go.concur.com Open in urlscan Pro
184.85.204.146 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
Submission: On April 14 via api (April 14th 2022, 12:00:19 pm UTC) from CA — Scanned from CA

Summary HTTP 90 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 34 IPs in 2 countries across 41 domains to perform 90 HTTP transactions. The main IP is 184.85.204.146, located in Piscataway, United States and belongs to AKAMAI-AS, US. The main domain is go.concur.com. The Cisco Umbrella rank of the primary domain is 663540.
TLS certificate: Issued by GeoTrust RSA CA 2018 on November 12th 2021. Valid for: a year.

This is the only time go.concur.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	184.85.204.146 184.85.204.146	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	184.85.206.51 184.85.206.51	16625 (AKAMAI-AS) (AKAMAI-AS)
11	23.198.216.246 23.198.216.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1 12	54.68.131.247 54.68.131.247	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20e... 2600:9000:20e2:2e00:a:6e64:b280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.86.231.106 99.86.231.106	16509 (AMAZON-02) (AMAZON-02)
1	99.84.111.79 99.84.111.79	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	146.75.36.157 146.75.36.157	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
2	54.192.192.30 54.192.192.30	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
3	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	99.86.231.20 99.86.231.20	16509 (AMAZON-02) (AMAZON-02)
2 2	54.236.195.76 54.236.195.76	14618 (AMAZON-AES) (AMAZON-AES)
2 4	99.84.221.5 99.84.221.5	16509 (AMAZON-02) (AMAZON-02)
3 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	52.206.5.208 52.206.5.208	14618 (AMAZON-AES) (AMAZON-AES)
2	54.212.155.93 54.212.155.93	16509 (AMAZON-02) (AMAZON-02)
1 1	50.16.69.23 50.16.69.23	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:809::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:20e... 2600:9000:20e2:5600:1a:609a:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
1	34.231.251.31 34.231.251.31	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 1	54.237.219.153 54.237.219.153	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.6.248.150 52.6.248.150	14618 (AMAZON-AES) (AMAZON-AES)
8 8	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	23.52.162.21 23.52.162.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	68.67.160.184 68.67.160.184	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	192.35.249.127 192.35.249.127	11742 (SPOTX-IAD) (SPOTX-IAD)
90	34

20 184.85.204.146 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-85-204-146.deploy.static.akamaitechnologies.com

go.concur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.85.206.51 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-85-206-51.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.198.216.246 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-216-246.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

013-gax-394.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.68.131.247 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-131-247.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20e2:2e00:a:6e64:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.schemaapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.231.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-231-106.iad79.r.cloudfront.net

consent.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.111.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-111-79.iad79.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.192.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-192-30.iad50.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.231.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-231-20.iad79.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.236.195.76 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-195-76.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.221.5 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-221-5.iad79.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.5.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-5-208.compute-1.amazonaws.com

concur.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.212.155.93 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-212-155-93.us-west-2.compute.amazonaws.com

concurtechnologies.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.69.23 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-69-23.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e2:5600:1a:609a:6780:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.234.236 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.251.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-251-31.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8eee:: (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.237.219.153 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-219-153.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.248.150 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-248-150.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.130.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.162.21 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.184 (Brooklyn, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.127 (Ashburn, United States) 1 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	concur.com go.concur.com — Cisco Umbrella Rank: 663540	772 KB
13	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 216 concur.demdex.net — Cisco Umbrella Rank: 139154	17 KB
11	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 980	107 KB
9	everesttech.net 9 redirects cm.everesttech.net — Cisco Umbrella Rank: 1009 sync-tm.everesttech.net — Cisco Umbrella Rank: 576	2 KB
5	company-target.com 2 redirects api.company-target.com — Cisco Umbrella Rank: 3368 segments.company-target.com — Cisco Umbrella Rank: 1273	3 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	3 KB
3	rlcdn.com 3 redirects id.rlcdn.com — Cisco Umbrella Rank: 601 idsync.rlcdn.com — Cisco Umbrella Rank: 327	802 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	570 B
3	schemaapp.com cdn.schemaapp.com — Cisco Umbrella Rank: 11166	10 KB
3	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3622	7 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 238	13 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 531	1 KB
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 411	381 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 248	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 662	875 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 355	936 B
2	google.ca www.google.ca — Cisco Umbrella Rank: 8069	656 B
2	google.com www.google.com — Cisco Umbrella Rank: 4	656 B
2	omtrdc.net concurtechnologies.sc.omtrdc.net — Cisco Umbrella Rank: 129612	4 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 503	1019 B
2	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 3092	24 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	114 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 647	96 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 282	41 KB
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 898	547 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 350	755 B
1	clickagy.com 1 redirects aorta.clickagy.com — Cisco Umbrella Rank: 2202	664 B
1	pro-market.net 1 redirects fei.pro-market.net — Cisco Umbrella Rank: 2745	305 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 960	83 B
1	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1582	374 B
1	33across.com 1 redirects dp2.33across.com — Cisco Umbrella Rank: 8763	498 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 431	630 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 104	15 KB
1	t.co t.co — Cisco Umbrella Rank: 476	337 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 524	457 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	41 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 619	6 KB
1	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 6394	16 KB
1	truste.com consent.truste.com — Cisco Umbrella Rank: 4785	4 KB
1	mktoresp.com 013-gax-394.mktoresp.com — Cisco Umbrella Rank: 131721	311 B
90	41

