www.goanywhere.com Open in urlscan Pro
2606:4700::6812:1bf2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://237391.seu2.cleverreach.com/c/56818414/f12d02c944d8e-qqj3do
Effective URL:
https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&u...
Submission: On March 29 via manual (March 29th 2021, 11:44:12 am UTC) from US

Summary HTTP 103 Redirects Behaviour Indicators

Summary

This website contacted 46 IPs in 6 countries across 39 domains to perform 103 HTTP transactions. The main IP is 2606:4700::6812:1bf2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.goanywhere.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 18th 2020. Valid for: a year.

This is the only time www.goanywhere.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.251.230.144 34.251.230.144	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:1bf2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.59.220.198 185.59.220.198	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
7	13.226.159.118 13.226.159.118	16509 (AMAZON-02) (AMAZON-02)
8	13.226.159.46 13.226.159.46	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e0cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:b849	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	178.128.139.113 178.128.139.113	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	13.226.159.64 13.226.159.64	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.226.159.124 13.226.159.124	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 6	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.226.159.100 13.226.159.100	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2bd::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:1abe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	62.113.194.12 62.113.194.12	47447 (TTM) (TTM)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.226.159.122 13.226.159.122	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	206.19.49.24 206.19.49.24	17225 (ATT-CERFN...) (ATT-CERFNET-BLOCK)
14 18	3.248.28.111 3.248.28.111	16509 (AMAZON-02) (AMAZON-02)
2	13.226.159.22 13.226.159.22	16509 (AMAZON-02) (AMAZON-02)
1	34.198.105.228 34.198.105.228	14618 (AMAZON-AES) (AMAZON-AES)
1	35.156.106.231 35.156.106.231	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	3.124.88.100 3.124.88.100	16509 (AMAZON-02) (AMAZON-02)
1 2	18.195.73.36 18.195.73.36	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
103	46

1 34.251.230.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-230-144.eu-west-1.compute.amazonaws.com

237391.seu2.cleverreach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1bf2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.goanywhere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.198 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-198.datapacket.com

cdn.omniconvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.226.159.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-118.dus51.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.226.159.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-46.dus51.r.cloudfront.net

static.goanywhere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e0cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b849 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.139.113 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

app.omniconvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.226.159.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-64.dus51.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-124.dus51.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.40 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-100.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2bd::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1abe (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 62.113.194.12 (Berlin, Germany)

ASN47447 (TTM, DE)
PTR: edge-481.b-cdn.net

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-122.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.24 (United States)

ASN17225 (ATT-CERFNET-BLOCK, US)

apt.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 3.248.28.111 (Dublin, Ireland) 14 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-22.dus51.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.105.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-105-228.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.106.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-106-231.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.88.100 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-88-100.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.73.36 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-73-36.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.178 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	adroll.com 14 redirects s.adroll.com d.adroll.com	32 KB
23	trustarc.com consent.trustarc.com consent-pref.trustarc.com consent-st.trustarc.com	216 KB
10	goanywhere.com www.goanywhere.com static.goanywhere.com	579 KB
8	omappapi.com a.omappapi.com api.omappapi.com	162 KB
6	hubspot.com no-cache.hubspot.com cta-service-cms2.hubspot.com	12 KB
5	gstatic.com fonts.gstatic.com	88 KB
3	facebook.com www.facebook.com	507 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	2 KB
3	facebook.net connect.facebook.net	162 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
2	openx.net 1 redirects us-u.openx.net	479 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	871 B
2	3lift.com 1 redirects eb2.3lift.com	736 B
2	outbrain.com 1 redirects sync.outbrain.com	832 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	techtarget.com trk.techtarget.com apt.techtarget.com	3 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	bing.com bat.bing.com	9 KB
2	omniconvert.com cdn.omniconvert.com app.omniconvert.com	91 KB
1	taboola.com sync.taboola.com	218 B
1	yahoo.com ads.yahoo.com	447 B
1	pubmatic.com simage2.pubmatic.com	806 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	advertising.com pixel.advertising.com	125 B
1	truste-svc.net prefmgr-cookie.truste-svc.net	2 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	google.de www.google.de	552 B
1	google.com www.google.com	340 B
1	g2crowd.com tracking.g2crowd.com	1 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	hsforms.com forms.hsforms.com	7 KB
1	googletagmanager.com www.googletagmanager.com	60 KB
1	googleapis.com fonts.googleapis.com	900 B
1	hsforms.net js.hsforms.net	129 KB
1	hscta.net js.hscta.net	4 KB
1	cleverreach.com 1 redirects 237391.seu2.cleverreach.com	642 B
103	39

	Domain	Requested by
17	d.adroll.com	13 redirects
15	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com prefmgr-cookie.truste-svc.net
8	static.goanywhere.com	www.goanywhere.com static.goanywhere.com
7	consent.trustarc.com	www.goanywhere.com consent.trustarc.com
6	a.omappapi.com	www.googletagmanager.com a.omappapi.com
6	s.adroll.com	1 redirects www.googletagmanager.com s.adroll.com d.adroll.com
5	fonts.gstatic.com	www.goanywhere.com fonts.googleapis.com
4	cta-service-cms2.hubspot.com	js.hscta.net
3	www.facebook.com
3	connect.facebook.net	www.goanywhere.com connect.facebook.net
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.outbrain.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	api.omappapi.com	a.omappapi.com
2	px.ads.linkedin.com	1 redirects
2	www.google-analytics.com	www.googletagmanager.com
2	bat.bing.com	www.googletagmanager.com www.goanywhere.com
2	no-cache.hubspot.com	www.goanywhere.com
2	www.goanywhere.com	www.goanywhere.com
1	cm.g.doubleclick.net	1 redirects
1	sync.taboola.com
1	ads.yahoo.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	pixel.advertising.com
1	vars.hotjar.com	static.hotjar.com
1	prefmgr-cookie.truste-svc.net	www.goanywhere.com
1	d.adroll.mgr.consensu.org	1 redirects
1	apt.techtarget.com
1	www.google.de
1	www.google.com
1	script.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	trk.techtarget.com	www.goanywhere.com
1	tracking.g2crowd.com	www.goanywhere.com
1	snap.licdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	forms.hsforms.com	js.hsforms.net
1	www.googletagmanager.com	www.goanywhere.com
1	app.omniconvert.com	cdn.omniconvert.com
1	fonts.googleapis.com	www.goanywhere.com
1	js.hsforms.net	www.goanywhere.com
1	js.hscta.net	www.goanywhere.com
1	cdn.omniconvert.com	www.goanywhere.com
1	237391.seu2.cleverreach.com	1 redirects
103	52

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-18` - `2021-09-18`	a year	crt.sh
cdn.omniconvert.com R3	`2021-03-18` - `2021-06-16`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.goanywhere.com Go Daddy Secure Certificate Authority - G2	`2019-07-09` - `2021-08-30`	2 years	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
app.omniconvert.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2020-08-30` - `2021-09-28`	a year	crt.sh
trk.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-17` - `2022-05-17`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
a.omappapi.com R3	`2021-03-11` - `2021-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-25` - `2021-10-24`	2 years	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
api.opmnstr.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
*.truste-svc.net Go Daddy Secure Certificate Authority - G2	`2020-04-25` - `2022-06-23`	2 years	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-02-28` - `2021-04-13`	a month	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Frame ID: 5977BE175FA672C72905CE90C851FA41
Requests: 84 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 9248A10A868C6D60EA01426CC5039F17
Requests: 15 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Frame ID: 84F83B58D6C685968C4BCF188FAA753E
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 1F37EA45DF5DAB7A3F497780261976FB
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: 54715704BA5F9D78906750CEFCD6253D
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: F462B110024B039828E822D539969AB6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://237391.seu2.cleverreach.com/c/56818414/f12d02c944d8e-qqj3do HTTP 302
https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-00000... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

103
Requests

100 %
HTTPS

43 %
IPv6

39
Domains

52
Subdomains

46
IPs

6
Countries

1653 kB
Transfer

4647 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://237391.seu2.cleverreach.com/c/56818414/f12d02c944d8e-qqj3do HTTP 302
https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=103045&time=1617018231784&url=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D103045%26time%3D1617018231784%26url%3Dhttps%253A%252F%252Fwww.goanywhere.com%252Frequest-white-paper%252Fhow-is-your-file-transfer-process-running%253Fcode%253Dcmp-0000008418%2526ls%253D717710006%2526utm_source%253Dcyberdefense%2526utm_medium%253Demail%2526utm_campaign%253Dga-miscellaneous%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=103045&time=1617018231784&url=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&liSync=true

Request Chain 60

https://s.adroll.com/j/exp/RMK47H5TGNGNPAH45PUQM5/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 62

https://d.adroll.mgr.consensu.org/consent/iabcheck/RMK47H5TGNGNPAH45PUQM5?_s=7f1e71c78ad497077830c450346fa4b8&_b=2 HTTP 302
https://d.adroll.com/consent/check/RMK47H5TGNGNPAH45PUQM5/?_s=7f1e71c78ad497077830c450346fa4b8&_b=2

Request Chain 69

https://d.adroll.com/pixel/RMK47H5TGNGNPAH45PUQM5/3ET4NDRYTJCD5JU7HUQ4KT?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&pv=32148125111.587933&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/RMK47H5TGNGNPAH45PUQM5/3ET4NDRYTJCD5JU7HUQ4KT/OZ2HIIQDPRF6VPA6TY6KLP.js

Request Chain 73

https://d.adroll.com/cm/aol/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&advertisable=RMK47H5TGNGNPAH45PUQM5 HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 74

https://d.adroll.com/cm/index/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&advertisable=RMK47H5TGNGNPAH45PUQM5 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&expiration=1648554232 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&expiration=1648554232&C=1

Request Chain 75

https://d.adroll.com/cm/n/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&advertisable=RMK47H5TGNGNPAH45PUQM5 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&expires=365

Request Chain 76

https://d.adroll.com/cm/outbrain/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&advertisable=RMK47H5TGNGNPAH45PUQM5 HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&rdrctExp=true

Request Chain 77

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&advertisable=RMK47H5TGNGNPAH45PUQM5 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 78

https://d.adroll.com/cm/r/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&advertisable=RMK47H5TGNGNPAH45PUQM5 HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 79

https://d.adroll.com/cm/taboola/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&advertisable=RMK47H5TGNGNPAH45PUQM5 HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI

