customer.rubicon.com Open in urlscan Pro
13.225.78.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url3320.rubicon.com/ls/click?upn=qNTrwrjhPArnJSWmQgswd1U-2F1fCUH4y8lk8UCtjWOMsZ2hwFq0VG9RYqr7m7TnDPWcLNjVy4YZJxXXf7Q...
Effective URL:
https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FD...
Submission: On July 18 via manual (July 18th 2022, 9:24:30 pm UTC) from US — Scanned from DE

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 17 domains to perform 61 HTTP transactions. The main IP is 13.225.78.67, located in United States and belongs to AMAZON-02, US. The main domain is customer.rubicon.com.
TLS certificate: Issued by Amazon on January 7th 2022. Valid for: a year.

This is the only time customer.rubicon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.54 167.89.123.54	11377 (SENDGRID) (SENDGRID)
7	13.225.78.67 13.225.78.67	16509 (AMAZON-02) (AMAZON-02)
2	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
16	104.90.193.42 104.90.193.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
2	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
2	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:27::... 2620:1ec:27::cafe:1501	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.92.104.92 3.92.104.92	14618 (AMAZON-AES) (AMAZON-AES)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	35.244.138.243 35.244.138.243	15169 (GOOGLE) (GOOGLE)
61	24

1 167.89.123.54 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x54.outbound-mail.sendgrid.net

url3320.rubicon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.225.78.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-67.fra2.r.cloudfront.net

customer.rubicon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.90.193.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-193-42.deploy.static.akamaitechnologies.com

cdn.walkme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1501 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.92.104.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-104-92.compute-1.amazonaws.com

customer-api.prod.aws.rubicon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.138.243 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 243.138.244.35.bc.googleusercontent.com

ec.walkme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	walkme.com cdn.walkme.com — Cisco Umbrella Rank: 1314 ec.walkme.com — Cisco Umbrella Rank: 1761	521 KB
10	rubicon.com 1 redirects url3320.rubicon.com customer.rubicon.com customer-api.prod.aws.rubicon.com	2 MB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 600 c.clarity.ms — Cisco Umbrella Rank: 1163 b.clarity.ms — Cisco Umbrella Rank: 5893	26 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 485 www.linkedin.com — Cisco Umbrella Rank: 534 px4.ads.linkedin.com — Cisco Umbrella Rank: 5743	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 398 c.bing.com — Cisco Umbrella Rank: 235	13 KB
4	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2623 rs.fullstory.com — Cisco Umbrella Rank: 2030	63 KB
3	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 305	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	499 B
2	google.de www.google.de — Cisco Umbrella Rank: 4915	565 B
2	google.com www.google.com — Cisco Umbrella Rank: 17	565 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	110 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 138 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	2 KB
2	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 477	29 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 134	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	60 KB
61	17

	Domain	Requested by
16	cdn.walkme.com	js-agent.newrelic.com cdn.walkme.com
7	customer.rubicon.com	customer.rubicon.com js-agent.newrelic.com
3	bam.nr-data.net	js-agent.newrelic.com
3	bat.bing.com	js-agent.newrelic.com customer.rubicon.com
3	www.google-analytics.com	js-agent.newrelic.com customer.rubicon.com
2	ec.walkme.com	js-agent.newrelic.com
2	b.clarity.ms	js-agent.newrelic.com
2	c.clarity.ms	1 redirects
2	customer-api.prod.aws.rubicon.com	js-agent.newrelic.com
2	www.clarity.ms	js-agent.newrelic.com
2	www.facebook.com	customer.rubicon.com
2	px.ads.linkedin.com	2 redirects
2	www.google.de	customer.rubicon.com
2	www.google.com	customer.rubicon.com
2	connect.facebook.net	js-agent.newrelic.com
2	rs.fullstory.com	js-agent.newrelic.com
2	edge.fullstory.com	js-agent.newrelic.com edge.fullstory.com
2	js-agent.newrelic.com	customer.rubicon.com js-agent.newrelic.com
1	c.bing.com	1 redirects
1	googleads.g.doubleclick.net	js-agent.newrelic.com
1	px4.ads.linkedin.com	customer.rubicon.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	js-agent.newrelic.com
1	www.googleadservices.com	js-agent.newrelic.com
1	stats.g.doubleclick.net	js-agent.newrelic.com
1	www.googletagmanager.com	js-agent.newrelic.com
1	url3320.rubicon.com	1 redirects
61	27

This site contains no links.

Subject Issuer	Validity	Valid
*.rubicon.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
walkme.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-16` - `2023-03-29`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2022-06-11` - `2022-09-09`	3 months	crt.sh
*.fullstory.com R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-26` - `2022-07-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.walkme.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-20` - `2023-01-20`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93
Frame ID: B7973B087E2E21FE42C6A3DF12FA823F
Requests: 60 HTTP requests in this frame

Frame: https://cdn.walkme.com/player/lib/20220529-160618-3129feea.br/resources/CD/cdHiddenIframeScript.js
Frame ID: D99D88640EE42AA8CE754359BA6EC384
Requests: 2 HTTP requests in this frame

Frame: https://cdn.walkme.com/player/lib/20220529-160618-3129feea.br/resources/CD/CDhiddenIframe.compress.html
Frame ID: F7A7227B99929F27C5CF2D6EFFB5E729
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rubicon Customer Portal

Page URL History Show full URLs

http://url3320.rubicon.com/ls/click?upn=qNTrwrjhPArnJSWmQgswd1U-2F1fCUH4y8lk8UCtjWOMsZ2hwFq0VG9RYqr7m7T... HTTP 302
https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

97 %
HTTPS

48 %
IPv6

17
Domains

27
Subdomains

24
IPs

4
Countries

2749 kB
Transfer

5043 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url3320.rubicon.com/ls/click?upn=qNTrwrjhPArnJSWmQgswd1U-2F1fCUH4y8lk8UCtjWOMsZ2hwFq0VG9RYqr7m7TnDPWcLNjVy4YZJxXXf7QR-2FxJ2QoEb91rqehA0e3bo3I33Q-2BPio-2FHTZWWWC5bcEGRfPiAxj0sl1-2FEmD5bQzSrWBgBGor8fvBnvrPiUqvsIPId8PumktZflalgZGgRWbxFPDbN5mfj-2FJnkxqKV6faD37dwA-3D-3DTOAz_RtWAdo7KjB7EfPSANvDmxDriYuRKOhqC0td6Xyr8Q2Q4g-2B7I1FIJAzeg9yCkYJugZVulRzUxjIBWJ5IT5rDftEG0wvUrGfNUmBQMxV68IJ9-2FF7SJTxqEEEWCfSNnHzlGbMdrgazRg96DYVUCzwdCBk5Ge9ZW7npzQSwoBo6FPsI1LtFwX3kNd7qoxJPIXhY3Jm0ktMXdM7d-2BZ82I5MvZLHrtecLDBLwfCjitZRm3N4WlZVz8ahbZOA7mQqy2r7pWNqHV2838sITQaO1vHZKAK8Zq0kLg1FvHcil4hpIrPvdufnVnc4IjV-2BmMEqKAMF56dHu0bCJsqeKP3boluGpUZA-3D-3D HTTP 302
https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=410980&time=1658179464861&url=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Fkey%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93%26email%3Djleek%40ochsner.org HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D410980%26time%3D1658179464861%26url%3Dhttps%253A%252F%252Fcustomer.rubicon.com%252Faccount%252Fsetpassword%253Fkey%253DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93%2526email%253Djleek%2540ochsner.org%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=410980&time=1658179464861&url=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Fkey%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93%26email%3Djleek%40ochsner.org&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=410980&time=1658179464861&url=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Fkey%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93%26email%3Djleek%40ochsner.org&liSync=true&e_ipv6=AQJKh5V65j9Q-wAAAYITMq_PqT87NPkUBMGirl47HNmH3XkClGk9XgXKCUcbLvC59j13T6A

