAVoHMmZ2b3N2Y2AB
.krxd.net/	1970-01-20 15:52:44	Name: _kuid_ Value: PiNF2M3D
events.extrahop.com/	1970-01-20 21:09:32	Name: drift_aid Value: 73cdc8c2-de64-49d4-8e98-f67dfc08a1ca
events.extrahop.com/	1970-01-20 21:09:32	Name: driftt_aid Value: 73cdc8c2-de64-49d4-8e98-f67dfc08a1ca
.extrahop.com/	1970-01-20 21:09:32	Name: _ga_D5WW8QB02S Value: GS1.1.1683212164.1.0.1683212167.57.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://events.extrahop.com/revealxhunterchallenge-may?utm_campaign=2023-q2-may-hunter-challenge-natl-inv-em2&utm_medium=email&utm_source=Eloqua&utm_version= Message: Access to XMLHttpRequest at 'https://web.chtbl.com/track' from origin 'https://events.extrahop.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://web.chtbl.com/track Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adresults-5-adswizz.attribution.adswizz.com
analytics.google.com
analytics.twitter.com
api-js.datadome.co
api.splashthat.com
app.wiredata.extrahop.com
b.6sc.co
beacon.krxd.net
bootstrap.api.drift.com
c.6sc.co
cdn-prod.splashthat.com
cdn.linkedin.oribi.io
connect.facebook.net
d24wuq6o951i2g.cloudfront.net
d3m889aznlr23d.cloudfront.net
dpm.demdex.net
dpx.airpr.com
driftt.imgix.net
epsilon.6sense.com
event.api.drift.com
events.extrahop.com
ext.chtbl.com
f.vimeocdn.com
flow.api.drift.com
fonts.gstatic.com
fresnel.vimeocdn.com
frontend.cdn.splashthat.com
i.vimeocdn.com
img.en25.com
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.datadome.co
js.driftt.com
match.adsrvr.org
metrics.api.drift.com
notify.bugsnag.com
p0.extrahopping.net
pixel.tapad.com
player.vimeo.com
px.ads.linkedin.com
px.airpr.com
px4.ads.linkedin.com
s1701.t.eloqua.com
secure.adnxs.com
sessions.bugsnag.com
snap.licdn.com
splashthat.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
targeting.api.drift.com
third-party-tracking-manager.services.splashthat.com
ups.analytics.yahoo.com
usermatch.krxd.net
vimeo.com
web.chtbl.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
web.chtbl.com
104.244.42.131
104.244.42.197
13.107.42.14
13.225.223.48
142.0.173.28
142.0.173.39
151.101.66.133
162.159.128.61
162.159.138.60
18.164.115.227
18.200.232.72
18.209.251.30
18.238.12.115
199.232.36.157
199.232.38.109
2001:4860:4802:34::181
23.200.1.16
23.73.231.40
2600:141b:9000::1725:7bba
2600:141b:9000::b833:94d9
2600:1901:0:7a0b::
2600:1901:0:a5e4::
2600:9000:202c:ee00:d:9239:1640:21
2600:9000:2514:b400:a:b27c:d040:93a1
2600:9000:25c8:4e00:2:53b2:240:93a1
2600:9000:25c8:ae00:0:cc59:3900:93a1
2607:f8b0:4004:c09::9d
2607:f8b0:4006:809::2003
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80e::2004
2607:f8b0:4006:80f::2003
2607:f8b0:4006:824::200e
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:46::720
3.225.218.10
3.233.137.198
3.86.135.117
3.94.218.138
34.111.113.62
34.120.202.204
34.229.30.165
34.231.13.252
35.163.218.127
52.223.40.198
52.6.2.140
54.163.130.149
54.230.163.61
54.237.228.255
54.84.134.174
68.67.160.114
99.84.37.32
02b1540a0f6b97af3a20a3e664dfd278a2e99e98ca3347c5bd2d88effbbbade3
047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1
04a4eecf2a074304c50bb59dace1b07b568d2f57f6ae5481bf676ee98ee5e814
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c07bf805e857013386ec7ea2d26911aed5c827ee90e71a94188553c6d8ef337
1193c432fbddf20949b0532d5b512b775e4ed4984f6f4560da9447d2cf92d774
120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401
12c5a5f6c4176f49743e6fe7c298b563c375e968ff744745fbb60a7ba8bd1b73
12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f
12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981
130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e
1340014dd0a0076fb5fd688f1e226dbb7b0717871a63e34a7d5fdc9ef16872d5