Request Chain 80

https://d.adroll.com/cm/triplelift/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&advertisable=RMK47H5TGNGNPAH45PUQM5 HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 81

https://d.adroll.com/cm/b/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&advertisable=RMK47H5TGNGNPAH45PUQM5 HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI

Request Chain 82

https://d.adroll.com/cm/x/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&advertisable=RMK47H5TGNGNPAH45PUQM5 HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI

Request Chain 84

https://d.adroll.com/cm/o/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&advertisable=RMK47H5TGNGNPAH45PUQM5 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=a141d8e67cd69ac573684cdda802409b HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a141d8e67cd69ac573684cdda802409b

Request Chain 85

https://d.adroll.com/cm/g/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&advertisable=RMK47H5TGNGNPAH45PUQM5&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=oUHY5nzWmsVzaEzdqAJAmw HTTP 302
https://d.adroll.com/cm/g/in

103 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request how-is-your-file-transfer-process-running Show response
www.goanywhere.com/request-white-paper/
Redirect Chain

https://237391.seu2.cleverreach.com/c/56818414/f12d02c944d8e-qqj3do
https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous

94 KB
18 KB

1355ms
1318ms

Document
text/html

2606:4700::6812:1bf2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.21
Resource Hash: c5b494b21a21ca3ab1305b399a8f5d4d87a013150441c674ddc10ba35af384c9

Request headers

:method: GET
:authority: www.goanywhere.com
:scheme: https
:path: /request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:50 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d7ec06b32a93cc5aded58663334b5f0961617018229; expires=Wed, 28-Apr-21 11:43:49 GMT; path=/; domain=.goanywhere.com; HttpOnly; SameSite=Lax AWSALBTG=obBH1JsHJdjFP11lTfJR6tmxWpsXSOphC834OFfr3xzzIhAUJMSz/yTFQWcZUO+2+xUyuLs5ni/BpF0iAmnAuDPFzd3KBog8iC9PCNAKvymTdW/7cYSbulvmm9/TJiTXN7TDqBGvsbJbhIxMK0fsqUWc6X7Gi/qrlq19EYz+2z93l8XiGHY=; Expires=Mon, 05 Apr 2021 11:43:49 GMT; Path=/ AWSALBTGCORS=obBH1JsHJdjFP11lTfJR6tmxWpsXSOphC834OFfr3xzzIhAUJMSz/yTFQWcZUO+2+xUyuLs5ni/BpF0iAmnAuDPFzd3KBog8iC9PCNAKvymTdW/7cYSbulvmm9/TJiTXN7TDqBGvsbJbhIxMK0fsqUWc6X7Gi/qrlq19EYz+2z93l8XiGHY=; Expires=Mon, 05 Apr 2021 11:43:49 GMT; Path=/; SameSite=None; Secure AWSALB=uCig70+6twG5uSUNQxq9fGH5XZeAG1YVSkvYcPKg8X0eS2DuIOU9d3B3fQev12t5ypC6z1gl3yEKFt8Q32XaGKq4HdD4gWc7ZecPZ5O17z6wp5wZdrBhDk4EqmM/; Expires=Mon, 05 Apr 2021 11:43:49 GMT; Path=/ AWSALBCORS=uCig70+6twG5uSUNQxq9fGH5XZeAG1YVSkvYcPKg8X0eS2DuIOU9d3B3fQev12t5ypC6z1gl3yEKFt8Q32XaGKq4HdD4gWc7ZecPZ5O17z6wp5wZdrBhDk4EqmM/; Expires=Mon, 05 Apr 2021 11:43:49 GMT; Path=/; SameSite=None; Secure PHPSESSID=qpcv7dkhe0a9rm8ah2afaav4ci; expires=Thu, 01-Apr-2021 11:43:49 GMT; Max-Age=259200; path=/; HttpOnly modx_lingua_switcher=en; expires=Wed, 28-Apr-2021 11:43:49 GMT; Max-Age=2592000; path=/
x-powered-by: PHP/7.2.21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 091f652b3a00002c4e99279000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6378d7bec8892c4e-FRA
content-encoding: gzip

Redirect headers

date: Mon, 29 Mar 2021 11:43:49 GMT
content-type: text/html; charset=UTF-8
content-length: 494
location: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
server: Apache
set-cookie: PHPSESSID=n4utBShrEjlooDr8eBuxs2EOeYEuD5K1VxRoYCixn%2Cora5CD; path=/; SameSite=None; secure; HttpOnly cr_user=281998; expires=Mon, 12-Apr-2021 11:43:49 GMT; Max-Age=1209600; path=/ cr_client=237391; expires=Mon, 12-Apr-2021 11:43:49 GMT; Max-Age=1209600; path=/ cr_mailing=12622116; expires=Mon, 12-Apr-2021 11:43:49 GMT; Max-Age=1209600; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-cr-i: stats-eu2-i-0000c65c2cbbb334a D=153508 t=1617018229351570

GET
H2 200 xd429be.js Show response
cdn.omniconvert.com/js/ 280 KB
91 KB 383ms
323ms Script
text/javascript 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.omniconvert.com/js/xd429be.js
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-198.datapacket.com
Software: BunnyCDN-DE1-723 /
Resource Hash: f7f70b03f777091061aa8a288e78a94d27ef64ee91f077c5275dc75d923f7e7e

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:50 GMT
content-encoding: br
cdn-edgestorageid: 723
x-env: JProd
cdn-cachedat: 2021-03-29 13:43:50
cdn-pullzone: 50707
x-cache-sr-hit: 9
x-cache-sr-miss: 1
last-modified: Mon, 29 Mar 2021 11:43:50 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: a414a5a9-9113-4a32-adb9-1a38230f6340
cache-control: public, max-age=180
x-cache-cr-hit: 0
cdn-requestid: 0d8adf2cc834354c19cd067df70f32b5
x-machine: Tracking-PROD-3
x-cache-cr-miss: 0
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 notice Show response
consent.trustarc.com/ 9 KB
4 KB 103ms
52ms Script
text/javascript 13.226.159.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=helpsystemstest.com&c=teconsent&js=nj&text=true&gtm=1&noticeType=bb&pn=1-0&cookieLink=https://www.goanywhere.com/cookie-policy&privacypolicylink=https://www.goanywhere.com/company/privacy-policy

Requested by

Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-118.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

6e64f28ba59467df055c16b2d059405498031efc86defb744071e574d48fccf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.goanywhere.com
Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: NL
content-length: 3516
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
cache-control: max-age=3600
cloudfront-viewer-country-region: NH
x-amz-cf-id: vmiRuqbhEzTCR_jZckXH0wlc0T-2jWkmUZWvReLX67aYr27bYR5tjg==
expires: Mon, 29 Mar 2021 12:43:50 GMT

GET
H2 200 goanywhere-logo-en-20200121.png
static.goanywhere.com/img/ 3 KB
4 KB 37ms
37ms Image
image/png 13.226.159.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.goanywhere.com/img/goanywhere-logo-en-20200121.png
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-46.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2ede192b002f0c52c1b7ae9c53aa2922150141ad17d6bf341c81c4c12f296e0

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 06:50:58 GMT
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jan 2021 15:56:21 GMT
server: AmazonS3
age: 17574
etag: "696c165725f69fb20fcd9ef886056af3"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 3401
x-amz-cf-id: 8kvvHR3lG0irGcjGh6v8iGt5jsSDpdjtvgSUCJbLrh8SbyUhMBGEXg==

GET
H2 200 d4c3cb58-4721-435f-9aa6-be999a3cc43e.png
no-cache.hubspot.com/cta/default/3478499/ 2 KB
3 KB 143ms
125ms Image
image/png 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/3478499/d4c3cb58-4721-435f-9aa6-be999a3cc43e.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd539581bfb5b1c4eec155fccbe87a654f6cddff1f1927d9ea15a16453ca32a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id: CJ5TQBTT3064XZEH
x-amz-server-side-encryption: AES256
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1694
x-amz-id-2: Xg8rFczW58EnWKafQK7l0SbeCuPVnZj3fIu5gb0hNqnrOZvNhFxtsflQG7zS1nexb8Est1O4Isw=
last-modified: Thu, 11 Mar 2021 19:31:09 GMT
server: cloudflare
etag: "cafeee8443a8c5e8ce9fa9d2e5c70d12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OgKOUIpjrmAakWE7sAO5AVvHeHXoxh%2BfA2gdq8iLTyIraXUQj4EiYB15Gj5HZJSFh2IYofVbiXQ9myavcUmil6O1YySFIhnJXlMMWC0mJs5GrBey5kDAegvjs442J2FsPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
cf-request-id: 091f65322e00004aa45ab70000000001
accept-ranges: bytes
cf-ray: 6378d7c9ea404aa4-FRA

GET
H2 200 current.js Show response
js.hscta.net/cta/ 9 KB
4 KB 37ms
15ms Script
application/javascript 2606:4700::6811:e0cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscta.net/cta/current.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e0cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d14ec8fbfd0ce3f14479bb1c4fc466ab5e61681c78bcb9c857d4965f81e41db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
via: 1.1 fb41e17254dfd781519e95cedd257827.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 39
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.23/bundles/current.js&cfRay=6378d6d56a744eaf-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 091f6530e50000062506b4c000000001
last-modified: Fri, 26 Mar 2021 03:36:47 UTC
server: cloudflare
etag: W/"172515a9c11f66e3bb3ca76859890873"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: nr.Cr2Nir9UEKMg1CMfuH1cJU0a4Hp7q
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 6378d7c7dd870625-FRA
x-amz-cf-id: 8K5UQUsha3aFPjuVaKtzeqvL4ieSPnJ2j_M0OEO-FrFOe9Kiko728Q==

GET
H2 200 69f10af8-9ce4-4980-9c77-2c764b939492.png
no-cache.hubspot.com/cta/default/3478499/ 2 KB
3 KB 146ms
128ms Image
image/png 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/3478499/69f10af8-9ce4-4980-9c77-2c764b939492.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0ae963a98cc0ec57e52231b991906a48767dcbbaa5b1173fb8630caab564270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id: CJ5R1PARYQ1GYB92
x-amz-server-side-encryption: AES256
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2372
x-amz-id-2: HbdP0uGa1ZuXH4hlfhcxwDAzUtq9kWBoT/lnTkvax1wNhOHxCrDTVRm6RR9tv/cLDt7+bpLMWfc=
last-modified: Thu, 11 Mar 2021 19:33:08 GMT
server: cloudflare
etag: "234f9020e840a0fadb1b1ebc058301b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hA90abS%2F0%2BsGCxxJJKqrZdI0JG5BGlHQdg%2Bz6XcIEen0GPgzQX%2BEV8VdCtSkfODSAXhQNY94FIhfTEtJrDfnW603ytOFT7DCAPPETJFN4VrZujdXhT04FEQyXGdlnRTVsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
cf-request-id: 091f65322e00004aa40b8dc000000001
accept-ranges: bytes
cf-ray: 6378d7c9ea424aa4-FRA