	Domain	Requested by
20	go.concur.com	go.concur.com code.jquery.com
12	dpm.demdex.net	1 redirects go.concur.com tags.tiqcdn.com
11	tags.tiqcdn.com	go.concur.com tags.tiqcdn.com
8	sync-tm.everesttech.net	8 redirects
4	segments.company-target.com	2 redirects go.concur.com
3	www.facebook.com	go.concur.com
3	cdn.schemaapp.com	tags.tiqcdn.com cdn.schemaapp.com
3	munchkin.marketo.net	go.concur.com munchkin.marketo.net tags.tiqcdn.com
3	cdnjs.cloudflare.com	go.concur.com
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	www.google.ca	go.concur.com
2	www.google.com	go.concur.com
2	concurtechnologies.sc.omtrdc.net	tags.tiqcdn.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	id.rlcdn.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	consent.trustarc.com	consent.truste.com go.concur.com
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	code.jquery.com	go.concur.com
2	ajax.googleapis.com	go.concur.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	cm.g.doubleclick.net
1	aorta.clickagy.com	1 redirects
1	fei.pro-market.net	1 redirects
1	ps.eyeota.net
1	ml314.com	1 redirects
1	dp2.33across.com	1 redirects
1	idsync.rlcdn.com	1 redirects
1	aa.agkn.com	1 redirects
1	cm.everesttech.net	1 redirects
1	concur.demdex.net	tags.tiqcdn.com
1	www.googleadservices.com	www.googletagmanager.com
1	api.company-target.com	scripts.demandbase.com
1	t.co	go.concur.com
1	analytics.twitter.com	static.ads-twitter.com
1	www.googletagmanager.com	tags.tiqcdn.com
1	static.ads-twitter.com	tags.tiqcdn.com
1	scripts.demandbase.com	tags.tiqcdn.com
1	consent.truste.com	tags.tiqcdn.com
1	013-gax-394.mktoresp.com	munchkin.marketo.net
90	46

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.concur.ca

Subject Issuer	Validity	Valid
www.concur.com GeoTrust RSA CA 2018	`2021-11-12` - `2022-11-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
cdn.schemaapp.com Amazon	`2021-12-02` - `2022-12-30`	a year	crt.sh
*.truste.com Amazon	`2022-01-17` - `2023-02-15`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-21` - `2022-04-21`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.eyeota.net R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
Frame ID: 9F283AF4D12E507595191648650A49A3
Requests: 71 HTTP requests in this frame

Frame: https://concur.demdex.net/dest5.html?d_nsid=0
Frame ID: 9421CAB6E026A80D6ECBC1C8FF07CA3E
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

90
Requests

78 %
HTTPS

27 %
IPv6

41
Domains

46
Subdomains

34
IPs

2
Countries

1299 kB
Transfer

2852 kB
Size

61
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/in/brian-veloso/?pid=email&cid=ca_insights_ee0422_e3
Title: Brian Veloso

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/greg-owen-9829459/?pid=email&cid=ca_insights_ee0422_e3
Title: Greg Owen

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/tasha-anglin-cpa-cga-6b95722a/?pid=email&cid=ca_insights_ee0422_e3
Title: Tasha Anglin

Search URL Search Domain Scan URL

URL: https://www.concur.ca/privacy-policy?pid=email&cid=ca_insights_ee0422_e3
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=3F8B2B31536CFF310A490D4C%40AdobeOrg&d_nsid=0&ts=1649937614155 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=3F8B2B31536CFF310A490D4C%40AdobeOrg&d_nsid=0&ts=1649937614155

Request Chain 57

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AABfdk7EsBoAADkXwKN0yQ HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABfdk7EsBoAADkXwKN0yQ&verifyHash=98ae391bdc6f7a506168b8553160a1ff9e24ed80

Request Chain 58

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCM6Z4JIGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297atUOUPF6jNV0jIh_G56l5ylG0x7DG9FWlTXmJFy1tow HTTP 303
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297atUOUPF6jNV0jIh_G56l5ylG0x7DG9FWlTXmJFy1tow&verifyHash=d57743f2ded2ff248794ef5c3bcf8fe72786be93

Request Chain 64

https://cm.everesttech.net/cm/dd?d_uuid=38007560446675708700566816177458729442 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlgMzgAAALpOAwQL

Request Chain 69

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=38007560446675708700566816177458729442 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=213290604121006854150

Request Chain 70

https://idsync.rlcdn.com/365868.gif?partner_uid=38007560446675708700566816177458729442 HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=dac84e38d2eb6b4872b6cf785dbfd29109653096444835df92f5783a103057a0b0da87c991749652

Request Chain 73

https://dp2.33across.com/ps/?pid=897&random=1648912413 HTTP 302
https://dpm.demdex.net/ibs:dpid=601&dpuuid=77972959147988&random=1649937615

Request Chain 75

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5707c002-9f48-4493-bf73-2b923a742b9b

Request Chain 76

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626501596554723350

Request Chain 78

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=38007560446675708700566816177458729442 HTTP 302
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-5269870153460071266

Request Chain 79

https://aorta.clickagy.com/pixel.gif?ch=124&cm=38007560446675708700566816177458729442&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:40346a10a306d38de9ccdb1d292aef26

Request Chain 80

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=38007560446675708700566816177458729442?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=38007560446675708700566816177458729442?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=69b13d99d45949f786ea8a6ca7d342af

Request Chain 81

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWxnTXpnQUFBTHBPQXdRTA==

Request Chain 82

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YlgMzgAAALpOAwQL&expires=90

Request Chain 83

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlgMzgAAALpOAwQL HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlgMzgAAALpOAwQL&C=1

Request Chain 84

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YlgMzgAAALpOAwQL HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYlgMzgAAALpOAwQL

Request Chain 85

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YlgMzgAAALpOAwQL HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YlgMzgAAALpOAwQL

Request Chain 86

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlgMzgAAALpOAwQL

Request Chain 87

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YlgMzgAAALpOAwQL&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YlgMzgAAALpOAwQL&img=1&__user_check__=1&sync_id=72ba8748-bbea-11ec-8a59-1ee132960203

Request Chain 88

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YlgMzgAAALpOAwQL&t=2592000&o=0

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Employees_New_Era_Travel_Tools.html Show response
go.concur.com/ 62 KB
11 KB 1270ms
1213ms Document
text/html 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fbebb6cf700f029546cf5374f54ba27ae03cdf0edddd8fd13728a1a15bf0374b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 11309
content-type: text/html; charset=utf-8
date: Thu, 14 Apr 2022 12:00:09 GMT
etag: 9
expires: Thu, 14 Apr 2022 12:00:09 GMT
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
pragma: no-cache
server: nginx
vary: *,Accept-Encoding
x-asset-type: LP
x-cache-status: MISS
x-content-type-options: nosniff
x-mkto-nginx-cache: true