Request Chain 53

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=6439FFBA389140F9AAB06C5C21DEEF6F&RedC=c.clarity.ms&MXFR=36BD26B0BB7B622A36CB3755BF7B6C23 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=6439FFBA389140F9AAB06C5C21DEEF6F&MUID=1950F6C5A304670F1081E720A26F6671

61 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request setpassword Show response
customer.rubicon.com/account/
Redirect Chain

http://url3320.rubicon.com/ls/click?upn=qNTrwrjhPArnJSWmQgswd1U-2F1fCUH4y8lk8UCtjWOMsZ2hwFq0VG9RYqr7m7TnDPWcLNjVy4YZJxXXf7QR-2FxJ2QoEb91rqehA0e3bo3I33Q-2BPio-2FHTZWWWC5bcEGRfPiAxj0sl1-2FEmD5bQzSrWB...
https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93

1 KB
2 KB

664ms
524ms

Document
text/html

13.225.78.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-67.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

31ceb90aca4e65ad1df5c511ed6f5e38aa2aef65b78472d2c5e39689e2d44f0e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 1456
content-type: text/html
date: Mon, 18 Jul 2022 21:24:24 GMT
etag: "aed775a744a1d0d15f2f3f985d8174c4"
last-modified: Sat, 09 Jul 2022 02:01:33 GMT
server: AmazonS3
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-id: lmcHNE-CPxx8uUdTiaFToZlixYtc8janwoQYEzOsq8kCkYfGHHWclA==
x-amz-cf-pop: FRA2-C2
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: ZAzqBpXgzr9qhJjizCPvokcaCq9ELHrM
x-cache: Error from cloudfront
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 168
Content-Type: text/html; charset=utf-8
Date: Mon, 18 Jul 2022 21:24:22 GMT
Location: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 nr-loader-spa-current.min.js Show response
js-agent.newrelic.com/ 30 KB
11 KB 342ms
306ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Requested by: Host: customer.rubicon.com
URL: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c33fff4df5cd458069f647ed3d426c096bd5423784798fdf8be7cd79fa52f16a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 97o4kYalYTg86GbjVtFGPLBMdxyBe_EW
content-encoding: gzip
etag: "fcd1388e1b29f8dd38ed4225ed40a468"
x-amz-request-id: GJNZVA3GCPXKKNA6
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 10670
x-amz-id-2: kOiF4/2AAUVR6UOtXoKis56+7kTy7urMk8I4Exb/7xCIF/D9KR8+duB52PsNLvTQnaLvpqSGsfQ=
x-served-by: cache-hhn4028-HHN
last-modified: Mon, 02 May 2022 20:21:53 GMT
server: AmazonS3
x-timer: S1658179463.451290,VS0,VE297
date: Mon, 18 Jul 2022 21:24:23 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 main.fdf76027.js Show response
customer.rubicon.com/static/js/ 2 MB
2 MB 415ms
410ms Script
application/javascript 13.225.78.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.rubicon.com/static/js/main.fdf76027.js

Requested by

Host: customer.rubicon.com
URL: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-67.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

498a836549b8285bf0db2dfecbc189b6c5e64f2beab3782640d6c0debc3c555c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 18 Jul 2022 21:24:24 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
last-modified: Sat, 09 Jul 2022 02:01:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "75bd7067636ff9dd8897437f6b030300"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
x-amz-version-id: .yeXuH9kScKhp3xvqiHeDfcfWS6qzJ9c
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: application/javascript
content-length: 1739114
x-amz-cf-id: tHfZiSIIga9UBHGTPMC_BaknRJS0y_Zp2VW0UpBvNKqSYbcoCAIVRw==

GET
H2 200 main.44047500.css
customer.rubicon.com/static/css/ 4 KB
5 KB 121ms
119ms Stylesheet
text/css 13.225.78.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.rubicon.com/static/css/main.44047500.css

Requested by

Host: customer.rubicon.com
URL: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-67.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f1870077024b302a88c92a82484018be03ce9c8ccb9d263daa451842023fb5c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 18 Jul 2022 21:24:24 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
last-modified: Sat, 09 Jul 2022 02:01:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "0ff7c50baf3c6899853ce465bf0c9e7f"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
x-amz-version-id: HYn9EuK68kyYrnudWL1dq1J2S7C2tVem
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: text/css
content-length: 4283
x-amz-cf-id: hnFKjzcLhligXB0IbQpWBjfLzZH6dh226z1TRIQUKEqW81pMJGITJg==

GET
H2 200 walkme_5b990973de1b4cb8a930717f4f28e9ae_https.js Show response
cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/ 23 KB
9 KB 54ms
8ms Script
application/x-javascript 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/walkme_5b990973de1b4cb8a930717f4f28e9ae_https.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

fecf5721c2255333c9e30ea1cf051985bac9c14d1c7f152f923bdeb00d501e04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 9o7e.PJwLLwfZkHnZBUceHPTsbfE_nCC
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: X0M68FZBMN546BS3
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 8213
x-amz-id-2: rf7eOLqolCUkl/VmQx3H7vMpnZHl7rbZKug77xnVNahd5UrCG9QWh4qfL3CAo+eyyAb9ak/TsMI=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Jun 2022 14:26:50 GMT
date: Mon, 18 Jul 2022 21:24:23 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/x-javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=61047
etag: "5a781aca35458250001253f756024069"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 settings.txt Show response
cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/ 2 KB
1 KB 33ms
32ms Script
application/javascript 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/settings.txt

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

14ce1dd0c22d70417b2cb8cf11ab90f27b9c8ee45d76a6fe23a75cc70ff95634

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 4aqPcjtMooJVBWy.fOyCkQ1.iuBAj8P7
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: F0Z0WBF803ZAV61S
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 670
x-amz-id-2: uIF64Uv1+w2DEN+WweOJXDacYQPHwXxUpPUCHofqrAi2/cE6u9LoyqHO0V12u/J1P1+O/OAC+Cg=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Jun 2022 14:26:51 GMT
date: Mon, 18 Jul 2022 21:24:23 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=900
etag: "eb5cde45dec27c61fcd1251dc7f35386"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wmjQuery1715.js Show response
cdn.walkme.com/player/resources/ 94 KB
34 KB 14ms
13ms Script
application/javascript 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/resources/wmjQuery1715.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