GET
H2 200 how-is-your-file-transfer-process-running-cover-20200603.jpg
static.goanywhere.com/images/white-papers/ 6 KB
6 KB 423ms
422ms Image
image/jpeg 13.226.159.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.goanywhere.com/images/white-papers/how-is-your-file-transfer-process-running-cover-20200603.jpg
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-46.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff64f6cabe25083d3381c7f60b81fcd6eb25175d8808a728b159c3764cebdd61

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified: Mon, 21 Sep 2020 15:55:13 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "701994eb3c598322c0d02d9583ed540a"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6004
x-amz-cf-id: dAGkyVYHAJd2Lr2b2CyfjkCNXHEaqgmpyZvKS3LWq5M-a3hBonv4dw==

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 528 KB
129 KB 64ms
50ms Script
application/javascript 2606:4700::6811:b849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b849 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f05d9f452ae2ccd04636c044c0ec94c4f9816ed99ecdf92d60ed19f935b9bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
via: 1.1 e3e94284a800d30d02bd662be67e1bf2.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 284
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 091f653104000096bc6eb8b000000001
last-modified: Fri, 26 Mar 2021 10:36:09 UTC
server: cloudflare
etag: W/"63331a62eca734989c8849eaffe022e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F03EgDn2mGIPTMTMUybTZe0xpDyQX6vWPVb2iFgplr0c4y%2FVsZ3TqnTvLaxV1%2BBx2RTtiimrB3e%2F0bnPFaCz%2Fbsv9DCC7erP%2BRswMMcgRW2mmw%2FkOviqY4LNRQ%3D%3D"}]}
x-amz-version-id: M5RwkbeiQGm2N3cfIFqKB6JW6xCXyOAo
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 6378d7c8082596bc-FRA
x-amz-cf-id: YurwtZqJ66w3KPJOA7hbzYc5O7YmanwRIQck2p3d43zHb9Gwopja8Q==

GET
H2 200 HSmark.png
static.goanywhere.com/img/goanywhere/ 752 B
1 KB 27ms
27ms Image
image/png 13.226.159.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.goanywhere.com/img/goanywhere/HSmark.png
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-46.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c085fbc337b5480c79abb0e5a9a03265e32c1fd46527c9de4ae2d554f1bdc9b

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 01:11:07 GMT
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified: Thu, 27 Feb 2020 16:25:54 GMT
server: AmazonS3
age: 5308365
etag: "1cee7f9dcff6e95d505c4a31b1bf8562"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 752
x-amz-cf-id: E4EdtoPK5UBZb8ZvcjK2Rn3cEs1X9EbXPHlbeCaLXzFWtad4mWsGcQ==

GET
H2 200 styles-1-1616168131.min.css
static.goanywhere.com/css/ 506 KB
82 KB 135ms
29ms Stylesheet
text/css 13.226.159.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.goanywhere.com/css/styles-1-1616168131.min.css
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-46.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3a70220cb36280e5e0cc057aec4549d641c9898735f2e2c64f0b612d80784ad

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:36:55 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:35:37 GMT
server: AmazonS3
age: 850017
etag: W/"04851a77db440442eafc16a7981a8e1e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: v0Bv07js4eZow3uAq1AKbzvja3nwJPo4KI0fUF5WnWZkYVCy5wJ92Q==

GET
H2 200 css
fonts.googleapis.com/ 12 KB
900 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,500,500i,700,700i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf89cb5d2c828cd070b37e74dc094708f3a8b939ae6930f41c0ddd8e2bc964b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 29 Mar 2021 11:43:51 GMT
server: ESF
date: Mon, 29 Mar 2021 11:43:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Mar 2021 11:43:51 GMT

GET
H2 200 email-decode.min.js Show response
www.goanywhere.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
896 B 8ms
8ms Script
application/javascript 2606:4700::6812:1bf2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.goanywhere.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1bf2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 12:32:26 GMT
server: cloudflare
etag: W/"605c82da-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6378d7c98d6d2c4e-FRA
vary: Accept-Encoding
cf-request-id: 091f6531f900002c4ea600d000000001
expires: Wed, 31 Mar 2021 11:43:51 GMT

GET
H2 200 scripts-2-1606922459.min.js Show response
static.goanywhere.com/js/ 347 KB
102 KB 26ms
26ms Script
text/javascript 13.226.159.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.goanywhere.com/js/scripts-2-1606922459.min.js
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-46.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f3083f145cc95d1e576f81798d258ba8fe94cfcf169aa1cf8e06b032e26eb30

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 06:27:20 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 15:22:02 GMT
server: AmazonS3
age: 4166191
etag: W/"9a00edf095a8cd31d63299143fee8e28"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: O3d-xLsyTm5LQpWRnazXSzWGX9FsaI5SfRPITdhXvhuauXEySyw6Nw==

POST
H/1.1 204
No Content mktzsave
app.omniconvert.com/ 0
413 B 90ms
27ms Other
text/html 178.128.139.113
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.omniconvert.com/mktzsave?event=view&uid=21303909257506318&session=sess.2.3741458264.1617018231314&id_website=18032&page_url=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&svo=0&time=2021-03-29T13%3A43%3A51%2B02%3A00&version=t11.49.0&versionTimestamp=1617018230&browser=Chrome+89&resolution=1600x1200&device_type=desktop&referer_type=direct&visitor_type=new&os=Linux
Requested by: Host: cdn.omniconvert.com
URL: https://cdn.omniconvert.com/js/xd429be.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.128.139.113 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 29 Mar 2021 11:43:51 GMT
Server: nginx/1.14.0
X-Env: JProd
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.goanywhere.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Machine: Tracking-PROD-2
Access-Control-Allow-Headers: origin,accept,accept-encoding,user-agent,x-requested-with

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 190 KB
60 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PBJ33R

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da8214844528d4cfcbba106adeffa70cbf6e89c5ba1c84e1d0d17bfb3615df25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61065
x-xss-protection: 0
last-modified: Mon, 29 Mar 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Mar 2021 11:43:51 GMT

GET
H2 200 fa-duotone-900.woff2
static.goanywhere.com/webfonts/ 181 KB
181 KB 99ms
28ms Font
binary/octet-stream 13.226.159.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.goanywhere.com/webfonts/fa-duotone-900.woff2
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-46.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5cf2dea4437f40b914e9bcb6fc763630b0a58c20b6fc6a765a540cc11f078a62

Request headers

Origin: https://www.goanywhere.com
Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 07:38:02 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 4680350
x-cache: Hit from cloudfront
content-length: 184868
last-modified: Fri, 06 Mar 2020 21:29:11 GMT
server: AmazonS3
etag: "d03e9c2b44ce4ad169037070c1faf2d1"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: PUT, POST, DELETE, GET
content-type: binary/octet-stream
access-control-allow-origin: https://www.goanywhere.com
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 7GSx-UIJhvTXA5GiAGF9RplGrUnw8mJLa05OEYrwhg5A7vzNtIL-wQ==

GET
H2 200 fa-solid-900.woff2
static.goanywhere.com/webfonts/ 135 KB
135 KB 139ms
68ms Font
binary/octet-stream 13.226.159.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.goanywhere.com/webfonts/fa-solid-900.woff2
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-46.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea1f1cd8dd93d32f9b337df9b9faf9073015353f384895a59e743eb5ddce47d4

Request headers

Origin: https://www.goanywhere.com
Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 03:52:52 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 4434660
x-cache: Hit from cloudfront
content-length: 137992
last-modified: Fri, 06 Mar 2020 21:29:20 GMT
server: AmazonS3
etag: "4c7a7246c1ebc15cdeb8870b52a35b77"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: PUT, POST, DELETE, GET
content-type: binary/octet-stream
access-control-allow-origin: https://www.goanywhere.com
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 4shTkLDrTv3wzVbbmXQeeRwA1jb9wnqznv4CsWhWiaozrAbpbLdnnQ==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/roboto/v20/ 35 KB
20 KB 6ms
6ms Font
font/ttf 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc9.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a637d3ff767789f9b113bbfa208bdb6a76efed7c4c111da2a130f6a38a51d353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.goanywhere.com
Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 00:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125583
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20796
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:59 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Mar 2022 00:50:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc9.ttf
fonts.gstatic.com/s/roboto/v20/ 35 KB
20 KB 6ms
6ms Font
font/ttf 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc9.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4c96f55c265e0a80be4243a16f7e88b9a67c85b71b4e2aa8cea4e1aa989b0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.goanywhere.com
Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 00:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385207
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20827
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:53 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Mar 2022 00:43:44 GMT

GET
H2 200 v1.7-1745 Show response
consent.trustarc.com/asset/notice.js/v/ 70 KB
23 KB 27ms
26ms Script
text/javascript 13.226.159.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-1745
Requested by: Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=helpsystemstest.com&c=teconsent&js=nj&text=true&gtm=1&noticeType=bb&pn=1-0&cookieLink=https://www.goanywhere.com/cookie-policy&privacypolicylink=https://www.goanywhere.com/company/privacy-policy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-118.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a33131ca8724c9a71ada74fb60745a77adb4efcb146181fd620ac1dac416ecb8

Request headers

Origin: https://www.goanywhere.com
Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:22:06 GMT
content-encoding: gzip
age: 1305
x-cache: Hit from cloudfront
pragma: public
access-control-allow-origin: *
last-modified: Wed, 17 Mar 2021 02:08:17 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: 9nro9QjRbQN8WD27U_AYyk_FvE-oix1pi3qp_uJT9mQmO1HzCObb9g==
expires: Wed, 28 Apr 2021 11:22:06 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
383 B 95ms
52ms Image
image/gif 13.226.159.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/log?domain=helpsystemstest.com&country=nl&state=&behavior=expressed&c=973e
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-118.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 11:43:51 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: e1TcET_u2T-kVedoskkLO40OGevpgkriD-JEJlKQ2ETm3NbAPmyQqQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fd2cd6ff-ccd6-4fa8-b346-03a98ffd09a1 Show response
forms.hsforms.com/embed/v3/form/3478499/ 60 KB
7 KB 237ms
224ms Script
application/javascript 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3478499/fd2cd6ff-ccd6-4fa8-b346-03a98ffd09a1?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44b2ca3ac1efd51a6a227b9dc75ce6a4aeea453b9a20499eab3a54a4cc1fe343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 091f65325900001f1554169000000001
server: cloudflare
x-trace: 2BBF37A56EA55AF422DBC03A857908C9C13A6DF122000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6378d7ca2ab31f15-FRA