143b19a1ede2075f9ab6376e9f702eebcc049bc41b6e1217354496180fea9033
1720955cb1752f38d3581bf68a490d1e97089dd6b1ca74cf416d45639eade97c
178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c6edddbe2b2a8deacbddd3f3ba49fb6dc1577f2a644e5dd2b28379eaf483d27
225147eb708f88bd6b3e6f4213019dd17fb6b0c400285b9bfb0b42400600cdf3
2278474be1e53293c09b556395000c00a886449e89aab06a2276c27d1378ff4e
23d692ce8542baf7661710f69ce7e6c4b8e3e2a9e36af5c4f2907f4202add42a
2693e158a319fe2c6576e7fdd76ad78ca5e0235cce4418503e5fee2e7426b2d0
277725f80d5c0175c2a996fe1eea07395b87ec1bd0496353409e99e96024816e
27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308
28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6
2a4d5b124d496652a1221f58b24b407b196fc6002064a0e1173ea5619c586100
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
2c8a80b5a25ba6c81d389714f5070c89b46702ecbe02b62dc9de0d5f25e41d97
2e9dc0974276e9c5a4349969060086d62f56f3eb18b0c3efb45c415fd9efeacd
2ff2b9a5434137bda235f2847f5939dcd06977e5437ae82bfa197e00faabc6a9
3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92
3179f4e154e785ff1de37f634d3ceaba3bf116bef703bb2709b6e11b76c6a5ea
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
344183d4edc963489b98be0e77b7f3b72af953a5b212075fc8352e34c9365726
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e2deb8536c3ce0a0787394933f39782774de4b7e97b8a287c91ff29a67d96f5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a25180f01c93f47c9bf9785ac10af6ce9922b75e5b9eb83098b03ad33865503
5d1d7a10980b6ea88789bb2500041c101761310753c0fdbbd1391f76f0f08cdb
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5f40fce121184f0489066d5129f35bb881482979c349f9d8ff7352e905e492a1
60aba1bf940f0eab5f96c4685f8e3db2ec334233b3af4be0728999b2f417b7ef
69ae756b57c1931e9368ccef6503e6fe4c12849eb1a267016a0c69e15680fb89
70131da85a97ecbfd4f28d48d74eb7ba4e0f7466b3e7d0d417399ec7ac3d9356
708bd3f42169bef9812ebc56ee9ec56b84214824718c5ad13c3bc04c441a5934
72341babd18eb9c8af83b037034963de32d7a940057aab295862b9835f50d570
7616b033adbe366f235d70696b659f554051c0e578508896aab0ff5b169491db
7909ac26c94c9592b7f3d0ce6d28b3921556d78b8bf9c72e91c35f410333685b
7a15500fcff5918dc623ad1db1bd81cb8d55f970a60853f215511318dd1eab3f
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b3cd3c10f2b00ffe9b2275648e095d8f93b3294f4ee008b76f7d7977e1867bc
7c1dbd10d934d537e32ee89d4e57a9c5b29db9a8d88a1b4e79866d371661d725
7c32ca706e12a05b989a428a8727d3b4d46275d18154fd98d7590f05f1450894
7c4cddc44e59d49ccbfdaf1b57cca9884b74ee1710671c7d9fa974e3fae6f507
7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b
7ece6fc578f4db409633afcac974480ce471dea8306d96368a5491cb20badd25
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d270bdb66380b47de9c92ebf028d4b9a73ca362a535d142bc2d0bb22a5bb92
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8989f87b90cacdbca5875bdfbed7dd3c3f2acee982b9353c04d86e8c123906c0
89f125b7633bf1dd3b9cb333af71341748cec8bcb21210ce5722b36c631f635e
8c648b902a20340c574d138d6272f318bf1526c778081863a04a262c81ce42b3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbd8021424c9f3069bd131360bb5f7e6421c4039fd284f750978cc4cc557aad
8e0db5d25998f6614a2200f8273b18277bd60614f032291531a7831a68770eb5
8e259e52dff8b3d968670b02d9a94a07d756e3de8a17eaf2bd4a3089a93ae431
913bf7a863d5500815a8c6180d189d00c9f9230adc5f483c7594aec349e03572
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613
97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
9b9646212dc0b01d706647434433cc9a3787b065c2afb945f6d8d29a630d72dc
9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0
9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a
a0d05511ef743ec8cdccc36abe1a962e88993ef91372522c97795ae82bca8946
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a2db11674d2eaa22a5ce39346b7cc14005d0d8845d8e4830e1d5026f51ce04de