56c3f4f36d43b9b4331e7e60daf59f0bf314e4e02907983f491bfb7fd205425a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: CI10JaCmn6A7.08RaKtVaHXGG_kcrG0S
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 00Q20D88TJH34KGT
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 33807
x-amz-id-2: hhQw94JaMviaXE7gb3EXuEh+u88vy11UM03a/FPg0L5T/yhtywKwR7Jy5xp5ffR+NLvgK9n0xXo=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 31 Aug 2017 15:41:38 GMT
date: Mon, 18 Jul 2022 21:24:23 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=19537387
etag: "6d1f86e0ece9e839680bb3518c93f700"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 prelib-plugin-dc906cb5-b820-35b9-b694-f43da09f5cd8.js Show response
cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/scripts/ 101 KB
30 KB 15ms
14ms Script
application/x-javascript 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/scripts/prelib-plugin-dc906cb5-b820-35b9-b694-f43da09f5cd8.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

644ba885d4d8418e6fe7ce997c71fc8183b454c1326060f6d260dcafc518be75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 3NXOBDVQq1VsyqbrYOLgNFK3K1TnmjVb
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: AKNJ116A0E7VEHSB
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 30047
x-amz-id-2: xIKb+K6T+jvH8Mcl+sMABSfFvmsFec7Qa6xu486TAQQJIfQIGpCMoBiiI+B5o3huNiYiJqeZSwQ=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Dec 2021 14:29:46 GMT
date: Mon, 18 Jul 2022 21:24:23 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/x-javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=30377951
etag: "3f7b8857e80adfb51fd609bf5a6b61c0"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 walkme_lib_20220529-160618-3129feea.br.js Show response
cdn.walkme.com/player/lib/ 2 MB
348 KB 27ms
25ms Script
application/javascript 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/walkme_lib_20220529-160618-3129feea.br.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

2788577a21767ec3f71a7e88f65e65e70774e1b34a69f0647a2cff27f6d7c0ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: YTxQx268gco0k7s0WEkd5hkt9x8azwJd
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: NDX31577YG91YZEQ
x-amz-server-side-encryption: AES256
x-amz-replication-status: FAILED
content-length: 354682
x-amz-id-2: r3p1+pmHfWXF0FhtGCP+h0Fb4WUJwHexGse37YfJrg7mK5pfkbK8loK1H6uUMNqwm69O7wOLe7I=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 May 2022 09:29:14 GMT
date: Mon, 18 Jul 2022 21:24:23 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=27281713
etag: "4cd7ce4bd71259c609293fe63d2a3723"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 walkme_config_d1fa165a044b4c89992bfb82045b8a30.js Show response
cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/ 3 KB
2 KB 28ms
27ms Script
application/javascript 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/walkme_config_d1fa165a044b4c89992bfb82045b8a30.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

29d2d816cf4cf44e3173862b47ad4593baf8b5a6ca761af2dad3af87085e0d8f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: vR5L1CIsWTbxZ6bAi_KgDmUtnLopIN8G
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: NM9E4FSNJFY5M465
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 1634
x-amz-id-2: tO238a0j2QVcxgJvMWIn6Ag2HRR8hscRXAPd+7W5yzVJSlO4ITazG4XsCN9Lm2zQhcwC94lTB00=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Jan 2022 05:24:37 GMT
date: Mon, 18 Jul 2022 21:24:23 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=29839627
etag: "19dd6d5e585b2816d89d2ecc5a75f41b"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
60 KB 44ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KZ35FRN

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1871114ada5249e23008db3777b9d30d1d02e24add7a6f56540a55cc9718645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:24:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60664
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Jul 2022 21:24:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1344
date: Mon, 18 Jul 2022 21:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 18 Jul 2022 23:02:00 GMT

GET
H2 200 9179.1fc47925.chunk.js Show response
customer.rubicon.com/static/js/ 25 KB
26 KB 419ms
419ms Script
application/javascript 13.225.78.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.rubicon.com/static/js/9179.1fc47925.chunk.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-67.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ce2d09b68d2173b39835864700ab3eb464dcac96b02c6e3d469b8b6a62aee7c2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 18 Jul 2022 21:24:25 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
last-modified: Sat, 09 Jul 2022 02:01:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "ce879eae1ecb3accafd72c82c3038de7"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
x-amz-version-id: eanaT0W6ufob06HfWTTJsz3XHQUYqka2
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: application/javascript
content-length: 25664
x-amz-cf-id: 8SqIvxHJZQg4WYsbYaePSBcsFC9n75LG2xqilQPDldZNDsEZc4U8NQ==

GET
H2 200 1887.f3061a49.chunk.js Show response
customer.rubicon.com/static/js/ 12 KB
12 KB 138ms
138ms Script
application/javascript 13.225.78.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.rubicon.com/static/js/1887.f3061a49.chunk.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-67.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7d64fccb64ce80c1acc42cf1edf2a8f1a55b2aec2c5b2bbead2f2f0c21513325

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 18 Jul 2022 21:24:25 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
last-modified: Sat, 09 Jul 2022 02:01:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "fe8d81836f935c03c0b448fa676ff781"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
x-amz-version-id: 3s7JGEGmA9zwNdZNAdqUYBTT32eLQtxG
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: application/javascript
content-length: 12085
x-amz-cf-id: D7rz0nguUT-Mju5XyuRSyOAWcoOP0-RqzRWBnXn-dsSzuKag_up-Ug==

GET
H2 200 1285.b7b23fff.chunk.js Show response
customer.rubicon.com/static/js/ 2 KB
3 KB 116ms
116ms Script
application/javascript 13.225.78.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.rubicon.com/static/js/1285.b7b23fff.chunk.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-67.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b46d698585a66fffc0d26f29f0d07a1b959cfcaaf4abb4537edfa05847f580b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 18 Jul 2022 21:24:25 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
last-modified: Sat, 09 Jul 2022 02:01:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "1870388d43c764ebeed0358c13a12363"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
x-amz-version-id: 44feN6W.04oJKkYQ2Qcl1cwBxEBDtF.t
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: application/javascript
content-length: 2169
x-amz-cf-id: RrlJMRpdDi13LsiWV0fuQ6Inoq1h_Ok09wchRjQK8jZUPkwQaJjmXA==

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 243 KB
62 KB 38ms
8ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2e5d00654fd14274c2ceb755126b51557c95846eeebb0931b0ed41167f95b5bb

Request headers

Referer: https://customer.rubicon.com/
Origin: https://customer.rubicon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:15:10 GMT
content-encoding: br
age: 554
x-guploader-uploadid: ADPycduDwRAXSzsoOlvUyIAF19_XAWHBSKILj3XkEbYJM6cyAcODIm7sOlYXcga9gUemv0kLu9YLy5bkdyck-UtcO7qZ-A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62394
last-modified: Fri, 15 Jul 2022 14:11:44 GMT
server: UploadServer
etag: "e43931d231585d2c3bc5fd1ca844a6b9"
vary: Accept-Encoding
x-goog-hash: crc32c=QJ1U2Q==, md5=5Dkx0jFYXSw7xf0cqESmuQ==
x-goog-generation: 1657894304906053
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 62394
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 18 Jul 2022 22:15:10 GMT