GET
H2 200 bg-photo-10.jpg
static.goanywhere.com/img/goanywhere/ 48 KB
48 KB 27ms
26ms Image
image/jpeg 13.226.159.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.goanywhere.com/img/goanywhere/bg-photo-10.jpg
Requested by: Host: static.goanywhere.com
URL: https://static.goanywhere.com/css/styles-1-1616168131.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-46.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bcef9dcd382a1a5b6e6dde4fa4e58887107b670f5c2f8f3777ec80c40ebc3561

Request headers

Referer: https://static.goanywhere.com/css/styles-1-1616168131.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 11:04:06 GMT
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified: Thu, 27 Feb 2020 16:25:56 GMT
server: AmazonS3
age: 4927186
etag: "3d4730f698db03ad3cfc7ab1cca0a5d8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 48904
x-amz-cf-id: S6zz49d-eMHEn5zyiuqnw_EX7FpHcrrwkAq4EF1qIXe7fwb5-1BVug==

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,500,500i,700,700i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.goanywhere.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 06:20:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 192184
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Sun, 27 Mar 2022 06:20:47 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,500,500i,700,700i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.goanywhere.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 15:37:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 504379
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Wed, 23 Mar 2022 15:37:32 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,500,500i,700,700i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.goanywhere.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 06:36:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 191255
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Sun, 27 Mar 2022 06:36:16 GMT

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame 9248 5 KB
2 KB 70ms
22ms Document
text/html 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-1745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-64.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.goanywhere.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.goanywhere.com/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 29 Mar 2021 07:41:35 GMT
server: nginx
etag: W/"5147-1615818412000"
last-modified: Mon, 15 Mar 2021 14:26:52 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: g6GcvDQhapDN-7T3sD867-1JvtAP_zYjAOPkv7E8EuOZU_2dZoX-og==
age: 14536

GET
H2 200 transparent.png
consent.trustarc.com/asset/ 95 B
468 B 23ms
23ms Image
image/png 13.226.159.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/asset/transparent.png
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-118.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 29 Mar 2021 11:22:12 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
last-modified: Thu, 24 May 2018 00:46:39 GMT
server: nginx
age: 1299
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 95
x-amz-cf-id: YQbCOVns9j4kMB3AEA2O5SpLZMyMji4fLU_Nja9YBiewTRaK_mD2Kg==
expires: Wed, 28 Apr 2021 11:22:12 GMT

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
504 B 52ms
52ms Image
image/gif 13.226.159.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=helpsystemstest.com&behavior=expressed&country=nl&language=en&rand=0.009916092004526478

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-118.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
x-content-type-options: nosniff
timing-allow-origin: *
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: NL
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
cloudfront-viewer-country-region: NH
x-amz-cf-id: hF04tO20HqoHoVzA-X2e1viUSfjiJ-WkdZhW1_7mLkHHD9RIMLXctg==
expires: Mon, 29 Mar 2021 12:43:51 GMT

GET
H2 200 trans.png
consent.trustarc.com/asset/ 923 B
1 KB 21ms
21ms Image
image/png 13.226.159.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/asset/trans.png
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-118.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 2606b91cca1f76efe9c503aaef5b7956ef6415a9403b8bbc0f5eb857d515bb05

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 29 Mar 2021 11:12:36 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
last-modified: Thu, 24 May 2018 00:46:39 GMT
server: nginx
age: 1876
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 923
x-amz-cf-id: -gzxpiajI98RSGz-FquWWOoxG0atwwCtu4rVyZNFmnsgcfoGRFstdA==
expires: Wed, 28 Apr 2021 11:12:35 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 28 KB
9 KB 39ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBJ33R
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:50 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref: Ref A: D5F662808E9D4CD781C4F600228AB4C7 Ref B: FRAEDGE1513 Ref C: 2021-03-29T11:43:51Z
etag: "804e75f6fd11d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8562

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9248 5 KB
2 KB 47ms
46ms Script
application/javascript 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-64.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: ded567f565b246426e50cdff9cea1d2854ddd6e834c2fc632f5344f968558d4a

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 14:27:12 GMT
server: nginx
x-amz-cf-pop: DUS51-C1
etag: W/"4867-1615818432000"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
cache-control: no-cache
x-amz-cf-id: 8LEPJlq0JN1merkQn1XcqeLeezu4ih0JUsffGyFjp68vxytw_EM2VQ==
expires: Mon, 29 Mar 2021 11:43:50 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame 9248 20 KB
5 KB 71ms
22ms Script
text/javascript 13.226.159.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Mar 2021 04:44:19 GMT
content-encoding: gzip
server: nginx
age: 2444372
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: JVftCi65pvMQ5R1qSB_aQNxjGWy_O8a7u9PQJjZKTbRIreptg9XHrg==
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
expires: Wed, 31 Mar 2021 04:44:19 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 9248 3 KB
3 KB 23ms
23ms Image
image/gif 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-64.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 04:00:48 GMT
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 14:26:52 GMT
server: nginx
age: 27783
etag: W/"2608-1615818412000"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 2608
x-xss-protection: 1; mode=block
x-amz-cf-id: 1CFrzvEBqhuqLKJTWsUV1VS7kqAUNFdV_ZjLz4lQkFs2wqIGmY_Y4g==

GET
H2 204 0
bat.bing.com/action/ 0
148 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=20262020&tm=gtm001&Ver=2&mid=94c1dcb1-0301-4b34-ac54-af5f39b7e119&sid=08664700908411ebb258dd451dda2519&vid=08667a60908411ebb2f2eda5f0fd80d4&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Get%20on%20the%20Right%20Track%20with%20GoAnywhere%20MFT&p=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&r=&lt=2341&evt=pageLoad&msclkid=N&sv=1&rn=714332
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 29 Mar 2021 11:43:50 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: BF6ABEE8120145A7BB2A23573BB1C48B Ref B: FRAEDGE1513 Ref C: 2021-03-29T11:43:51Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4A62F2686478BAE800EFF19D5EB3C2E8.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 84F8 140 KB
46 KB 43ms
43ms Document
text/html 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-64.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

3b416a15d3dc9e914a04ddad4ed898c67db545111ec2334b6daec8c651bdfad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 29 Mar 2021 11:43:51 GMT
server: nginx
vary: Accept-Encoding
etag: W/"143674-1615818432000"
last-modified: Mon, 15 Mar 2021 14:27:12 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: MomxpsYvHRDxAv6JyFKGrXPMWmjcm9-KH8h_b2cRi26SVhla3EWaaQ==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9248 969 B
801 B 43ms
43ms XHR
application/json 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-64.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 4A62F2686478BAE800EFF19D5EB3C2E8
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
content-disposition: attachment
content-length: 465
x-xss-protection: 1; mode=block
x-amz-cf-id: bXEyJacFm2QLGnqBP3PiRTPRYBLPPfHyfcb505XgIQvkhNo412TpHg==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9248 48 B
366 B 43ms
43ms XHR
application/json 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-64.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

306ed870df93d25975c922d41e403ea26ac2d91ab61e8d63a42456ed130652b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 4A62F2686478BAE800EFF19D5EB3C2E8
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
content-disposition: attachment
content-length: 48
x-xss-protection: 1; mode=block
x-amz-cf-id: aOe60SvJeyPn_8_7za7giRkkmgsefBI-FnY6vJGhqPNZG58S53pwUQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBJ33R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5324
date: Mon, 29 Mar 2021 10:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 29 Mar 2021 12:15:07 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 35 KB
14 KB 83ms
33ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBJ33R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

bbff0182d1a1f1af97f7a7d94badc0a4df084f50c09a6213f59fa5305dc120d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13738
x-xss-protection: 0
server: cafe
etag: 10420051169657019655
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 11:43:51 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 41 KB
13 KB 94ms
44ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBJ33R
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3af3107c28f09b96f740aa5adeaccb35c0b2c68e5ec96302c908e12abdf29307

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1oocf1uJYNAGnrYAAtPutY1Fw5gtF4.O
Content-Encoding: gzip
ETag: "c02d58b39195634517b05a7b6b5218ec"
x-amz-request-id: QVP18K4H4XA1QT8X
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12915
x-amz-id-2: uQFHz8Es+qLmZidqpIreG3cUDGdeKqtZTTkemqz+7IFbceEXdw118a1NTX46R94s5tLmAcHPZn8=
Last-Modified: Wed, 17 Mar 2021 19:48:00 GMT
Server: AmazonS3
Date: Mon, 29 Mar 2021 11:43:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 hotjar-386598.js Show response
static.hotjar.com/c/ 3 KB
2 KB 100ms
54ms Script
application/javascript 13.226.159.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-386598.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBJ33R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-100.dus51.r.cloudfront.net

Software

Resource Hash

da63cb7a3f1a690f2947a02ab38949b44aaa73fc6c08ea75602604003d01c9c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: DUS51-C1
etag: W/e38d2430e3345e757dd096b93c4deec6
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1530
via: 1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
x-amz-cf-id: xf7IT8nf0mMotN2ya-RRkNZNS-iWqf8KNRIHU8sGUjHVIipeSMF_zA==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 19ms
6ms Script
application/x-javascript 2a02:26f0:6c00:2bd::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBJ33R
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bd::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 11:43:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=10316
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 870.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 148ms
130ms Script
text/javascript 2606:4700::6812:1abe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/870.js?p=https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous&e=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1abe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: e8430ddc-1e16-4d30-9052-81ee7325a162
x-runtime: 0.005786
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-request-id: 091f6533e500002c19940ea000000001
cf-ray: 6378d7ccabce2c19-FRA