GET
H2 200 concurButtons.css
go.concur.com/rs/013-GAX-394/images/ 6 KB
1 KB 38ms
37ms Stylesheet
text/css 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.concur.com/rs/013-GAX-394/images/concurButtons.css

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4c9a1a2fa888cd77229b55ff0ac8cb4ea23ae5056caf59598f38e1ddce9ede8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 02:46:58 GMT
server: nginx
etag: "10e074a-1955-5d9fc76009c2b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 1157
expires: Thu, 14 Apr 2022 12:00:09 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/ 34 KB
9 KB 69ms
19ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8060
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 16:51:24 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 73ms
23ms Script
text/javascript 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 16:51:24 GMT

GET
H2 200 jquery-3.1.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 84ms
25ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.min.js
Requested by: Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:09 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-152b5"
vary: Accept-Encoding
x-hw: 1649937609.dop186.dc2.t,1649937609.cds212.dc2.hn,1649937609.cds197.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30070

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 109ms
49ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:09 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-3dee4"
vary: Accept-Encoding
x-hw: 1649937609.dop186.dc2.t,1649937609.cds212.dc2.hn,1649937609.cds204.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.1/ 22 KB
7 KB 43ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.1/jquery.validate.min.js

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b94552fdddf133797c626b9c0248f50de46de94e18f97bf778f520555115995c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2396118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6628
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-59f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFjtaRlbbPXaXVHSVgbW40Pm2nHUfb1yzFIMmgENobB3ReSxJQeNgj3k%2FcKOXrQEuLwsfLFWvi4f%2FvNTJGjkRTx2HEjVgOPnkdyBtkClweh%2F%2BTYaGieLVIyMn3i1XXUFdcak1a04EDQjYM6L3jSY3TvF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fbc478d4ca47148-YUL
expires: Tue, 04 Apr 2023 12:00:09 GMT

GET
H2 200 additional-methods.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.1/ 17 KB
5 KB 44ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.1/additional-methods.min.js

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

615dab20d21c4d78bef0210bb703cdfdd2dc98f6e835170737ea290fecd0ab0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4814873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4653
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-4560"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WecJ8zBBqVzgvEIqwuIVTgoVa0t0QnJEgM9%2FgJSw4nkCrHtkGqnVg%2B%2FxT8LdqjiQKQACj49%2BZYIongDHqGLPTyhAmy8BWghgtDbIybVCTEysH31h315JYdJorsw1Aj4%2FTyMX0qPPHH4hoKby7eWiPsgd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fbc478d4ca77148-YUL
expires: Tue, 04 Apr 2023 12:00:09 GMT

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
931 B 44ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2036053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 591
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWe76y0qJHh5%2Bd0C3p3yRbauKf3dBRB3c9HOgzNxCb5OOIrL6oU0epxEQclu6%2F1v7H4Eom0thHdMp2m5L5k%2FqU2OJwoBmu7H3nlxPum3KW00Su0nlHmz0JbIHsO%2FXNwvsomnhEB6crgLk2rZi%2FM0wNVS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fbc478d4ca87148-YUL
expires: Tue, 04 Apr 2023 12:00:09 GMT

GET
H2 200 jquery.cookie.js Show response
go.concur.com/rs/013-GAX-394/images/ 3 KB
2 KB 45ms
43ms Script
application/x-javascript 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.concur.com/rs/013-GAX-394/images/jquery.cookie.js

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 02:42:48 GMT
server: nginx
etag: "10e073a-c31-5d9fc671e43c6"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 1365
expires: Thu, 14 Apr 2022 12:00:09 GMT

GET
H2 200 keyword.js Show response
go.concur.com/rs/013-GAX-394/images/ 40 KB
6 KB 57ms
56ms Script
application/x-javascript 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.concur.com/rs/013-GAX-394/images/keyword.js

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

57a06b52127575aec2d8ad6f284a7e34b07bddec53bd324949362881a38865d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 02:42:48 GMT
server: nginx
etag: "10e073b-9f51-5d9fc671eb126"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 5827
expires: Thu, 14 Apr 2022 12:00:09 GMT

GET
H2 200 tealium-data-layer.js Show response
go.concur.com/rs/013-GAX-394/images/ 5 KB
2 KB 301ms
300ms Script
application/x-javascript 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.concur.com/rs/013-GAX-394/images/tealium-data-layer.js

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

55d7ebf8bb5bd39d76ddc3ad76f36da5cbf0ea58e179cf0652268323c3d6d5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 02:42:48 GMT
server: nginx
etag: "10e073c-14bd-5d9fc671ed836"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 1673
expires: Thu, 14 Apr 2022 12:00:10 GMT

GET
H2 200 normalize.css
go.concur.com/rs/013-GAX-394/images/ 8 KB
3 KB 70ms
69ms Stylesheet
text/css 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.concur.com/rs/013-GAX-394/images/normalize.css

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f4d7e8250f8f124f8b7d087e5e260766a34b079fddc43e7b20d8c18ca1e92e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 02:42:48 GMT
server: nginx
etag: "10e0739-1e75-5d9fc671d8077"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 2596
expires: Thu, 14 Apr 2022 12:00:09 GMT

GET
H2 200 skeleton.css
go.concur.com/rs/013-GAX-394/images/ 10 KB
3 KB 4161ms
4160ms Stylesheet
text/css 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.concur.com/rs/013-GAX-394/images/skeleton.css

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

802acb8b14714e8232dfff3a99fa3da2c2ff6de206cb41847fc535b8daa1a479

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 02:46:58 GMT
server: nginx
etag: "10e074b-26ec-5d9fc7600e27a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 2395
expires: Thu, 14 Apr 2022 12:00:13 GMT

GET
H2 200 SAP_Concur_horz-trans.png
go.concur.com/rs/013-GAX-394/images/ 6 KB
6 KB 393ms
392ms Image
image/png 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.concur.com/rs/013-GAX-394/images/SAP_Concur_horz-trans.png

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5ad1dc8d54ec07683fff9d7bbf7bf737bd197970b3d344e625f324c134b9a733