GET
DATA 200
OK truncated
/ 260 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 180f91e790f1a24df94c2c184322ea9b58bd44440bf4862aab13209b931bd370

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 insights_configuration_321a2fd697be4cf392d7e195008d0f05.json Show response
cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/external-data/insights-configuration/ 198 B
708 B 44ms
21ms XHR
application/octet-stream 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/external-data/insights-configuration/insights_configuration_321a2fd697be4cf392d7e195008d0f05.json

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

813c78ef225399d7fa325782df5f750e1e55cca515f9b2fa84b53c2652d9e0b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://customer.rubicon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: ntQJhhOW8utmbV9r4ZQizWq_A0NvFpRS
x-content-type-options: nosniff
x-amz-request-id: H8N57NESND09QW1G
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
content-length: 198
x-amz-id-2: AVq5BpGlhXIaAn/VUEaSZq11hvW6492G7YGRRkrYZGFlN7kxL6NJQBG8LJyDOiC1kXRrVqMx2Ow=
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 01 Aug 2021 15:11:04 GMT
date: Mon, 18 Jul 2022 21:24:24 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/octet-stream
access-control-allow-origin: *
x-xss-protection: 1; mode=block
etag: "411bacccf4826b2b32552aec2276b280"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Montserrat-Medium.d42dad28f6470e5162c2.woff
customer.rubicon.com/static/media/ 135 KB
136 KB 117ms
117ms Font
application/font-woff 13.225.78.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.rubicon.com/static/media/Montserrat-Medium.d42dad28f6470e5162c2.woff

Requested by

Host: customer.rubicon.com
URL: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-67.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f16f0ba0ff026f770fe84e32a59c045ec0fdd183d827ac3d854a3578c3b4ff13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93
Origin: https://customer.rubicon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 18 Jul 2022 21:24:25 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
last-modified: Sat, 09 Jul 2022 02:01:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "d194e50992ca40d4752c6649f8684575"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
x-amz-version-id: sHhHCe0cjmjm.tgx1eHM46XTspqlizt1
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: application/font-woff
content-length: 138516
x-amz-cf-id: ni9CNpQAucHD6YHqOtGMtvjHOPVFpCVM1HKU2aC-x-9JPtF0G_vRjA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
150 B 14ms
13ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1188557721&t=pageview&_s=1&dl=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Femail%3Djleek%40ochsner.org%26key%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93&ul=en-us&de=UTF-8&dt=Rubicon%20Customer%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1281962434&gjid=417560613&cid=1839189806.1658179465&tid=UA-45333213-2&_gid=1743809232.1658179465&_r=1&_slc=1&z=936287487

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://customer.rubicon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 21:24:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://customer.rubicon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
6ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1188557721&t=pageview&_s=2&dl=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Femail%3Djleek%40ochsner.org%26key%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93&ul=en-us&de=UTF-8&dt=Rubicon%20Customer%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1839189806.1658179465&tid=UA-45333213-2&_gid=1743809232.1658179465&z=1467556608

Requested by

Host: customer.rubicon.com
URL: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 13:21:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28993
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 4 KB
1 KB 423ms
402ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e1ad9e8a80b7bc54c303647d6db4d3b15ad83e7e2064d6f6a9ff532b1ab88e56

Request headers

Referer: https://customer.rubicon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Jul 2022 21:24:25 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://customer.rubicon.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1322
via: 1.1 google

GET
H2 200 cdHiddenIframeScript.js Show response
cdn.walkme.com/player/lib/20220529-160618-3129feea.br/resources/CD/ Frame D99D 244 B
634 B 8ms
8ms Script
application/javascript 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/20220529-160618-3129feea.br/resources/CD/cdHiddenIframeScript.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20220529-160618-3129feea.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

ddab192869f16ddcfbcbb9ed4372c4c1f5dc4ed47a1045287ac15699b33c1213

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: irwBtZxOTof8xL0b0sd6hB5R2wgeiL0p
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: 9JZ74JYXMYH9WRQ5
x-amz-server-side-encryption: AES256
x-amz-replication-status: FAILED
content-length: 108
x-amz-id-2: DbQQuNBl1wJ/7RLWQ53S32J1q1KiiA+DDErdgqlD9f6OneF5p1yEKr/lgCJAlmRQqcdAO80NsUQ=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 May 2022 09:29:05 GMT
date: Mon, 18 Jul 2022 21:24:24 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=30290635
etag: "64bad8dece3937c7177b75099c2b8972"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45333213-2&cid=1839189806.1658179465&jid=1281962434&gjid=417560613&_gid=1743809232.1658179465&_u=IEBAAEAAAAAAAC~&z=995723099

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://customer.rubicon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 Jul 2022 21:24:24 GMT
content-type: text/plain
access-control-allow-origin: https://customer.rubicon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 64ms
30ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 21:24:24 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 46ms
14ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:24:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=72571
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 56ms
38ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 91CDFB6D74C94E0D81B19134F524D43A Ref B: FRAEDGE1411 Ref C: 2022-07-18T21:24:24Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 18 Jul 2022 21:24:24 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: IsIRBRTyu7yAAShG7HqNWdu11gdiudY3tIs9lF9kR/Y4MHIMVrNoni/GzPLpo+o1xofaZjoQjvVR5e0sZsr74g==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 18 Jul 2022 21:24:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 CDhiddenIframe.compress.html Show response
cdn.walkme.com/player/lib/20220529-160618-3129feea.br/resources/CD/ Frame F7A7 19 KB
6 KB 9ms
8ms Document
text/html 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/20220529-160618-3129feea.br/resources/CD/CDhiddenIframe.compress.html

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20220529-160618-3129feea.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

43a6a1d1ca70af89a827ed62ac695942f31c34ec0f75e1680dab5ef304f345a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29699518
content-encoding: br
content-length: 5342
content-security-policy: upgrade-insecure-requests;
content-type: text/html
date: Mon, 18 Jul 2022 21:24:24 GMT
etag: "4c67932d6da890d3292becb036116251"
last-modified: Mon, 30 May 2022 09:29:05 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-id-2: 449xY9zOVFTRAI66AhKRhSHbPE+x43Y3d6Fg5jdOPie0tEXzq+tcHrRtoVn+d8ukxSw9Dof3/d8=
x-amz-replication-status: FAILED
x-amz-request-id: 6XP0H2J9GK9WVX8M
x-amz-server-side-encryption: AES256
x-amz-version-id: vJUAONVEVDoGV63FuGYJema5bZmmFt1x
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 183910922006132 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 58ms
48ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/183910922006132?v=2.9.65&r=stable

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11deb66bd5df47adf6df9cc6fd26a6095e96504df28e515c1b99e4be8626656d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: rxkxCdJeu/Tgr/gexCYj6gSdwL4exvdsMl8z94dzrfag5uc/pqCwFQMIMqUuiggLHgMv9HNvtr7fPer06oFzDQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 18 Jul 2022 21:24:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658179464883
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 55ms
32ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45333213-2&cid=1839189806.1658179465&jid=1281962434&_u=IEBAAEAAAAAAAC~&z=1153630469

Requested by

Host: customer.rubicon.com
URL: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 21:24:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 57ms
34ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45333213-2&cid=1839189806.1658179465&jid=1281962434&_u=IEBAAEAAAAAAAC~&z=1153630469

Requested by

Host: customer.rubicon.com
URL: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 21:24:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=410980&time=1658179464861&url=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Fkey%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D410980%26time%3D1658179464861%26url%3Dhttps%253A%252F%252Fcustomer.rubicon.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=410980&time=1658179464861&url=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Fkey%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=410980&time=1658179464861&url=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Fkey%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FD...