GET
H/1.1 200
OK tracking.js Show response
trk.techtarget.com/ 4 KB
2 KB 108ms
23ms Script
text/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 11:43:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2019 20:11:17 GMT
Server: PWS/8.3.1.0.8
Age: 142
X-Ws-Request-Id: 6061bd77_PSdgflkfFRA1eq9_5805-64351
Content-Type: text/javascript
Via: 1.1 PSmgnyNY2no188:0 (W), 1.1 PSdgflkfFRA1hb199:0 (W), 1.1 PSdgflkfFRA1eq94:13 (W)
Cache-Control: max-age=600
X-Px: ht PSdgflkfFRA1eq94FRA
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1711
Expires: Mon, 29 Mar 2021 11:51:29 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: n60cr5+jpke5sldkJWcG5hHz78u1q5pV9Os6kpMFNgG+e25gfUqmiLqBNF/L5PSbPDJQboxGF/L5oVit49otag==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 29 Mar 2021 11:43:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 216 KB
56 KB 126ms
68ms Script
application/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBJ33R
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Berlin, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 08aa4a91579ba7fd71d319d962e6d41000492eea14b98ee5561b5efe69cee87f

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
content-encoding: br
cdn-edgestorageid: 481
perma-cache: HIT
cdn-storageserver: DE-51
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-03-11 19:50:31
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin: *
last-modified: Thu, 11 Mar 2021 19:39:41 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: 6ac61514ee907f7e04e4c8fd5ec28678
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
88 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-916129-4&cid=1427304951.1617018232&jid=991096037&gjid=1894371477&_gid=1155589368.1617018232&_u=YGBAgAABAAAAAE~&z=637466332

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 29 Mar 2021 11:43:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.goanywhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 7ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=20186914&t=pageview&_s=1&dl=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&ul=en-us&de=UTF-8&dt=Get%20on%20the%20Right%20Track%20with%20GoAnywhere%20MFT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=991096037&gjid=1894371477&cid=1427304951.1617018232&tid=UA-916129-4&_gid=1155589368.1617018232&gtm=2wg3h0PBJ33R&z=330738049

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 04:40:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25420
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 9248 27 KB
7 KB 67ms
66ms Stylesheet
text/css 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/EuPreferenceManager.css
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-64.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 14:26:52 GMT
server: nginx
x-amz-cf-pop: DUS51-C1
etag: W/"27745-1615818412000"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
cache-control: no-cache
x-amz-cf-id: snw8PYZSbgrQZtgtqpDqP8mw6weG_Q-u1HCmBKJWcnDkxfdlWcHL3A==
expires: Mon, 29 Mar 2021 11:43:50 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/ Frame 9248 242 KB
84 KB 48ms
47ms XHR
application/javascript 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/10.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-64.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0a9073f8a864d021091181726653951f100dfcabb6d1c04d91c4fd0e74a4e35a

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 14:27:12 GMT
server: nginx
x-amz-cf-pop: DUS51-C1
etag: W/"248272-1615818432000"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-id: 5fVL-zxfhexyIopHchNI2RS4ptkrH9oQ2dI-t1PsBg-FGl0NHlZiCA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 681125172671857 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 48ms
48ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/681125172671857?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

155257e70990a85fccf437ebca8ba1c031dbef447addb18d325cd03d08692ba3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: IeCTh4lSAy+wPbYsou8hCfYcDv9flfilCipw6Yu9s/lEzn/VPmdjWe3Hf6IR1w6BvQOmR7j2GAaDGHFxnLSAcQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 29 Mar 2021 11:43:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=103045&time=1617018231784&url=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D103045%26time%3D1617018231784%26url%3Dhttps%253A%252F%252Fwww.goanywhere.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=103045&time=1617018231784&url=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000...

0
58 B

195ms
195ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=103045&time=1617018231784&url=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: CIfz5IPNcBbwXnGnsyoAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: SfYI2oPNcBaA0A/+VSsAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: 5CCC38D245E54BB2B91DECFE6C664EAC Ref B: FRAEDGE1113 Ref C: 2021-03-29T11:43:52Z
date: Mon, 29 Mar 2021 11:43:52 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=103045&time=1617018231784&url=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070381198/ 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070381198/?random=1617018231843&cv=9&fst=1617018231843&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&tiba=Get%20on%20the%20Right%20Track%20with%20GoAnywhere%20MFT&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1232398e1b51ae5dbfccf2da15dce486155776810ade85fc1625ed6ae98ac51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1149
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=681125172671857&ev=PageView&dl=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&rl=&if=false&ts=1617018231856&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1617018231855.1687394134&it=1617018231782&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 29 Mar 2021 11:43:51 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/ Frame 9248 19 KB
8 KB 48ms
47ms XHR
application/javascript 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/1.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-64.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5f20b1d763177090f7027d3a021e2962ac5d18132e3b33f418cc873e991761de

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 14:27:12 GMT
server: nginx
x-amz-cf-pop: DUS51-C1
etag: W/"19413-1615818432000"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-id: 4EDQcxiz-rM6X1dfff1P6mCjXMIx0fA0tY0ZQlZrfWIDDC1WQWTbww==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modules.35981999a656a5a28309.js Show response
script.hotjar.com/ 217 KB
58 KB 74ms
27ms Script
application/javascript 13.226.159.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.35981999a656a5a28309.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-386598.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-122.dus51.r.cloudfront.net

Software

Resource Hash

be26dc83d31ea12211104016f94a8df96762c716ff80ef9859b5d87d5ef19ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 12:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 427723
x-cache: Hit from cloudfront
content-length: 58593
access-control-allow-origin: *
last-modified: Wed, 24 Mar 2021 12:55:01 GMT
etag: "feecc1308620f8e5b960a42433207f2e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: uu0a5ZZNkHGGtgRlr_v_0OszEHUL2CaIi-IR9wDhS5gZjnx0KzCQTA==

GET
H2 200 /
www.google.com/pagead/1p-user-list/1070381198/ 42 B
340 B 19ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1070381198/?random=1617018231843&cv=9&fst=1617015600000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&frm=0&url=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&tiba=Get%20on%20the%20Right%20Track%20with%20GoAnywhere%20MFT&async=1&fmt=3&is_vtc=1&random=619444364&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 11:43:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1070381198/ 42 B
552 B 38ms
19ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1070381198/?random=1617018231843&cv=9&fst=1617015600000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&frm=0&url=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&tiba=Get%20on%20the%20Right%20Track%20with%20GoAnywhere%20MFT&async=1&fmt=3&is_vtc=1&random=619444364&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 11:43:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activity.gif
apt.techtarget.com/activity/ 43 B
464 B 402ms
100ms Image
image/gif 206.19.49.24
ATT-CERFNET-BLOCK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=17579435&version=2.0&ref=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&r=1617018231876
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.19.49.24 , United States, ASN17225 (ATT-CERFNET-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 11:43:52 GMT
Last-Modified: Tue, 26 Mar 2019 18:30:29 GMT
ETag: "2b-5850384029cff"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=25
Content-Length: 43

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/RMK47H5TGNGNPAH45PUQM5/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

23ms
21ms

Script
application/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8C_4p5S6NLuKOM2fXKpm7asomxwPn3IL
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: A6E4D842C4F3666B
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 1Pslf+Y9QwUHIZmwUo95w2CKA8MTrgZpbGBRFLUwAevxRDJ3euWTGuAJ2AJ78njOjdUd48ZsKSg=
Last-Modified: Tue, 19 Jan 2021 16:25:36 GMT
Server: AmazonS3
Date: Mon, 29 Mar 2021 11:43:52 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 29 Mar 2021 11:43:52 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/RMK47H5TGNGNPAH45PUQM5/3ET4NDRYTJCD5JU7HUQ4KT/ 0
773 B 65ms
22ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/RMK47H5TGNGNPAH45PUQM5/3ET4NDRYTJCD5JU7HUQ4KT/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: SbdVchgft7R3JtPosH5hjw8ZXC49RPuX
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: R8YSMZZRMJ28W050
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: icuI7p4QUei3V9sWBDLQAzkEe0xmFMEW21T8gskr5n9phjHOQfahm0D78uhNJltbaZFJA0u8dYo=
Last-Modified: Mon, 29 Mar 2021 03:49:48 GMT
Server: AmazonS3
Date: Mon, 29 Mar 2021 11:43:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/RMK47H5TGNGNPAH45PUQM5/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/RMK47H5TGNGNPAH45PUQM5?_s=7f1e71c78ad497077830c450346fa4b8&_b=2
https://d.adroll.com/consent/check/RMK47H5TGNGNPAH45PUQM5/?_s=7f1e71c78ad497077830c450346fa4b8&_b=2

394 B
861 B

34ms
32ms

Script
application/javascript

3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/RMK47H5TGNGNPAH45PUQM5/?_s=7f1e71c78ad497077830c450346fa4b8&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 6bdd9f58ab4cb426e02a640abf9f14196e15792a4358907fa4ce53aa9e810883

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 11:43:52 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-type: application/javascript
content-length: 394
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location: https://d.adroll.com/consent/check/RMK47H5TGNGNPAH45PUQM5/?_s=7f1e71c78ad497077830c450346fa4b8&_b=2
date: Mon, 29 Mar 2021 11:43:51 GMT
server: nginx/1.18.0
content-length: 105

GET
H2 200 29348 Show response
api.omappapi.com/v2/embed/ 90 KB
18 KB 254ms
202ms XHR
application/json 13.226.159.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/29348?d=goanywhere.com
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-22.dus51.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: f5ba23cb40838cfc7c5fd586f689bbfbdb426c7742f682b99140dfcb7667113d

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: DUS51-C1
x-cache-status: HIT
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-account: 16176
x-user-agent: standard--
last-modified: Tue, 23 Mar 2021 13:43:32 GMT
server: Pagely Gateway/1.5.1
etag: W/"318356f301671413216cf416d1f0155d"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
access-control-allow-origin: *
x-amz-cf-id: a9bZPuS5dNF6wNYe406baJg1FPiOEpmN3EUPmK_ZN-Tkc_0l6-6AJA==

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame 1F37 5 KB
2 KB 308ms
101ms Document
text/html 34.198.105.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
Requested by: Host: www.goanywhere.com
URL: https://www.goanywhere.com/request-white-paper/how-is-your-file-transfer-process-running?code=cmp-0000008418&ls=717710006&utm_source=cyberdefense&utm_medium=email&utm_campaign=ga-miscellaneous
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.105.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-105-228.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Request headers

:method: GET
:authority: prefmgr-cookie.truste-svc.net
:scheme: https
:path: /cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
etag: W/"5014-1597208285000"
last-modified: Wed, 12 Aug 2020 04:58:05 GMT
content-encoding: gzip

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9248 763 B
647 B 156ms
155ms XHR
application/json 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-64.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