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 02:46:58 GMT
server: nginx
etag: "10e0757-161b-5d9fc76079163"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 5659
expires: Thu, 14 Apr 2022 12:00:10 GMT

GET
H2 200 SAPlogo_LandingPage_Marketo.png
go.concur.com/rs/013-GAX-394/images/ 4 KB
4 KB 4198ms
4196ms Image
image/png 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.concur.com/rs/013-GAX-394/images/SAPlogo_LandingPage_Marketo.png

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ae20d6e414b6de1076b14a6d83351ab872cda843048f2d1fcaaf9646a8fc57e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 02:46:58 GMT
server: nginx
etag: "10e0755-106b-5d9fc7606ba8c"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 4203
expires: Thu, 14 Apr 2022 12:00:14 GMT

GET
H2 200 CA_Insights0422_287025_GettyImages-1243656369_small.jpg
go.concur.com/rs/013-GAX-394/images/ 310 KB
311 KB 90ms
88ms Image
image/jpeg 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.concur.com/rs/013-GAX-394/images/CA_Insights0422_287025_GettyImages-1243656369_small.jpg

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

9589784f7a2904054e4ac5478dc0c936c0fee83781d4368dd6343249f6ecaf5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Mar 2022 20:19:15 GMT
server: nginx
etag: "10e1364-4d912-5dad453b24343"
content-type: image/jpeg
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 317714
expires: Thu, 14 Apr 2022 12:00:10 GMT

GET
H2 200 Greg%20Owen.png
go.concur.com/rs/013-GAX-394/images/ 164 KB
165 KB 62ms
60ms Image
image/png 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.concur.com/rs/013-GAX-394/images/Greg%20Owen.png

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

58b75949861a2a9b80f13f52a26e40709914a74ec0f3b04a423dfd6327d76525

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 21:08:45 GMT
server: nginx
etag: "10e112b-29197-5da706f84a431"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 168343
expires: Thu, 14 Apr 2022 12:00:10 GMT

GET
H2 200 Saw2%20Baylis_Tasha_headshot.jpg
go.concur.com/rs/013-GAX-394/images/ 15 KB
15 KB 90ms
88ms Image
image/jpeg 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.concur.com/rs/013-GAX-394/images/Saw2%20Baylis_Tasha_headshot.jpg

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

eaee828a463281059fe29b5134debf6ca1412b8c619c882b5b3b2864f15f79e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Mar 2022 20:11:03 GMT
server: nginx
etag: "10e1363-3bfc-5dad4365e1aae"
content-type: image/jpeg
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 15356
expires: Thu, 14 Apr 2022 12:00:10 GMT

GET
H2 200 RohitGupta_Deloitte.jpg
go.concur.com/rs/013-GAX-394/images/ 26 KB
26 KB 91ms
90ms Image
image/jpeg 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.concur.com/rs/013-GAX-394/images/RohitGupta_Deloitte.jpg

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

84fbbf760f74e186fc47f8a17a515ac241144fc9e1c1a0117716461b8a38e5c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Mar 2022 05:24:40 GMT
server: nginx
etag: "10e117f-661a-5da775d07ff58"
content-type: image/jpeg
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 26138
expires: Thu, 14 Apr 2022 12:00:10 GMT

GET
H2 200 InsightsOn0621_W3_Brian.jpg
go.concur.com/rs/013-GAX-394/images/ 19 KB
19 KB 4306ms
4305ms Image
image/jpeg 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.concur.com/rs/013-GAX-394/images/InsightsOn0621_W3_Brian.jpg

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

994d21b992bd25bfd66f236baec3ea6d9822bfe36c74f4659d412a4c449b21ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 18:27:55 GMT
server: nginx
etag: "10e08c1-4a21-5da099b1ded9f"
content-type: image/jpeg
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 18977
expires: Thu, 14 Apr 2022 12:00:14 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// 1 KB
1 KB 68ms
19ms Script
application/x-javascript 184.85.206.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.85.206.51 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-85-206-51.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 12:00:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 stripmkttok.js Show response
go.concur.com/js/ 2 KB
929 B 36ms
35ms Script
application/x-javascript 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.concur.com/js/stripmkttok.js

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: nginx
etag: "1300708-602-5d9a5dd2b7fc0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 678
expires: Thu, 14 Apr 2022 12:00:10 GMT

GET
H2 200 ProximaNova-Regular.woff
go.concur.com/rs/013-GAX-394/images/ 51 KB
51 KB 54ms
54ms Font
text/plain 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.concur.com/rs/013-GAX-394/images/ProximaNova-Regular.woff

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

301531b3e516df724cf86367f8a8b7b2c5f46a7c7d63c337027dfd435dc061e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
Origin: https://go.concur.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 02:46:58 GMT
server: nginx
etag: "10e0756-ccac-5d9fc7607760b"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 14 Apr 2022 12:00:13 GMT

GET
H2 200 ProximaNova-Bold.woff
go.concur.com/rs/013-GAX-394/images/ 51 KB
51 KB 33ms
33ms Font
text/plain 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.concur.com/rs/013-GAX-394/images/ProximaNova-Bold.woff

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

143fb9e2f2e8500547daf5197cc38b2a694b66533ffa18e4785098928c4fbbe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
Origin: https://go.concur.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 02:46:58 GMT
server: nginx
etag: "10e0758-cb64-5d9fc7607bc5b"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 14 Apr 2022 12:00:13 GMT

GET
H2 200 ProximaNova-Semibold.woff
go.concur.com/rs/013-GAX-394/images/ 51 KB
51 KB 47ms
46ms Font
text/plain 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.concur.com/rs/013-GAX-394/images/ProximaNova-Semibold.woff

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

05b1903ed47119e10e2bc928d336dbdbf7c26c864399de3cb2d790f35334db1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
Origin: https://go.concur.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 02:46:58 GMT
server: nginx
etag: "10e0759-cab8-5d9fc7607f6f3"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 14 Apr 2022 12:00:13 GMT