0
265 B

140ms
117ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=410980&time=1658179464861&url=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Fkey%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93%26email%3Djleek%40ochsner.org&liSync=true&e_ipv6=AQJKh5V65j9Q-wAAAYITMq_PqT87NPkUBMGirl47HNmH3XkClGk9XgXKCUcbLvC59j13T6A
Requested by: Host: customer.rubicon.com
URL: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:24:24 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: BFEA3FBCBF904497BAD77CFA70270038 Ref B: FRAEDGE1221 Ref C: 2022-07-18T21:24:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkGv4A+Nnj5vB6/s5Kig==
x-li-fabric: prod-lva1

Redirect headers

date: Mon, 18 Jul 2022 21:24:25 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9EA013317B384FEDB97D34A1179520A9 Ref B: FRAEDGE1217 Ref C: 2022-07-18T21:24:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=410980&time=1658179464861&url=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Fkey%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93%26email%3Djleek%40ochsner.org&liSync=true&e_ipv6=AQJKh5V65j9Q-wAAAYITMq_PqT87NPkUBMGirl47HNmH3XkClGk9XgXKCUcbLvC59j13T6A
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkGv3+gyt+wYam8B6rTw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/863473017/ 2 KB
2 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863473017/?random=1658179464863&cv=9&fst=1658179464863&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Femail%3Djleek%40ochsner.org%26key%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93&tiba=Rubicon%20Customer%20Portal&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96feaefed3154757296c1eff07fb0c63655455b90a14c9fcb18cffa324d282c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 21:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1110
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 custom_css_a71a0daf39184ce79761cc559cdbaa99.css
cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/ 4 KB
1 KB 131ms
131ms Stylesheet
text/css 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/custom_css_a71a0daf39184ce79761cc559cdbaa99.css

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

fbc1dc3dd49f5644d30ee4307cc63dd7e9e9ef7bfae77a4b492c091ed68bcaf5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customer.rubicon.com/
Origin: https://customer.rubicon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 8LIsnEDHfuxnkjYJteURfm0Ojo7J.a.Q
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: RV1BR6HP4XFXF7SP
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-length: 659
x-amz-id-2: uFzndT7SxoYWfkXzie0Pww2i/XeCkRFtopxsPYagEP1dsMBTTvMThOAmAX5cYYv9mnA4nGtdhdQ=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Jun 2022 14:26:49 GMT
date: Mon, 18 Jul 2022 21:24:24 GMT
strict-transport-security: max-age=31536000;includeSubdomains
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31535950
etag: "a636b5e739c8ed6c96f206e472385aac"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 data_a71a0daf39184ce79761cc559cdbaa99.br.json Show response
cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/ 117 KB
17 KB 134ms
134ms Fetch
application/json 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/5b990973de1b4cb8a930717f4f28e9ae/data_a71a0daf39184ce79761cc559cdbaa99.br.json

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20220529-160618-3129feea.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef1a0c7273535df09a4ec1883a4a6e84435981ee410babfb0d51f5cb41ea8b0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: BsUvFIzXGqY0Qq2lIbEphzk6x3RrZoUJ
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: RV14CQXA5H6PAZZA
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-length: 16776
x-amz-id-2: u8Yj+3bLn5m7WBdjmnoQIKL99VOfOZFHppda+P45PC5KIdEvMZfesRzXdEAsWzRGPEX3Ayl3CUA=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Jun 2022 14:26:51 GMT
date: Mon, 18 Jul 2022 21:24:24 GMT
strict-transport-security: max-age=31536000;includeSubdomains
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31535998
etag: "0aad6d814363f18860347bb88363b76f"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5601103.js Show response
bat.bing.com/p/action/ 827 B
747 B 182ms
182ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5601103.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5bd3f14beab5921640f07a9409f8935488c3ea579b9b92eaaaba01ed28da56d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 36062E2AB37F4BFE8D9752948194DB0B Ref B: FRAEDGE1411 Ref C: 2022-07-18T21:24:24Z
date: Mon, 18 Jul 2022 21:24:24 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 571

GET
H2 204 0
bat.bing.com/action/ 0
175 B 36ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5601103&tm=gtm002&Ver=2&mid=47fcc5ce-17b0-4b62-9ed1-aa2c6284c627&sid=ff47a55006df11eda631d7a687fcd9d3&vid=ff47e8f006df11ed9a1c01fc8948cd6e&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Rubicon%20Customer%20Portal&p=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Femail%3Djleek%40ochsner.org%26key%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93&r=&lt=2015&evt=pageLoad&msclkid=N&sv=1&rn=897625

Requested by

Host: customer.rubicon.com
URL: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9E0B3DB82BC241F8943660E8F3B9D8BE Ref B: FRAEDGE1411 Ref C: 2022-07-18T21:24:24Z
date: Mon, 18 Jul 2022 21:24:24 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/863473017/ 42 B
64 B 39ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/863473017/?random=1658179464863&cv=9&fst=1658178000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7d0&sendb=1&frm=0&url=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Femail%3Djleek%40ochsner.org%26key%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93&tiba=Rubicon%20Customer%20Portal&async=1&fmt=3&is_vtc=1&random=955455981&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: customer.rubicon.com
URL: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 21:24:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/863473017/ 42 B
64 B 39ms
19ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/863473017/?random=1658179464863&cv=9&fst=1658178000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7d0&sendb=1&frm=0&url=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Femail%3Djleek%40ochsner.org%26key%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93&tiba=Rubicon%20Customer%20Portal&async=1&fmt=3&is_vtc=1&random=955455981&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: customer.rubicon.com
URL: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 21:24:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 24ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=183910922006132&ev=PageView&dl=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Femail%3Djleek%40ochsner.org%26key%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93&rl=&if=false&ts=1658179464939&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658179464938.350417166&it=1658179464832&coo=false&exp=u0&rqm=GET

Requested by

Host: customer.rubicon.com
URL: https://customer.rubicon.com/account/setpassword?email=jleek@ochsner.org&key=DD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:24:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 18 Jul 2022 21:24:24 GMT

GET
H2 200 27.caba1161.walkme_lib.js Show response
cdn.walkme.com/player/lib/20220529-160618-3129feea.br/ 106 KB
28 KB 18ms
18ms Script
application/javascript 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/20220529-160618-3129feea.br/27.caba1161.walkme_lib.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