a307487b01c3e8b77f662cdda35a89a512966eee3969b1d07e1e59c368d33172
a3986521f7e895cf3175098026f4471920366f5b3d3d1d0299a3c710a779e2ae
a57a36856843347c611be4f82a4de24be9a90afc16cb8ac74e5824a111d78c17
a745aed40b2c9e561cfafce7db128d77f0d43fee4529730971aef94a2434d3a7
a86663a751e7c81d9b99fc767a7bc280c4437e82e79a2b648a9324bd94e3683f
a9973d5c67fb6ce2a3c689ea14cb46ab6bb4f6a65790462056d9d4a0b911642b
ab63c4fa16d08da2e5fdb094dc4b01c7220cfaebed3357a0f7d4af3aeccedf99
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af231a497b200013ff525b69ba375f6d0d2c8dfdd82c1f0baaf831b2102c03fa
b2cbff271b2a424800d91db247d534e06414e5c5a91a6fcf6b9ce59539097f7c
b4f2876a599f90a2bd52fe770b5f00b070fedfb085f4e2d49b170248ae54a723
b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c143d47ff5feea907e9d18572420764f6c70a4d5a770ad2f7f34c1681542846d
c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2
c2bdf77d58d4182e17faa927db22348817f9f0f30de7561d45dce06ccd55d7ca
c6b2815294e64eb3d9e30955673ae3b60a486ae5b7dfcc7e48c0e2a4fe7301de
c7e960027852a054edec0a6d2fba34c738834d22cab8ac9eedd29ec590174634
c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6
c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca
c9d9831d621296d3c12a4976576e9cebe816b549ef516b33ecdbd11d3e39da25
cb352a51153abd4ed400505d9aae536549d65a2abbab9948fb7e597442914266
cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69
ced579132dc68cfbac32e7d525ddb86d031a97c9d9d043789078ada005e58102
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfd809263820ffcfb1e9157a2babc025c63eca43f4135b1b387e25a59b2a62c2
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d21a6467dc31aad2162ecae9e468d76ca8cbb379b20fa323b6293038b347ab3d
d3ed94b69049a6046b0472b87a4d1be0a1c9482c9edc3793bf72714c82c7ce0c
d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492
d8b6392ffd36ff6d26abaafabba79fe05a43eedcea4594308cd38840b5f3f388
dcd7cb8ac1ffe7d78d562d9b92d826738b474f85839708cb7f24bb4b65fe0727
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcef9fd2bce693a00927fd01436bce94a261cba31e18710f10b04edeb7ab9768
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
ddf1a26c4ef5be769f202e7b6bd36dd66ef01b9bebf2cd3e9c6a867d51e65ee0
e2a0c716824375ab3b6ba3d71119d6ea8658ec6d3afbe6efa8e49b07cc1e858b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fc96299b7f1ed04ffb51b8a2bc8a6967e52dec387ad495f5b3c72b2fc090e0
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae
eb18e6f1f3cc6f0aec0d9c2eff09de99a70920f932c159a8ef87844ad2a3a18d
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc
f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f696b024c2e2dbfbbac0d9eb5f2ebaf5d525101bd46d3a37a96a974f3832ea62
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fc36bfc030463ebd7c7f975e9e130f1039cbb9c42ec4f17234483946e301ee9c
fc5343e3ac1362826da2e42424649826c8797efb526aba4dd3ae8438f1681d17
fd158ceeeb440d6ba2efdd9ec9c6f88a1af0c6799c9cbbbc0b6115148ee43282
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe0d89d7bedfe1c286bcc72ca72e66089b5190053ccf4b1171bbfc4dfdf86231
fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

events.extrahop.com Open in urlscan Pro 54.84.134.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

241 Requests

98 %HTTPS

36 %IPv6

38 Domains

65 Subdomains

47 IPs

4 Countries

9977 kBTransfer

20053 kBSize

47 Cookies

10 Outgoing links

Page URL History

Redirected requests

241 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

events.extrahop.com Open in urlscan Pro
54.84.134.174 Public Scan

Screenshot
Live screenshot

Full Image

241
Requests

98 %
HTTPS

36 %
IPv6

38
Domains

65
Subdomains

47
IPs

4
Countries

9977 kB
Transfer

20053 kB
Size

47
Cookies

241 HTTP transactions
2 data transactions