GET
H2 200 awsPost_on24.js Show response
go.concur.com/rs/013-GAX-394/images/ 4 KB
2 KB 31ms
31ms XHR
application/x-javascript 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.concur.com/rs/013-GAX-394/images/awsPost_on24.js?_=1649937609897

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f3df8ce3726310711527aa72ccef8d45c3602379ac61a20ceb91014e80855d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 02:49:17 GMT
server: nginx
etag: "10e0763-10c3-5d9fc7e4f38dc"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 1277
expires: Thu, 14 Apr 2022 12:00:13 GMT

GET
H2 200 cnqrFormsTest.js Show response
go.concur.com/rs/013-GAX-394/images/ 327 KB
42 KB 41ms
41ms XHR
application/x-javascript 184.85.204.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.concur.com/rs/013-GAX-394/images/cnqrFormsTest.js?_=1649937609898

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.85.204.146 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-85-204-146.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7cd4b1f898c92df75978720c2de67383af3658660b0ca430d576df5bc6375d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 20:59:08 GMT
server: nginx
etag: "10e0c9d-51aa2-5da704d246409"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 42816
expires: Thu, 14 Apr 2022 12:00:14 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 63ms
63ms Script
application/x-javascript 184.85.206.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.85.206.51 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-85-206-51.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 12:00:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Sat, 23 Jul 2022 12:00:14 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/concur/concur/prod/ 263 KB
53 KB 77ms
26ms Script
application/x-javascript 23.198.216.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js
Requested by: Host: go.concur.com
URL: https://go.concur.com/rs/013-GAX-394/images/tealium-data-layer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-216-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d6150f05c2bb11ed1407025656376fba2060197de622f1ad610c22d796ff1ec3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 22:52:09 GMT
server: AkamaiNetStorage
etag: "81ce582c69290e4fb1cab67b02909320:1649717529.869917"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Thu, 14 Apr 2022 12:05:14 GMT

POST
H/1.1 200
OK visitWebPage
013-gax-394.mktoresp.com/webevents/ 2 B
311 B 101ms
26ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://013-gax-394.mktoresp.com/webevents/visitWebPage?_mchNc=1649937614060&_mchCn=Employees_New_Era_Travel_Tools&_mchId=013-GAX-394&_mchTk=_mch-concur.com-1649937614059-90821&_mchWs=j0hRc9jP&_mchHo=go.concur.com&_mchPo=&_mchRu=%2FEmployees_New_Era_Travel_Tools.html&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=pid%3Demail__-__cid%3DCA_Insights_EE0422_E3
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 12:00:14 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: d5ebe41c-b4dc-4052-bbaf-09a329df9373

GET
H2 200 utag.1139.js Show response
tags.tiqcdn.com/utag/concur/concur/prod/ 4 KB
2 KB 20ms
20ms Script
application/x-javascript 23.198.216.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.1139.js?utv=ut4.39.202103172107
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-216-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bda40bb6fa7915967c4e5c9c182d3ace0d1b57db5b1ee23acdd472bf4f072533

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
last-modified: Wed, 17 Mar 2021 21:09:03 GMT
server: AkamaiNetStorage
etag: "4bac0bf3f9dfe56048f6aa33852dc266:1616015343.117513"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1603
expires: Fri, 29 Apr 2022 12:00:14 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=3F8B2B31536CFF310A490D4C%40AdobeOrg&d_nsid=0&ts=1649937614155
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=3F8B2B31536CFF310A490D4C%40AdobeOrg&d_nsid=0&ts=1649937614155

4 KB
2 KB

79ms
78ms

XHR
application/json

54.68.131.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=3F8B2B31536CFF310A490D4C%40AdobeOrg&d_nsid=0&ts=1649937614155

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

HTTP/1.1

Server

54.68.131.247 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-131-247.us-west-2.compute.amazonaws.com

Software

Resource Hash

40ff921d7caec9008517dc2a473855a88f2956be984a6c7660bfdbc5e2a08f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v028-08e9cf6bc.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 7FLDOzQZQtA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://go.concur.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1378
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-2-v028-032c88327.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://go.concur.com
X-TID: F5EZKkjvTl0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=3F8B2B31536CFF310A490D4C%40AdobeOrg&d_nsid=0&ts=1649937614155
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 utag.1169.js Show response
tags.tiqcdn.com/utag/concur/concur/prod/ 98 KB
34 KB 38ms
38ms Script
application/x-javascript 23.198.216.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.1169.js?utv=ut4.39.202203092124
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-216-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68bd809fd3182aeb3c9199bd80272758014a8f7719597fb76e49f3f6d97e040e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 21:25:32 GMT
server: AkamaiNetStorage
etag: "bef5fe4cff8df68b024719cefa5623a2:1646861132.930828"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 34458
expires: Fri, 29 Apr 2022 12:00:14 GMT

GET
H2 200 utag.541.js Show response
tags.tiqcdn.com/utag/concur/concur/prod/ 3 KB
2 KB 28ms
28ms Script
application/x-javascript 23.198.216.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.541.js?utv=ut4.39.201905012205
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-216-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1c6b9cd5f9d4e65f2cfae62421cd7f73a3f8ab7cf8605167b5651202ffc516ed

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 23:35:48 GMT
server: AkamaiNetStorage
etag: "697e89ba460a25fe17fbc0d8127faf1c:1605224148.50758"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1356
expires: Fri, 29 Apr 2022 12:00:14 GMT

GET
H2 200 utag.211.js Show response
tags.tiqcdn.com/utag/concur/concur/prod/ 2 KB
1 KB 31ms
30ms Script
application/x-javascript 23.198.216.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.211.js?utv=ut4.39.202007301621
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-216-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8938b78472f057b2c28d361d5acd005a76e76585d14e4a4cb4dfdf7ce04d4020

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 23:37:17 GMT
server: AkamaiNetStorage
etag: "e33ed45509837253cf0337377bb2b924:1605224237.516848"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1128
expires: Fri, 29 Apr 2022 12:00:14 GMT