896ecaefe575243ae7bea32f07cca25ed7a463fae6285a6d55870768bb3854a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: mJXnYeh_xWB9Iu3lOg3TEO6AunlgJ._7
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: FT2J95ACVZTDE01P
x-amz-server-side-encryption: AES256
x-amz-replication-status: FAILED
content-length: 28325
x-amz-id-2: CcWsVUonGXioZk8cQvloLauInW49t0bbJVBc0CfrP8JhIEjuCxhZq7uIFgR4KDQu/dnc3Vi9bnI=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 May 2022 09:29:04 GMT
date: Mon, 18 Jul 2022 21:24:25 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=27284278
etag: "1d1d69339dd5c95823c185b18def6548"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 22.e45cb38b.walkme_lib.js Show response
cdn.walkme.com/player/lib/20220529-160618-3129feea.br/ 24 KB
8 KB 19ms
19ms Script
application/javascript 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/20220529-160618-3129feea.br/22.e45cb38b.walkme_lib.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

f45b6624df6fcc7d93c61e1163b779579d74688ca17228aae8b9e0b79c6de34c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: CT42v_DXVBmhS8EL4YMQ0rIsXWkybmaB
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: FT2TFY56TZVPE5M8
x-amz-server-side-encryption: AES256
x-amz-replication-status: FAILED
content-length: 7553
x-amz-id-2: UrPQphe90Fv3sWtt1aR2uR3ih+rHz8IdFOJDRc1aM5z9h7s7bVtEZSCuvB7pqcbqrkRgb8t29WM=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 May 2022 09:29:04 GMT
date: Mon, 18 Jul 2022 21:24:25 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=27284354
etag: "34e63c69161d419b521729f9ed4dad3c"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5601103 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 143ms
107ms Script
application/x-javascript 2620:1ec:27::cafe:1501
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5601103
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1501 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 13c72f753d2b862f9fee98ffc6757057029835f85c160442ed0b2bbdba85cc1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:24:25 GMT
x-powered-by: ASP.NET
x-azure-ref: 0ic/VYgAAAACVNswne4BGS4JSjQl7/0D3QlJVMzBFREdFMDQyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
content-length: 1540
expires: -1

POST
H2 200 register Show response
customer-api.prod.aws.rubicon.com/account/validate/ 47 B
159 B 167ms
167ms XHR
application/json 3.92.104.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-api.prod.aws.rubicon.com/account/validate/register
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.104.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-104-92.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: bd1ad2118fd7aca596a1a7c30d69cc8cddf6d591362300157a6d0efae321ad58

Request headers

Accept: application/json, text/plain, */*
Pragma: no-cache
Referer: https://customer.rubicon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
ocp-apim-subscription-key: D050FF63-35B5-43AA-87FB-80C2D22952CC
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 18 Jul 2022 21:24:25 GMT
server: Kestrel
content-type: application/json; charset=utf-8

OPTIONS
H2 204 register
customer-api.prod.aws.rubicon.com/account/validate/ Frame 0
0 504ms
98ms Preflight 3.92.104.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-api.prod.aws.rubicon.com/account/validate/register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.104.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-104-92.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ocp-apim-subscription-key,pragma
Access-Control-Request-Method: POST
Origin: https://customer.rubicon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type,ocp-apim-subscription-key,pragma
access-control-allow-methods: POST
access-control-allow-origin: *
date: Mon, 18 Jul 2022 21:24:25 GMT
server: Kestrel

GET
H2 200 42.e47b954a.walkme_lib.js Show response
cdn.walkme.com/player/lib/20220529-160618-3129feea.br/ 25 KB
13 KB 134ms
133ms Script
application/javascript 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/20220529-160618-3129feea.br/42.e47b954a.walkme_lib.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

711f1ad90f2893fe7fecd7f8eb9ba946d6d134efa15e3d69d718a739017797b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: zBFu4Lpte2TJVUT7Ic1jZlBM.YgoExa.
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: WZ9EWKTCVG19H2WJ
x-amz-server-side-encryption: AES256
x-amz-replication-status: FAILED
content-length: 12258
x-amz-id-2: wcpTDfr2TnRKPir1DOtB9sO/pmV+iDlKogAeVoPeS/Bpb753RRp0ermUkFGCYVNH73HMngwxmBU=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 May 2022 09:29:04 GMT
date: Mon, 18 Jul 2022 21:24:25 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31531593
etag: "f6d00c88add150c722ab1c08cb199903"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06d88c8f877ed3e741375b843ca1c0714ae22d12367824341c587bc831973019

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 403 /
edge.fullstory.com/ Frame D99D 0
0 154ms
138ms Script
application/xml 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer
Origin: https://customer.rubicon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:24:25 GMT
server: UploadServer
x-guploader-uploadid: ADPycdvTJWK9hTAllO9UB6icD1GFLkbwEz-fsKr_C24tR5xbrG4sUfZW6UMgzqsESrFW2r_kctP5hUjIkEElkCiRsW_Enw
content-type: application/xml; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
expires: Mon, 18 Jul 2022 21:24:25 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.36/ 52 KB
23 KB 102ms
102ms Script
application/javascript 2620:1ec:27::cafe:1501
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.36/clarity.js
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1501 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:24:25 GMT
content-encoding: br
etag: "1d897c159e34826"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0ic/VYgAAAADDHVKUsGkASJXDmD9nSLYLQlJVMzBFREdFMDQyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 notosans.js Show response
cdn.walkme.com/player/resources/fonts/ 28 KB
22 KB 128ms
128ms Script
application/javascript 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/resources/fonts/notosans.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

04492dc91f7b11414946c67dda4b85fba53e4ad6e76237095b73b30d1c6bbe5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: WjEbTtapEYtXvse9Ooq2w1BlT1_OhZB3
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: DCD81F9AF4ACC276
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 21880
x-amz-id-2: YpzIYQJ8dNMoYdBEu8+7BdSANgkoV04p3xgTwei6aZWuPBeWYZ8fkQtQ9trmnn5fBRdyz5i5EHM=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Jun 2019 21:50:11 GMT
date: Mon, 18 Jul 2022 21:24:25 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=14400
etag: "7e9b968dcc783627e445ad04f4dab310"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 162ms
147ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=WBE03&UserId=5486181245325312&SessionId=6553561769775104&PageId=5473792630263808&Seq=1&PageStart=1658179464875&PrevBundleTime=0&LastActivity=2&IsNewSession=true
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: b62435e18ed6deeedebf9f3b5505e9bb2831bd8c1cf4e2b85674943a3d0b5dd3

Request headers

Referer: https://customer.rubicon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://customer.rubicon.com
date: Mon, 18 Jul 2022 21:24:25 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5e5e786bf2dc2eb381b6335af66836d8a3eb0373af71ff8984ebe5b092d086c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 11ms
11ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id: TY9RG5VKH782WGZ9
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: AjOilQpsH03raM+ybc0riKs/5PveAHsRVN+neWBgktL30OlDlBTj0J8OQ1iktggXGTeCBdVdI6W2+Ex1+/u8ww==
x-served-by: cache-hhn4028-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1658179465.412709,VS0,VE0
date: Mon, 18 Jul 2022 21:24:25 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3382

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=6439FFBA389140F9AAB06C5C21DEEF6F&RedC=c.clarity.ms&MXFR=36BD26B0BB7B622A36CB3755BF7B6C23
https://c.clarity.ms/c.gif?CtsSyncId=6439FFBA389140F9AAB06C5C21DEEF6F&MUID=1950F6C5A304670F1081E720A26F6671