88458ecd332c0981307f5ff04389d1f722f9b7bc590eca31c99416c729a2a096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 4A62F2686478BAE800EFF19D5EB3C2E8
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
content-disposition: attachment
content-length: 310
x-xss-protection: 1; mode=block
x-amz-cf-id: bwvH8GNHYWzBSCR5hAAuzuZcknVOr14F3tGHgZr1rlLNxUP2-TKd4A==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9248 23 KB
6 KB 63ms
63ms XHR
application/json 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-64.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

b83b58fef6f21cf9a6c4fb7d26c816b00e99c4d3fcbb3ae4b3838a1f7c7798ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 4A62F2686478BAE800EFF19D5EB3C2E8
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 29 Mar 2021 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
content-disposition: attachment
content-length: 5794
x-xss-protection: 1; mode=block
x-amz-cf-id: Z6OOa0XAdIroZ3kJzCTB4m124hr1_b_ze79W2y_P9Ywz-4kY5vi2_Q==

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame 5471 1 KB
1 KB 23ms
21ms Document
text/html 13.226.159.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-386598.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-100.dus51.r.cloudfront.net
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.goanywhere.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.goanywhere.com/

Response headers

content-type: text/html
content-length: 684
date: Mon, 29 Mar 2021 09:29:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Mon, 29 Mar 2021 09:29:02 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: yqo3Y3atHibJAlLG4r3AW_v3jsdtwUogipeESFUZePg7WyihFZSTlw==
age: 8084

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 9248 4 KB
4 KB 22ms
21ms Image
image/png 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-64.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 04:00:48 GMT
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 14:26:52 GMT
server: nginx
age: 27784
etag: W/"4197-1615818412000"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 4197
x-xss-protection: 1; mode=block
x-amz-cf-id: OK9L5NsX1vq4-d1NDGPLHXx0ZyK7Ok0709zAQdOogvTI__NETaSBKA==

GET
H/1.1

200
OK

OZ2HIIQDPRF6VPA6TY6KLP.js Show response
s.adroll.com/pixel/RMK47H5TGNGNPAH45PUQM5/3ET4NDRYTJCD5JU7HUQ4KT/
Redirect Chain

https://d.adroll.com/pixel/RMK47H5TGNGNPAH45PUQM5/3ET4NDRYTJCD5JU7HUQ4KT?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fho...
https://s.adroll.com/pixel/RMK47H5TGNGNPAH45PUQM5/3ET4NDRYTJCD5JU7HUQ4KT/OZ2HIIQDPRF6VPA6TY6KLP.js

15 KB
5 KB

22ms
22ms

Script
text/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/RMK47H5TGNGNPAH45PUQM5/3ET4NDRYTJCD5JU7HUQ4KT/OZ2HIIQDPRF6VPA6TY6KLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0c9f58edb0d1a0275a7ea947a44cbe13dec147c21da86c87e87f5e1108aa2d5c

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: dz4soxU8.XaeFPYGVrbPagMdwXgdPa6k
Content-Encoding: gzip
ETag: "836ce365b08289ba4e577cc3a8a8c337"
x-amz-request-id: 1021BBB85D59C264
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4419
x-amz-id-2: wqxzh8SQb2JtXP1+xcaNbSCZkwaZA9aT5ErRvP9xrA6CdICpzYeN7MGh+cDjaqafNIaeK8PpPwM=
Last-Modified: Tue, 08 Dec 2020 23:50:11 GMT
Server: AmazonS3
Date: Mon, 29 Mar 2021 11:43:52 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: *goanywhere.com*
date: Mon, 29 Mar 2021 11:43:52 GMT
x-segment-eid: OZ2HIIQDPRF6VPA6TY6KLP
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/RMK47H5TGNGNPAH45PUQM5/3ET4NDRYTJCD5JU7HUQ4KT/OZ2HIIQDPRF6VPA6TY6KLP.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: GoAnywhere visitors
x-pixel-eid: 3ET4NDRYTJCD5JU7HUQ4KT
x-segment-name: ae946d61
x-advertisable-eid: RMK47H5TGNGNPAH45PUQM5
content-length: 0
x-conversion-currency

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 10 KB
3 KB 27ms
26ms Script
application/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/RMK47H5TGNGNPAH45PUQM5/3ET4NDRYTJCD5JU7HUQ4KT?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&pv=32148125111.587933&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2e4320f083852424c933bb6fb3d766c84ec4c088b7b87cf1c9ab7a34d5cfdc3c

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sPhUjfTvJRH4ad3mG89fgxqjlrSkoyYX
Content-Encoding: gzip
ETag: "062104cc4fbe261fe3ad021f9f25a6e6"
x-amz-request-id: QXHZA207EGZQX7DR
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2276
x-amz-id-2: eoz8F/Ckg27cqFdfwOUxk04oKS5obgo36hKsksNZVNRh7ZArmB8n4g4dOEpLNdvvqeUhwAc0Gpc=
Last-Modified: Fri, 26 Mar 2021 14:57:19 GMT
Server: AmazonS3
Date: Mon, 29 Mar 2021 11:43:52 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 1518438395082125 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 65ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1518438395082125?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b8ac3f74d8392f5a4c2dc9b421e28918c92aea016db0f9602fd534cac4c7c4bf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: CZAuvUXlUonmzbjtAyZA/3sH1s6RyzaKCHhY/W9Nnh+ieqYLDw+UlwHqXXOsxPj6oOuSy1xsZekTBCWlZ3owcQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 29 Mar 2021 11:43:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 3ET4NDRYTJCD5JU7HUQ4KT
d.adroll.com/onp/RMK47H5TGNGNPAH45PUQM5/ 42 B
534 B 36ms
33ms Image
image/gif 3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/onp/RMK47H5TGNGNPAH45PUQM5/3ET4NDRYTJCD5JU7HUQ4KT?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&pv=32148125111.587933&ev=t%3Dtop%26f%3D0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 11:43:52 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
x-advertisable-eid: RMK47H5TGNGNPAH45PUQM5
content-length: 42

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3...
https://pixel.advertising.com/ups/55980/sync?uid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
125 B

71ms
23ms

Image
text/plain

35.156.106.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.106.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-106-231.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55980/sync?uid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Mon, 29 Mar 2021 11:43:52 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 167
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&expiration=1648554232
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&expiration=1648554232&C=1

43 B
1 KB

36ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&expiration=1648554232&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Mar 2021 11:43:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Mar 2021 11:43:52 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Mar 2021 11:43:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&expiration=1648554232&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Mon, 29 Mar 2021 11:43:52 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fc...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&expires=365

0
239 B

90ms
23ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&expires=365
pragma: no-cache
date: Mon, 29 Mar 2021 11:43:52 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-runn...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&rdrctExp=true

0
477 B

90ms
90ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&rdrctExp=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 11:43:52 GMT
Cache-Control: no-cache
X-TraceId: 9e65c3010c801c42582a0828566ecd71
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&rdrctExp=true
Date: Mon, 29 Mar 2021 11:43:52 GMT
X-TraceId: 5d28695bc52d8a4125c9e15f7ae54df5
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-runn...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
806 B

95ms
22ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 11:43:52 GMT
X-lat: lhrpug001:0:494
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Mon, 29 Mar 2021 11:43:52 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 220
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fc...
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
447 B

20ms
7ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Mon, 29 Mar 2021 11:43:52 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-runni...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI

0
218 B

56ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Mon, 29 Mar 2021 11:43:52 GMT
server: nginx
x-fastly-to-nlb-rtt: 2033

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI
pragma: no-cache
date: Mon, 29 Mar 2021 11:43:52 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-ru...
https://eb2.3lift.com/xuid?mid=4714&xuid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
351 B

24ms
23ms

Image
image/gif

3.124.88.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.88.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-88-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date: Mon, 29 Mar 2021 11:43:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fc...
https://x.bidswitch.net/sync?dsp_id=44&user_id=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI

43 B
344 B

24ms
24ms

Image
image/gif

18.195.73.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-36.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI
date: Mon, 29 Mar 2021 11:43:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fc...
https://ib.adnxs.com/setuid?entity=172&code=YTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI

43 B
1 KB

95ms
95ms

Image
image/gif

185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Mar 2021 11:43:52 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.73:80
AN-X-Request-Uuid: b3f56a5a-cb0d-478b-a5b3-2a330acdec45
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Mar 2021 11:43:52 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid: 5e1bbb19-e5dd-48f9-9b98-de149af37478
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTE0MWQ4ZTY3Y2Q2OWFjNTczNjg0Y2RkYTgwMjQwOWI
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 34ms
32ms Image
image/gif 3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&xid_ch=f&advertisable=RMK47H5TGNGNPAH45PUQM5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.18.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fc...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=a141d8e67cd69ac573684cdda802409b
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a141d8e67cd69ac573684cdda802409b

43 B
180 B

21ms
20ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a141d8e67cd69ac573684cdda802409b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 11:43:52 GMT
via: 1.1 google
server: OXGW/16.205.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a141d8e67cd69ac573684cdda802409b
date: Mon, 29 Mar 2021 11:43:52 GMT
via: 1.1 google
server: OXGW/16.205.1
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=329231951fe36c859d89735b1622add0-1617018232029&arrfrr=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fc...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=oUHY5nzWmsVzaEzdqAJAmw
https://d.adroll.com/cm/g/in

42 B
535 B

34ms
33ms

Image
image/gif

3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 11:43:52 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Mon, 29 Mar 2021 11:43:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1518438395082125&ev=PageView&dl=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&rl=&if=false&ts=1617018232193&cd[segment_eid]=OZ2HIIQDPRF6VPA6TY6KLP&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=29&fbp=fb.1.1617018231855.1687394134&it=1617018231782&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 29 Mar 2021 11:43:52 GMT

GET
H2 200 legacy-api.min.js Show response
a.omappapi.com/app/js/ 106 KB
30 KB 23ms
23ms Script
application/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/legacy-api.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Berlin, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 55217ecc92dbb7d631c35f86b9bf220770fb5d292037886aabffd529be5ec2e2

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
content-encoding: br
cdn-edgestorageid: 481
perma-cache: HIT
cdn-storageserver: DE-51
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-03-22 15:54:44
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin: *
last-modified: Mon, 22 Mar 2021 15:54:24 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: 6e73f2581236500c8df6c46d68937953
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
7 KB 23ms
22ms Script
application/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Berlin, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
content-encoding: br
cdn-edgestorageid: 481
perma-cache: HIT
cdn-storageserver: DE-51
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-03-11 20:30:44
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin: *
last-modified: Thu, 11 Mar 2021 20:23:40 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: 63746d9c884f3a5c20b19e4ec1f0a8b3
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 json Show response
api.omappapi.com/v3/geolocate/ 558 B
966 B 106ms
106ms XHR
application/json 13.226.159.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v3/geolocate/json
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-22.dus51.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 341d9243f8cb4405574a46187522829cea2027db284e8ba13e16134bcc7d05cc