GET
H2 200 utag.210.js Show response
tags.tiqcdn.com/utag/concur/concur/prod/ 2 KB
1 KB 32ms
31ms Script
application/x-javascript 23.198.216.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.210.js?utv=ut4.39.201805151414
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-216-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4de8ccf7f082848e3ea03bcd4e0aa0164c3370dcad3252fdae29d0f3a48aac5b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 23:36:18 GMT
server: AkamaiNetStorage
etag: "0334489c25bd1ce23c670927e97cf809:1605224178.41951"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1018
expires: Fri, 29 Apr 2022 12:00:14 GMT

GET
H2 200 utag.1007.js Show response
tags.tiqcdn.com/utag/concur/concur/prod/ 19 KB
6 KB 34ms
34ms Script
application/x-javascript 23.198.216.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.1007.js?utv=ut4.39.202101132329
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-216-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 441e75024ceaca9d9803f04c6dffc671c65ca219e47f46f22173bef148434369

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 23:37:46 GMT
server: AkamaiNetStorage
etag: "f8403975f467df029b21b66a44747395:1605224265.952452"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 6139
expires: Fri, 29 Apr 2022 12:00:14 GMT

GET
H2 200 utag.1013.js Show response
tags.tiqcdn.com/utag/concur/concur/prod/ 10 KB
3 KB 41ms
41ms Script
application/x-javascript 23.198.216.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.1013.js?utv=ut4.39.202104142245
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-216-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d45127d100ba6939210f1a0ddf0f928b0219bc78b9b50ba99f0b219bef08681e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 23:36:00 GMT
server: AkamaiNetStorage
etag: "0327a68000900c30e992443efe4e7afc:1605224160.537761"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2356
expires: Fri, 29 Apr 2022 12:00:14 GMT

GET
H2 200 utag.1036.js Show response
tags.tiqcdn.com/utag/concur/concur/prod/ 5 KB
2 KB 41ms
41ms Script
application/x-javascript 23.198.216.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.1036.js?utv=ut4.39.202007161705
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-216-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 432d1eca8be2058541908813bb88e55b1e1f8226b0a78a9517aea433572351e4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 23:36:20 GMT
server: AkamaiNetStorage
etag: "282de425db591628207ba62074e7f939:1605224180.222572"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1598
expires: Fri, 29 Apr 2022 12:00:14 GMT

GET
H2 200 utag.1200.js Show response
tags.tiqcdn.com/utag/concur/concur/prod/ 11 KB
4 KB 42ms
42ms Script
application/x-javascript 23.198.216.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.1200.js?utv=ut4.39.202202282255
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-216-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 219c9f2d6a741aab05fd55b7df20c953090829a744b3f3f7d43f7723c3832312

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 22:56:23 GMT
server: AkamaiNetStorage
etag: "0f5eb58557f18e9dc18eec729aa04833:1646088983.938272"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3521
expires: Fri, 29 Apr 2022 12:00:14 GMT

GET
H2 200 highlight.js Show response
cdn.schemaapp.com/javascript/ 28 KB
9 KB 74ms
24ms Script
application/javascript 2600:9000:20e2:2e00:a:6e64:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.schemaapp.com/javascript/highlight.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:2e00:a:6e64:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a2981c69e546f47a0447c9d7596ad5cd0e11c30ba3b5ab06e1a0d1d26f37344

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 20:27:56 GMT
content-encoding: gzip
age: 574339
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 07 Apr 2022 20:27:25 GMT
server: AmazonS3
etag: W/"a287e0196e4a9273c7e9c7609bb791c0"
vary: Accept-Encoding
x-amz-version-id: L_AW3rUQujHt4nBvuWimNpJPdtA3_2_3
via: 1.1 495532b0efe43a0c4d32da9e6929277e.cloudfront.net (CloudFront)
cache-control: max-age=699840
x-amz-cf-pop: IAD79-C2
content-type: application/javascript
x-amz-cf-id: wrW_JrVvW1tQH9E_3EIpMKrc9pHhioJCG1ABWJ_jxUD_Fedc2jMKqA==

GET
H2 200 notice Show response
consent.truste.com/ 9 KB
4 KB 77ms
28ms Script
text/javascript 99.86.231.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.truste.com/notice?domain=concur.com&c=teconsent&js=nj&noticeType=bb&text=true

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.541.js?utv=ut4.39.201905012205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.231.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-231-106.iad79.r.cloudfront.net

Software

nginx /

Resource Hash

3f75417dc22ff2af906f5f4cdea6326e5f14f232688f51447968fd1ed4c29198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 11:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85
x-cache: Hit from cloudfront
cloudfront-viewer-country: CA
vary: Accept-Encoding, Origin
content-length: 3662
x-xss-protection: 1; mode=block
timing-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 11e42b3facdb2abb175876ba0e4b97f8.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: IAD79-C3
cloudfront-viewer-country-region: QC
x-amz-cf-id: MBf_8eSOlS9bBYCf0sf4mCbzEGedm0XGKnS-zoqbXiqeczqTZ3JGBw==
expires: Thu, 14 Apr 2022 12:58:49 GMT

GET
H2 200 4d7mpJHG.min.js Show response
scripts.demandbase.com/ 58 KB
16 KB 134ms
33ms Script
application/javascript 99.84.111.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/4d7mpJHG.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.111.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-111-79.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b51048452bbd696474e815e601671ec74ae912877a73a31471dae96ce331e85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: 57ALeSlmOM810PsjSPwASFUlo.WYDCuI
content-encoding: gzip
etag: W/"56d2b095f82dbd412f64929d2b76894a"
age: 258
x-cache: Hit from cloudfront
vary: Accept-Encoding
last-modified: Tue, 08 Dec 2020 23:26:56 GMT
server: AmazonS3
date: Thu, 14 Apr 2022 11:55:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 c640b1afa51b342db4c4d96d404a1eda.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop: IAD79-C2
x-amz-cf-id: Ell72LrnNGqkpQ0ujabBTcZV0st0yOw0sA0BEZ0t3DSxuggdWJDusg==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 26ms
26ms Script
application/x-javascript 184.85.206.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.85.206.51 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-85-206-51.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 12:00:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 57ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.1007.js?utv=ut4.39.202101132329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: 7llq9BZ/omy2zwvP0+5AP3krlSqYupZ/5aVutbuGd1Hc56012uMEBwr9Xa7iVOiYAjDYb29kj28M3mV8MhrKOg==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 14 Apr 2022 12:00:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 93ms
24ms Script
application/javascript 146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.1013.js?utv=ut4.39.202104142245
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:08:27 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200024-IAD