42 B
367 B

30ms
30ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=6439FFBA389140F9AAB06C5C21DEEF6F&MUID=1950F6C5A304670F1081E720A26F6671
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 21:24:25 GMT
last-modified: Wed, 13 Jul 2022 17:48:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "96611cd5e096d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 21:24:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D40023E654E048CCBEB9E31C674293BB Ref B: FRAEDGE1411 Ref C: 2022-07-18T21:24:25Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=6439FFBA389140F9AAB06C5C21DEEF6F&MUID=1950F6C5A304670F1081E720A26F6671
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 collect Show response
b.clarity.ms/ 0
178 B 411ms
194ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://customer.rubicon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://customer.rubicon.com
date: Mon, 18 Jul 2022 21:24:25 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H/1.1 200
OK 446113f3d5 Show response
bam.nr-data.net/1/ 49 B
711 B 275ms
245ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/446113f3d5?a=877590500&v=1216.487a282&t=Unnamed%20Transaction&rst=3013&ck=1&ref=https://customer.rubicon.com/account/setpassword&be=1279&fe=2925&dc=2012&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1658179462486,%22n%22:0,%22f%22:248,%22dn%22:250,%22dne%22:365,%22c%22:365,%22s%22:372,%22ce%22:389,%22rq%22:389,%22rp%22:913,%22rpe%22:915,%22dl%22:922,%22di%22:1306,%22ds%22:2011,%22de%22:2015,%22dc%22:2924,%22l%22:2924,%22le%22:2925%7D,%22navigation%22:%7B%7D%7D&fp=2059&fcp=2059&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:24:25 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 72ce48bb8a50912e-FRA

POST
H2 200 postEvent Show response
ec.walkme.com/event/ 2 B
367 B 429ms
159ms XHR
text/html 35.244.138.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.walkme.com/event/postEvent

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.138.243 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

243.138.244.35.bc.googleusercontent.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://customer.rubicon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
referrer-policy: strict-origin
date: Mon, 18 Jul 2022 21:24:25 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK 446113f3d5 Show response
bam.nr-data.net/resources/1/ 36 B
521 B 247ms
247ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/446113f3d5?a=877590500&v=1216.487a282&t=Unnamed%20Transaction&rst=3290&ck=1&ref=https://customer.rubicon.com/account/setpassword&st=1658179462486
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b9cc162b9a2e7bd53fd0a3f5fc88e37636cdf5da60c15f64ae3af79c9ac985

Request headers

Referer: https://customer.rubicon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 18 Jul 2022 21:24:26 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://customer.rubicon.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 72ce48bd1d92912e-FRA
Content-Length: 36

POST
H/1.1 200
OK 446113f3d5 Show response
bam.nr-data.net/events/1/ 24 B
508 B 309ms
268ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/446113f3d5?a=877590500&v=1216.487a282&t=Unnamed%20Transaction&rst=3306&ck=1&ref=https://customer.rubicon.com/account/setpassword
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://customer.rubicon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 18 Jul 2022 21:24:26 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://customer.rubicon.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 72ce48bd9f5d0075-LHR
Content-Length: 24

GET
H2 200 4.32780796.walkme_lib.js Show response
cdn.walkme.com/player/lib/20220529-160618-3129feea.br/ 5 KB
2 KB 8ms
8ms Script
application/javascript 104.90.193.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/20220529-160618-3129feea.br/4.32780796.walkme_lib.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.193.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-193-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

386c4282102177ae714867081dbf5400d27fd65b054eaf2f0ebf158853c2274d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: KkO.z7LE22VRIGklSQEXdxSouUXqeawn
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: AXYHFP1G1RV9484K
x-amz-server-side-encryption: AES256
x-amz-replication-status: FAILED
content-length: 1591
x-amz-id-2: q++vreQ0v1bd1MPp8jmx5FCBZPo9SyVsPmfSQvfjNgJvCVwxlRRtjB+PLP0HflSQ3TFtXMCZcGw=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 May 2022 09:29:04 GMT
date: Mon, 18 Jul 2022 21:24:25 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=27339075
etag: "301982c3d9c5796745236b0f214328cc"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

POST
H3 200 postEvent Show response
ec.walkme.com/event/ 2 B
22 B 187ms
168ms XHR
text/html 35.244.138.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.walkme.com/event/postEvent

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.138.243 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

243.138.244.35.bc.googleusercontent.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://customer.rubicon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
referrer-policy: strict-origin
date: Mon, 18 Jul 2022 21:24:26 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
x-xss-protection: 1; mode=block

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 21ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=183910922006132&ev=Microdata&dl=https%3A%2F%2Fcustomer.rubicon.com%2Faccount%2Fsetpassword%3Femail%3Djleek%40ochsner.org%26key%3DDD06FEE6C404CA48687C4404F7DA8E31862E53DB3354D8FDA36694B50A76CE93&rl=&if=false&ts=1658179466448&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Rubicon%20Customer%20Portal%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658179464938.350417166&it=1658179464832&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer.rubicon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:24:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 18 Jul 2022 21:24:26 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 114ms
113ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-current.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://customer.rubicon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://customer.rubicon.com
date: Mon, 18 Jul 2022 21:24:26 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubicon.com/	1970-01-20 22:07:31	Name: _ga Value: GA1.2.1839189806.1658179465
.rubicon.com/	1970-01-20 04:37:45	Name: _gid Value: GA1.2.1743809232.1658179465
.rubicon.com/	1970-01-20 04:36:19	Name: _gat Value: 1
.rubicon.com/	1970-01-20 06:45:55	Name: _gcl_au Value: 1.1.1919798922.1658179465
.bing.com/	1970-01-20 13:57:55	Name: MUID Value: 1950F6C5A304670F1081E720A26F6671
.rubicon.com/	1970-01-20 04:37:45	Name: _uetsid Value: ff47a55006df11eda631d7a687fcd9d3
.rubicon.com/	1970-01-20 13:57:55	Name: _uetvid Value: ff47e8f006df11ed9a1c01fc8948cd6e
.doubleclick.net/	1970-01-20 04:36:20	Name: test_cookie Value: CheckForPermission
.rubicon.com/	1970-01-20 06:45:55	Name: _fbp Value: fb.1.1658179464938.350417166
.facebook.com/	1970-01-20 06:45:55	Name: fr Value: 0HfDEpbyevlCUH94J..Bi1c-I...1.0.Bi1c-I.
.linkedin.com/	1970-01-20 05:19:31	Name: UserMatchHistory Value: AQJR9BJPIm-YiAAAAYITMq7oAghZITiJeHXU4eRDgZaLgHmCPZib-vwrP1Bg3xWrdzPyg-e7lZYNCQ
.linkedin.com/	1970-01-20 05:19:31	Name: AnalyticsSyncHistory Value: AQLAz8rEDQAnsgAAAYITMq7olXT9K5-S5wGwccsw1_iVbagx3zM3Sc0GLJxsNeoS0Uej2_7Lj9D579tYJC3qsg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:08:13	Name: bcookie Value: "v=2&3c3fc5ad-5ac4-4794-8a24-bae6e28d0e03"
.linkedin.com/	1970-01-20 04:37:45	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2750:u=1:x=1:i=1658179464:t=1658265864:v=2:sig=AQHxme6dC_SaONyKOkgZTIZDxuGScyHJ"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 22:08:13	Name: bscookie Value: "v=1&20220718212425ae7aceed-ac6b-460f-8453-b263ead4fefcAQEDzVoeV04hng0EZ_LE2fAFnVmQWiiP"
.linkedin.com/	1970-01-20 22:05:26	Name: li_gc Value: MTswOzE2NTgxNzk0NjU7MjswMjE0aB79YcntRfguDa41dAklw8pUR9EyXdCan5gUUXcQfA==
www.clarity.ms/	1970-01-20 13:21:55	Name: CLID Value: 6cd2c17fae9a4d1d8215c92a08f183fb.20220718.20230718
.rubicon.com/	1970-01-20 13:21:55	Name: fs_uid Value: #WBE03#5486181245325312:6553561769775104:::#/1689715464
.rubicon.com/	1970-01-20 13:21:55	Name: _clck Value: 1pfwyo7\|1\|f39\|0
.c.bing.com/	1970-01-20 13:57:55	Name: SRM_B Value: 1950F6C5A304670F1081E720A26F6671
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:57:55	Name: MUID Value: 1950F6C5A304670F1081E720A26F6671
.c.clarity.ms/	1970-01-20 04:36:20	Name: ANONCHK Value: 0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 8e35f2b8afcbcd6c
.rubicon.com/	1970-01-20 04:37:45	Name: _clsk Value: 58d3yo\|1658179465903\|1\|1\|b.clarity.ms/collect