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: DUS51-C1
x-cache-status: BYPASS
x-cache: Miss from cloudfront
content-length: 558
x-user-agent: standard--
server: Pagely Gateway/1.5.1
x-ratelimit-remaining: 999
content-type: application/json
access-control-allow-origin: *
x-ratelimit-reset: 1617018292
x-ratelimit-limit: 1000
x-pagely-debug: mainblock
x-amz-cf-id: MOKFUDzu-sIXdvn3O0aWPoTJ2AwA0mTLWKHU4XPHq1kkhW4xqveDoA==

GET
H2 200 moment.min.js Show response
a.omappapi.com/app/js/moment.js/2.24.0/ 52 KB
19 KB 60ms
60ms Script
application/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/moment.js/2.24.0/moment.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Berlin, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
content-encoding: br
cdn-edgestorageid: 481
perma-cache: HIT
cdn-storageserver: DE-51
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-03-20 20:17:04
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin: *
last-modified: Thu, 11 Mar 2021 20:34:50 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: 2540b5b8f1f3fde416b21a9915447306
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 11fe00cccd631571077355-100419-ga-optin-monster-ads-ftp-seguro-pop-up.png
a.omappapi.com/users/8277dd5ad1d7/images/ 19 KB
19 KB 23ms
23ms Image
image/webp 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.omappapi.com/users/8277dd5ad1d7/images/11fe00cccd631571077355-100419-ga-optin-monster-ads-ftp-seguro-pop-up.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Berlin, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: a0f9952290346fd5bd5dcba41e000f575568d4b2b554ca81c7a9c21f2a7e259f

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
cdn-edgestorageid: 481
perma-cache: HIT
cdn-storageserver: DE-51
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-03-29 06:16:29
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 19270
access-control-allow-origin: *
last-modified: Thu, 11 Mar 2021 20:36:58 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
content-type: image/webp
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: f6c719f22a4182bde47a29c40fed016a
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 moment-timezone-with-data-2012-2022.min.js Show response
a.omappapi.com/app/js/moment-timezone/0.5.23/ 32 KB
11 KB 67ms
66ms Script
application/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/moment-timezone/0.5.23/moment-timezone-with-data-2012-2022.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Berlin, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 23190e1539469cc8b5faccb038b260ccda2cc62672c70efa1900a51a8e3d1be5

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
content-encoding: br
cdn-edgestorageid: 481
perma-cache: HIT
cdn-storageserver: DE-51
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-03-20 20:19:27
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin: *
last-modified: Thu, 11 Mar 2021 20:34:51 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: 46a6fa4c2de2fde5755dc95a3db16ec2
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=681125172671857&ev=Microdata&dl=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%3Fcode%3Dcmp-0000008418%26ls%3D717710006%26utm_source%3Dcyberdefense%26utm_medium%3Demail%26utm_campaign%3Dga-miscellaneous&rl=&if=false&ts=1617018232360&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20on%20the%20Right%20Track%20with%20GoAnywhere%20MFT%22%2C%22meta%3Adescription%22%3A%22Without%20the%20right%20secure%20file%20transfer%20solution%20in%20place%2C%20transferring%20files%20person-to-person%20or%20server-to-server%20can%20sometimes%20feel%20like%20being%20behind%20the%20wheel%20of%20an%20outdated%20clunker%20on%20a%20long%20road%20trip%20to%20nowhere.%20In%20record%20time%2C%20GoAnywhere%20MFT%20can%20help%20rev%20up%20your%20file%20transfers%20and%20accelerate%20your%20solution%20without%20%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22How%27s%20Your%20File%20Transfer%20Process%20Running%3F%22%2C%22og%3Adescription%22%3A%22Without%20the%20right%20secure%20file%20transfer%20solution%20in%20place%2C%20transferring%20files%20person-to-person%20or%20server-to-server%20can%20sometimes%20feel%20like%20being%20behind%20the%20wheel%20of%20an%20outdated%20clunker%20on%20a%20long%20road%20trip%20to%20nowhere.%20In%20record%20time%2C%20GoAnywhere%20MFT%20can%20help%20rev%20up%20your%20file%20transfers%20and%20accelerate%20your%20solution%20without%20%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running%22%2C%22og%3Asite_name%22%3A%22goanywhere.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.goanywhere.com%2Fimages%2Fwhite-papers%2Fhow-is-your-file-transfer-process-running-featured-20200603.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1617018231855.1687394134&it=1617018231782&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 29 Mar 2021 11:43:52 GMT

GET
H2 200 6.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/ Frame 9248 7 KB
3 KB 42ms
42ms XHR
application/javascript 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/6.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-64.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 9ebd1bce8f64bad3c33692061797d87b35c3ade8604eb1121e32234967427151

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:52 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 14:27:12 GMT
server: nginx
x-amz-cf-pop: DUS51-C1
etag: W/"6754-1615818432000"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-id: IChPQnjEeCIEgYuY1Xfee5EgQbP22Qry82LsPwwN2x-0vVPPk7CblQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 get
consent.trustarc.com/ Frame 9248 9 KB
9 KB 28ms
27ms Image
image/svg+xml 13.226.159.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/get?name=hslogo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-118.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 81837bb647b79c1e159b440fd593ab3f081fda2e018ca5b7b3a537b28fc3bd3e

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 29 Mar 2021 11:11:45 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
server: nginx
age: 1927
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 9071
x-amz-cf-id: E2TYcSi7jjh9kszuSr18W8vU6L2XgMAJgaWsSdpHb7M76Wll8MSrfQ==
expires: Wed, 28 Apr 2021 11:11:45 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame F462 2 KB
1 KB 22ms
22ms Document
text/html 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-64.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /cookie_inneriframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://prefmgr-cookie.truste-svc.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://prefmgr-cookie.truste-svc.net/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 29 Mar 2021 04:00:48 GMT
server: nginx
etag: W/"2008-1615818412000"
last-modified: Mon, 15 Mar 2021 14:26:52 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: TbRZuJvu9jiW-UIiJKov1PTqaX4SqiMRsZozJQGeK0pE7iCOeC_WWQ==
age: 27784

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 9248 4 KB
4 KB 22ms
21ms Image
image/png 13.226.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-64.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystemstest.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.goanywhere.com/company/privacy-policy&cookieLink=https://www.goanywhere.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 04:00:48 GMT
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 14:26:52 GMT
server: nginx
age: 27785
etag: W/"4197-1615818412000"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 4197
x-xss-protection: 1; mode=block
x-amz-cf-id: vP9qbwKc-K0zYbkp4-9D9ru_ULw-HAWi3oNA0NtgustPrVIlOp1sTw==

GET
H2 200 loader-v2.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 8 KB
3 KB 132ms
124ms Script
text/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/loader-v2.js?canon=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running&hsutk=c7a0000017ee18a51da601787dcc21fc&pg=d4c3cb58-4721-435f-9aa6-be999a3cc43e&pid=3478499&sv=cta-embed-js-static-1.23&utm_campaign=ga-miscellaneous&utm_medium=email&lag=2002&rdy=1&df=t

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a016625020c4acd299ae39803c313b25adc7399ec968e5f2482c3f4646cdad9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:53 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-disposition: attachment; name="loaderJS" filename="loader-v2.js"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 091f653a0900004aa4dc0d6000000001
x-robots-tag: noindex, follow
server: cloudflare
x-trace: 2B021430A77B365BF5D92E93569C3B0D1F0F1DEABE000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rQO4RSkWv0ZtUU%2BpoeA7%2FFnnmJkqa%2BHPdDzRKB7D0DFH%2B%2F747uQN2Bd9DUY0uKBIfDNDQItVTf56w7yF7X2C2%2F%2FyPh1OuTMPsN%2Fxxp454UBoYeLs4x%2BBLrk3ogrye5IQF77rgStp%2F1%2F3"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6378d7d67fbc4aa4-FRA

GET
H2 200 loader-v2.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 9 KB
3 KB 132ms
125ms Script
text/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/loader-v2.js?canon=https%3A%2F%2Fwww.goanywhere.com%2Frequest-white-paper%2Fhow-is-your-file-transfer-process-running&hsutk=c7a00000188010391c3701787dcc21fd&pg=69f10af8-9ce4-4980-9c77-2c764b939492&pid=3478499&sv=cta-embed-js-static-1.23&utm_campaign=ga-miscellaneous&utm_medium=email&lag=2001&rdy=1&df=t

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2398e7849fbb0af41d39598dd6b2232304db9720bcaab13fc0dadfec85794b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:53 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-disposition: attachment; name="loaderJS" filename="loader-v2.js"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 091f653a0900004aa449afd000000001
x-robots-tag: noindex, follow
server: cloudflare
x-trace: 2BFD7D09E8559571224A8AC1647AB69E979A422918000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FMvSVWofiS3Pd4YwOaQWPZLcRs%2BcKnMxoKaW9j2coK%2BHPNDh0jYK5XJYjKW5xUeF%2FNQn0QQnbsbZdotqsmDaL2ws28nGMjBpbHVcn%2Bbc1mG1XiwAxJchWfpYw1voS363jc%2Fp%2BYeIbJ0L"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6378d7d67fb64aa4-FRA

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
364 B 121ms
120ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=3478499&pg=d4c3cb58-4721-435f-9aa6-be999a3cc43e&lt=1617018231339&dt=1617018233341&at=1617018233487&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:53 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-trace: 2BDC3C877E8F4C8F2E51FC31140AA3A4F68D849A87000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X2zyJI729CzKzrxR70gJisGq9jPZcwe3IGi5Wj55u5VvzJn7rx%2FcPyNpbWGn2dqsqwLjj0rxZJ6S1vsGiVyYfEsKkn9dXxyQbWkeM55svOFz5d9eQ2aqnqx3uZ%2BA3yZfzRf4hEkqxizz"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, max-age=0
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6378d7d7593d4aa4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 091f653a9400004aa40a933000000001
x-robots-tag: noindex, follow