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
41 KB 82ms
38ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1044530512

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.1200.js?utv=ut4.39.202202282255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f602063c03750eeb71f11319890d464bffcd0eaea6dcfe91dabd5676b8cfdb05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41906
x-xss-protection: 0
expires: Thu, 14 Apr 2022 12:00:14 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 30ms
29ms Script
application/x-javascript 23.198.216.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=concur/concur/202204112251&cb=1649937614222
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-216-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Thu, 14 Apr 2022 12:10:14 GMT

GET
H2 200 aHR0cHM6Ly9nby5jb25jdXIuY29t Show response
cdn.schemaapp.com/highlighter/prod/ 2 B
501 B 50ms
50ms Fetch
application/json 2600:9000:20e2:2e00:a:6e64:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.schemaapp.com/highlighter/prod/aHR0cHM6Ly9nby5jb25jdXIuY29t
Requested by: Host: cdn.schemaapp.com
URL: https://cdn.schemaapp.com/javascript/highlight.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:2e00:a:6e64:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept: application/json
Referer: https://go.concur.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
x-api-key

Response headers

x-amz-version-id: 4FsmemwQuur.Z0jxvea6XGJagB0M87fi
via: 1.1 2159b07a5dc01058f6b0620d8e160fea.cloudfront.net (CloudFront)
etag: "99914b932bd37a50b983c5e7c90ae93b"
age: 1881
x-cache: Error from cloudfront
access-control-max-age: 3000
content-length: 2
last-modified: Tue, 11 Dec 2018 16:01:38 GMT
server: AmazonS3
date: Thu, 14 Apr 2022 11:28:54 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
x-amz-cf-pop: IAD79-C2
accept-ranges: bytes
x-amz-cf-id: BVM3TA4ARSlZDPqBzxs9jUCxH1hbJ5BFRz-iZpwAbA3iz03y2nhB4w==

OPTIONS
H2 200 aHR0cHM6Ly9nby5jb25jdXIuY29t
cdn.schemaapp.com/highlighter/prod/ Frame 0
0 233ms
183ms Preflight 2600:9000:20e2:2e00:a:6e64:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.schemaapp.com/highlighter/prod/aHR0cHM6Ly9nby5jb25jdXIuY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:2e00:a:6e64:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://go.concur.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: x-api-key
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 3000
content-length: 0
date: Thu, 14 Apr 2022 12:00:15 GMT
server: AmazonS3
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 2159b07a5dc01058f6b0620d8e160fea.cloudfront.net (CloudFront)
x-amz-cf-id: vGUhX-cqnXbWh0kaek4dX6UG3jJ462CvMEq6kKLdA6Rz2gVm5SAQQw==
x-amz-cf-pop: IAD79-C2
x-cache: Miss from cloudfront

GET
H2 200 908266409244597 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/908266409244597?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64b8c57366eb8638e1d650ef3a7aecd24da68121a0b926f2719af2fce46fb35a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89198
x-xss-protection: 0
pragma: public
x-fb-debug: 3FbO4GTnh+KpInB+rTTkSryYqYueV4gSpXd2Wb+zHd4cp+O266P3REmESftRnlRYXfL92LW59pD1liTWv1Bj+A==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 14 Apr 2022 12:00:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 v1.7-458 Show response
consent.trustarc.com/asset/notice.js/v/ 75 KB
24 KB 76ms
26ms Script
text/javascript 54.192.192.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-458

Requested by

Host: consent.truste.com
URL: https://consent.truste.com/notice?domain=concur.com&c=teconsent&js=nj&noticeType=bb&text=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.192.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-192-30.iad50.r.cloudfront.net

Software

nginx /

Resource Hash

b62c80a53749bed7d1e8d6a4798f744e4701e66c8383e301621ad8839b24b09c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.concur.com/
Origin: https://go.concur.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 11:21:24 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2330
x-cache: Hit from cloudfront
pragma: public
access-control-allow-origin: *
last-modified: Mon, 21 Feb 2022 05:49:07 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
via: 1.1 22512dca1de1fae848b2509fed0309aa.cloudfront.net (CloudFront)
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-pop: IAD50-C2
timing-allow-origin: *
x-amz-cf-id: 0p5Bni61uQRvBABRx8S8YDqzsPt9m1YpqlimgyJgScW2pE7QM4vemA==
expires: Sat, 14 May 2022 11:21:24 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
442 B 156ms
107ms Image
image/gif 54.192.192.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=concur.com&country=ca&state=&behavior=implied&c=b315

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.192.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-192-30.iad50.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
via: 1.1 929cbb64d024a9973633b197e2a23482.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: IAD50-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 43
x-amz-cf-id: THiR-MK_LCdH_sDMjgadlj8OW7dHU8Vv6NZPBHkjv2Ysmwjs2qTKBA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
457 B 139ms
50ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvbph&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=c74c85bd-3263-46b6-98f6-365959d150ef&tw_document_href=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time: 5
date: Thu, 14 Apr 2022 12:00:13 GMT
content-encoding: gzip
server: tsa_b
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 7ec1f1efcc099f58e336f1e301b06fd6cbd3666cc501d9b8aae50d6e1f93b2c3
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
337 B 147ms
54ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvbph&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=c74c85bd-3263-46b6-98f6-365959d150ef&tw_document_href=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time: 11
date: Thu, 14 Apr 2022 12:00:13 GMT
server: tsa_b
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 09113cca673194ec26bc7131bc822abc169ede09f4a3607be253ab35e237f380
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 56ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=908266409244597&ev=PageView&dl=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3&rl=&if=false&ts=1649937614352&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1649937614350.58441953&it=1649937614275&coo=false&rqm=GET