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://edge.fullstory.com/ Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.clarity.ms
bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn.walkme.com
connect.facebook.net
customer-api.prod.aws.rubicon.com
customer.rubicon.com
ec.walkme.com
edge.fullstory.com
googleads.g.doubleclick.net
js-agent.newrelic.com
px.ads.linkedin.com
px4.ads.linkedin.com
rs.fullstory.com
snap.licdn.com
stats.g.doubleclick.net
url3320.rubicon.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.90.193.42
13.107.42.14
13.225.78.67
142.250.181.226
151.101.194.137
162.247.241.14
167.89.123.54
20.234.93.27
20.75.32.255
2001:4860:4802:36::178
2620:1ec:21::14
2620:1ec:27::cafe:1501
2620:1ec:c11::200
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2008
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:400c:c08::9d
2a02:26f0:3500:16::215:149b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.92.104.92
35.186.194.58
35.201.112.186
35.244.138.243
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
04492dc91f7b11414946c67dda4b85fba53e4ad6e76237095b73b30d1c6bbe5d
04b9cc162b9a2e7bd53fd0a3f5fc88e37636cdf5da60c15f64ae3af79c9ac985
06d88c8f877ed3e741375b843ca1c0714ae22d12367824341c587bc831973019
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11deb66bd5df47adf6df9cc6fd26a6095e96504df28e515c1b99e4be8626656d
13c72f753d2b862f9fee98ffc6757057029835f85c160442ed0b2bbdba85cc1b
14ce1dd0c22d70417b2cb8cf11ab90f27b9c8ee45d76a6fe23a75cc70ff95634
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
180f91e790f1a24df94c2c184322ea9b58bd44440bf4862aab13209b931bd370
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2788577a21767ec3f71a7e88f65e65e70774e1b34a69f0647a2cff27f6d7c0ae
29d2d816cf4cf44e3173862b47ad4593baf8b5a6ca761af2dad3af87085e0d8f
2e5d00654fd14274c2ceb755126b51557c95846eeebb0931b0ed41167f95b5bb
31ceb90aca4e65ad1df5c511ed6f5e38aa2aef65b78472d2c5e39689e2d44f0e
386c4282102177ae714867081dbf5400d27fd65b054eaf2f0ebf158853c2274d
43a6a1d1ca70af89a827ed62ac695942f31c34ec0f75e1680dab5ef304f345a2
498a836549b8285bf0db2dfecbc189b6c5e64f2beab3782640d6c0debc3c555c
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
56c3f4f36d43b9b4331e7e60daf59f0bf314e4e02907983f491bfb7fd205425a
5bd3f14beab5921640f07a9409f8935488c3ea579b9b92eaaaba01ed28da56d0
644ba885d4d8418e6fe7ce997c71fc8183b454c1326060f6d260dcafc518be75
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
711f1ad90f2893fe7fecd7f8eb9ba946d6d134efa15e3d69d718a739017797b7
7d64fccb64ce80c1acc42cf1edf2a8f1a55b2aec2c5b2bbead2f2f0c21513325
813c78ef225399d7fa325782df5f750e1e55cca515f9b2fa84b53c2652d9e0b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
896ecaefe575243ae7bea32f07cca25ed7a463fae6285a6d55870768bb3854a7
96feaefed3154757296c1eff07fb0c63655455b90a14c9fcb18cffa324d282c7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5e5e786bf2dc2eb381b6335af66836d8a3eb0373af71ff8984ebe5b092d086c
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b46d698585a66fffc0d26f29f0d07a1b959cfcaaf4abb4537edfa05847f580b1
b62435e18ed6deeedebf9f3b5505e9bb2831bd8c1cf4e2b85674943a3d0b5dd3
bd1ad2118fd7aca596a1a7c30d69cc8cddf6d591362300157a6d0efae321ad58
bef1a0c7273535df09a4ec1883a4a6e84435981ee410babfb0d51f5cb41ea8b0
c33fff4df5cd458069f647ed3d426c096bd5423784798fdf8be7cd79fa52f16a
ce2d09b68d2173b39835864700ab3eb464dcac96b02c6e3d469b8b6a62aee7c2
ddab192869f16ddcfbcbb9ed4372c4c1f5dc4ed47a1045287ac15699b33c1213
e1871114ada5249e23008db3777b9d30d1d02e24add7a6f56540a55cc9718645
e1ad9e8a80b7bc54c303647d6db4d3b15ad83e7e2064d6f6a9ff532b1ab88e56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16f0ba0ff026f770fe84e32a59c045ec0fdd183d827ac3d854a3578c3b4ff13
f1870077024b302a88c92a82484018be03ce9c8ccb9d263daa451842023fb5c4
f45b6624df6fcc7d93c61e1163b779579d74688ca17228aae8b9e0b79c6de34c
fbc1dc3dd49f5644d30ee4307cc63dd7e9e9ef7bfae77a4b492c091ed68bcaf5
fecf5721c2255333c9e30ea1cf051985bac9c14d1c7f152f923bdeb00d501e04

customer.rubicon.com Open in urlscan Pro 13.225.78.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

97 %HTTPS

48 %IPv6

17 Domains

27 Subdomains

24 IPs

4 Countries

2749 kBTransfer

5043 kBSize

27 Cookies

0 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

customer.rubicon.com Open in urlscan Pro
13.225.78.67 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

97 %
HTTPS

48 %
IPv6

17
Domains

27
Subdomains

24
IPs

4
Countries

2749 kB
Transfer

5043 kB
Size

27
Cookies

61 HTTP transactions
3 data transactions