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
551 B 117ms
116ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=3478499&pg=69f10af8-9ce4-4980-9c77-2c764b939492&lt=1617018231340&dt=1617018233341&at=1617018233492&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.goanywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:43:53 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-trace: 2BC489491A5917C72FF3928A26DAE70697B45F9724000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tHvl%2BPNxBXLd%2Fh52p4ZPPCijpPpAFILDuu6od0eYyak%2FHsKe2LKYxPNOrFa2Vz0xZmsE8prOZqNQF0vzUXhc8ZRWLE407zPIU2u1UUkJcRsDQheHzbR6uy%2FGYz7YucUFx%2F1%2BH1ihn8w8"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, max-age=0
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6378d7d7594a4aa4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 091f653a9900004aa4caa37000000001
x-robots-tag: noindex, follow

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
consent-pref.trustarc.com/	1970-01-19 17:10:18	Name: token_test Value: Mon Mar 29 2021 13:43:52 GMT+0200 (Central European Summer Time)
.goanywhere.com/	1970-01-19 17:10:20	Name: _hjFirstSeen Value: 1
www.goanywhere.com/	1970-01-23 17:08:51	Name: _omappvp Value: ar6w0UTPduYw4wpNltmP0ZAkxOYdZ5eok7BLS6ABXD3e9h4yzvow3TCuwSR9gAoQbJKER40CaKNH50U28oV9oDgn7D4KcqAy
.goanywhere.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.goanywhere.com/	1970-01-19 19:19:54	Name: _fbp Value: fb.1.1617018231855.1687394134
.www.goanywhere.com/	1970-01-20 01:55:54	Name: __ar_v4 Value: %7CRMK47H5TGNGNPAH45PUQM5%3A20210328%3A1%7C3ET4NDRYTJCD5JU7HUQ4KT%3A20210328%3A1%7COZ2HIIQDPRF6VPA6TY6KLP%3A20210328%3A1
.www.goanywhere.com/	1970-01-20 01:56:15	Name: __adroll_fpc Value: 329231951fe36c859d89735b1622add0-1617018232029
www.goanywhere.com/	1970-01-19 17:10:19	Name: _omappvs Value: 1617018231935
.goanywhere.com/	1970-01-19 17:11:44	Name: _gid Value: GA1.2.1155589368.1617018232
prefmgr-cookie.truste-svc.net/	1970-01-19 17:10:18	Name: cookie_3rdparty Value: enabled
.goanywhere.com/	1970-01-20 01:55:54	Name: _hjid Value: c7470794-76c3-48cf-9dc0-6910c42f06dd
.goanywhere.com/	1970-01-19 17:10:18	Name: _dc_gtm_UA-916129-4 Value: 1
.goanywhere.com/	1970-01-20 10:41:30	Name: _ga Value: GA1.2.1427304951.1617018232

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.omniconvert.com/js/xd429be.js(Line 1) Message: [MKTZ] Consent is disabled
console-api	log	(Line 1) Message: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
console-api	log	(Line 1) Message: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
console-api	log	(Line 1) Message: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
console-api	log	(Line 1) Message: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
console-api	log	(Line 1) Message: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
console-api	log	(Line 1) Message: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

237391.seu2.cleverreach.com
a.omappapi.com
ads.yahoo.com
api.omappapi.com
app.omniconvert.com
apt.techtarget.com
bat.bing.com
cdn.omniconvert.com
cm.g.doubleclick.net
connect.facebook.net
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
cta-service-cms2.hubspot.com
d.adroll.com
d.adroll.mgr.consensu.org
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
googleads.g.doubleclick.net
ib.adnxs.com
js.hscta.net
js.hsforms.net
no-cache.hubspot.com
pixel.advertising.com
pixel.rubiconproject.com
prefmgr-cookie.truste-svc.net
px.ads.linkedin.com
s.adroll.com
script.hotjar.com
simage2.pubmatic.com
snap.licdn.com
static.goanywhere.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
tracking.g2crowd.com
trk.techtarget.com
us-u.openx.net
vars.hotjar.com
www.facebook.com
www.goanywhere.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
13.226.159.100
13.226.159.118
13.226.159.122
13.226.159.124
13.226.159.22
13.226.159.46
13.226.159.64
141.226.228.48
142.250.185.162
163.171.128.148
172.217.16.130
178.128.139.113
18.195.73.36
185.33.223.178
185.59.220.198
185.64.190.80
2.18.233.40
2.18.234.21
206.19.49.24
2606:4700::6810:5705
2606:4700::6811:b849
2606:4700::6811:e0cc
2606:4700::6812:1abe
2606:4700::6812:1bf2
2606:4700::6813:9a53
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:802::200e
2a00:1450:4001:812::2004
2a00:1450:4001:813::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:400c:c00::9a
2a02:26f0:6c00:2bd::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.88.100
3.248.28.111
34.198.105.228
34.251.230.144
34.98.64.218
35.156.106.231
62.113.194.12
64.202.112.31
69.173.144.165
08aa4a91579ba7fd71d319d962e6d41000492eea14b98ee5561b5efe69cee87f
0a9073f8a864d021091181726653951f100dfcabb6d1c04d91c4fd0e74a4e35a
0c9f58edb0d1a0275a7ea947a44cbe13dec147c21da86c87e87f5e1108aa2d5c
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
155257e70990a85fccf437ebca8ba1c031dbef447addb18d325cd03d08692ba3
1c085fbc337b5480c79abb0e5a9a03265e32c1fd46527c9de4ae2d554f1bdc9b
1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77
23190e1539469cc8b5faccb038b260ccda2cc62672c70efa1900a51a8e3d1be5
2398e7849fbb0af41d39598dd6b2232304db9720bcaab13fc0dadfec85794b44
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2606b91cca1f76efe9c503aaef5b7956ef6415a9403b8bbc0f5eb857d515bb05
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2d14ec8fbfd0ce3f14479bb1c4fc466ab5e61681c78bcb9c857d4965f81e41db
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e4320f083852424c933bb6fb3d766c84ec4c088b7b87cf1c9ab7a34d5cfdc3c
2f3083f145cc95d1e576f81798d258ba8fe94cfcf169aa1cf8e06b032e26eb30
306ed870df93d25975c922d41e403ea26ac2d91ab61e8d63a42456ed130652b3
341d9243f8cb4405574a46187522829cea2027db284e8ba13e16134bcc7d05cc
3af3107c28f09b96f740aa5adeaccb35c0b2c68e5ec96302c908e12abdf29307
3b416a15d3dc9e914a04ddad4ed898c67db545111ec2334b6daec8c651bdfad0
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
44b2ca3ac1efd51a6a227b9dc75ce6a4aeea453b9a20499eab3a54a4cc1fe343
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55217ecc92dbb7d631c35f86b9bf220770fb5d292037886aabffd529be5ec2e2
5cf2dea4437f40b914e9bcb6fc763630b0a58c20b6fc6a765a540cc11f078a62
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5f20b1d763177090f7027d3a021e2962ac5d18132e3b33f418cc873e991761de
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bdd9f58ab4cb426e02a640abf9f14196e15792a4358907fa4ce53aa9e810883
6e64f28ba59467df055c16b2d059405498031efc86defb744071e574d48fccf9
81837bb647b79c1e159b440fd593ab3f081fda2e018ca5b7b3a537b28fc3bd3e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88458ecd332c0981307f5ff04389d1f722f9b7bc590eca31c99416c729a2a096
8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e
8f05d9f452ae2ccd04636c044c0ec94c4f9816ed99ecdf92d60ed19f935b9bdf
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9ebd1bce8f64bad3c33692061797d87b35c3ade8604eb1121e32234967427151
a016625020c4acd299ae39803c313b25adc7399ec968e5f2482c3f4646cdad9d
a0f9952290346fd5bd5dcba41e000f575568d4b2b554ca81c7a9c21f2a7e259f
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a2ede192b002f0c52c1b7ae9c53aa2922150141ad17d6bf341c81c4c12f296e0
a33131ca8724c9a71ada74fb60745a77adb4efcb146181fd620ac1dac416ecb8
a637d3ff767789f9b113bbfa208bdb6a76efed7c4c111da2a130f6a38a51d353
b1232398e1b51ae5dbfccf2da15dce486155776810ade85fc1625ed6ae98ac51
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4c96f55c265e0a80be4243a16f7e88b9a67c85b71b4e2aa8cea4e1aa989b0d1
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b83b58fef6f21cf9a6c4fb7d26c816b00e99c4d3fcbb3ae4b3838a1f7c7798ca
b8ac3f74d8392f5a4c2dc9b421e28918c92aea016db0f9602fd534cac4c7c4bf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbff0182d1a1f1af97f7a7d94badc0a4df084f50c09a6213f59fa5305dc120d9
bcef9dcd382a1a5b6e6dde4fa4e58887107b670f5c2f8f3777ec80c40ebc3561
be26dc83d31ea12211104016f94a8df96762c716ff80ef9859b5d87d5ef19ba4
c0ae963a98cc0ec57e52231b991906a48767dcbbaa5b1173fb8630caab564270
c5b494b21a21ca3ab1305b399a8f5d4d87a013150441c674ddc10ba35af384c9
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cf89cb5d2c828cd070b37e74dc094708f3a8b939ae6930f41c0ddd8e2bc964b5
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4
da63cb7a3f1a690f2947a02ab38949b44aaa73fc6c08ea75602604003d01c9c6
da8214844528d4cfcbba106adeffa70cbf6e89c5ba1c84e1d0d17bfb3615df25
dd539581bfb5b1c4eec155fccbe87a654f6cddff1f1927d9ea15a16453ca32a1
ded567f565b246426e50cdff9cea1d2854ddd6e834c2fc632f5344f968558d4a
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e3a70220cb36280e5e0cc057aec4549d641c9898735f2e2c64f0b612d80784ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
ea1f1cd8dd93d32f9b337df9b9faf9073015353f384895a59e743eb5ddce47d4
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5ba23cb40838cfc7c5fd586f689bbfbdb426c7742f682b99140dfcb7667113d
f7f70b03f777091061aa8a288e78a94d27ef64ee91f077c5275dc75d923f7e7e
ff64f6cabe25083d3381c7f60b81fcd6eb25175d8808a728b159c3764cebdd61

www.goanywhere.com Open in urlscan Pro 2606:4700::6812:1bf2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

100 %HTTPS

43 %IPv6

39 Domains

52 Subdomains

46 IPs

6 Countries

1653 kBTransfer

4647 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.goanywhere.com Open in urlscan Pro
2606:4700::6812:1bf2 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

100 %
HTTPS

43 %
IPv6

39
Domains

52
Subdomains

46
IPs

6
Countries

1653 kB
Transfer

4647 kB
Size

13
Cookies

103 HTTP transactions
0 data transactions