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 14 Apr 2022 12:00:14 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 414 B
917 B 140ms
67ms XHR
application/json 99.86.231.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3&page_title=&src=tag&key=ba1f688aa5a6c29081dd73e7c5730fa3
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/4d7mpJHG.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.231.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-231-20.iad79.r.cloudfront.net
Software: nginx /
Resource Hash: 1ab4e50d84b67ba2b3142ad1a4b789921557ab9f2cf0d6e73b00f3f0f3fac84c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: IAD79-C3
x-cache: Miss from cloudfront
request-id: 402f7aaf-abb3-44e1-8b5d-6445ba52a89d
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://go.concur.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 d93f61c3371a812d64846df2034f9796.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ikaD2b5PxR19NSsMIpvxFiecm9IvuehkY3dF-6OE5-vjifs9Nk4Lqg==
expires: Wed, 13 Apr 2022 12:00:14 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AABfdk7EsBoAADkXwKN0yQ
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABfdk7EsBoAADkXwKN0yQ&verifyHash=98ae391bdc6f7a506168b8553160a1ff9e24ed80

26 B
409 B

28ms
28ms

Image
image/gif

99.84.221.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABfdk7EsBoAADkXwKN0yQ&verifyHash=98ae391bdc6f7a506168b8553160a1ff9e24ed80
Requested by: Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
Protocol: HTTP/1.1
Server: 99.84.221.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-221-5.iad79.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 12:00:14 GMT
Via: 1.1 8918721f9949345e08455e61518a59ec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD79-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: c99ec760d7cb1168
X-Amz-Cf-Id: l9_MJBMrboYsbcHAt90Aiu-B0GTtFji-8ZOVAbMN_nrKJJ0kohlIYQ==

Redirect headers

Date: Thu, 14 Apr 2022 12:00:14 GMT
Via: 1.1 8918721f9949345e08455e61518a59ec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD79-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AABfdk7EsBoAADkXwKN0yQ&verifyHash=98ae391bdc6f7a506168b8553160a1ff9e24ed80
Connection: keep-alive
trace-id: bba0d48f67e1af24
Content-Length: 0
X-Amz-Cf-Id: -FwH3uPY_nC4rX7Gz2Lkf8r2gGlLeEpwc-kxy8FHXSKLxHIZsgK7CA==

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCM6Z4JIGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297atUOUPF6jNV0jIh_G56l5ylG0x7DG9FWlTXmJFy1tow
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297atUOUPF6jNV0jIh_G56l5ylG0x7DG9FWlTXmJFy1tow&verifyHash=d57743f2ded2ff248794ef5c3bcf8fe72786be93

26 B
409 B

34ms
34ms

Image
image/gif

99.84.221.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297atUOUPF6jNV0jIh_G56l5ylG0x7DG9FWlTXmJFy1tow&verifyHash=d57743f2ded2ff248794ef5c3bcf8fe72786be93
Requested by: Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3
Protocol: HTTP/1.1
Server: 99.84.221.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-221-5.iad79.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 12:00:14 GMT
Via: 1.1 acb5e0138f17ffe7929a4d64a50c4a24.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD79-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 354515ab312a0d48
X-Amz-Cf-Id: CsWWbF8fX5Gg62T__KoXQXAal7Uuyaufelcpfjhflm6D-JwKMb4F-Q==

Redirect headers

Date: Thu, 14 Apr 2022 12:00:14 GMT
Via: 1.1 acb5e0138f17ffe7929a4d64a50c4a24.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD79-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=liveramp&user_id=Xc1297atUOUPF6jNV0jIh_G56l5ylG0x7DG9FWlTXmJFy1tow&verifyHash=d57743f2ded2ff248794ef5c3bcf8fe72786be93
Connection: keep-alive
trace-id: 4370e5d905752381
Content-Length: 0
X-Amz-Cf-Id: QQh6Z1lw6R0O26izdzGjDob3xsueGVSqUvK08fGBUj8uMZJK8zMuOQ==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 106ms
56ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1044530512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14897
x-xss-protection: 0
server: cafe
etag: 9926226332162747720
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Apr 2022 12:00:14 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1044530512/ 2 KB
2 KB 85ms
38ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1044530512/?random=1649937614486&cv=9&fst=1649937614486&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa460&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a4ce2a1cc2b6969fb1a68b2bbb678a439d6fa0cc6696b6485e94b9e8838630c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1066
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1044530512/ 2 KB
1 KB 85ms
39ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1044530512/?random=1649937614489&cv=9&fst=1649937614489&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa460&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce0596e346ac2a8fb60f8fb0d142e5ac3b12665de01f8c1a1e849baf6d2b89c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1064
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
concur.demdex.net/ Frame 9421 7 KB
3 KB 121ms
27ms Document
text/html 52.206.5.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://concur.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.5.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-5-208.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.concur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-1-v031-07ee135fa.edge-va6.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: hEhobG9sS0I=
content-encoding: gzip
date: Thu, 14 Apr 2022 12:00:14 GMT
last-modified: Wed, 13 Apr 2022 15:04:36 GMT
vary: accept-encoding

GET
H2 200 id Show response
concurtechnologies.sc.omtrdc.net/ 2 B
315 B 261ms
86ms XHR
application/x-javascript 54.212.155.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://concurtechnologies.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=3F8B2B31536CFF310A490D4C%40AdobeOrg&mid=37982840580214853500564484911053750386&ts=1649937614569

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.212.155.93 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-212-155-93.us-west-2.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.concur.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-79f6bdb9b6-nq2wr
vary: Origin
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://go.concur.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YlgMzgAAALpOAwQL
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=38007560446675708700566816177458729442
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlgMzgAAALpOAwQL

42 B
945 B

79ms
78ms

Image
image/gif

54.68.131.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlgMzgAAALpOAwQL

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

HTTP/1.1

Server

54.68.131.247 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-131-247.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v028-07fdce145.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nZEL5AWqQ4A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlgMzgAAALpOAwQL
Date: Thu, 14 Apr 2022 12:00:14 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 /
www.google.com/pagead/1p-user-list/1044530512/ 42 B
108 B 88ms
41ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1044530512/?random=1649937614486&cv=9&fst=1649937600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa460&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3&async=1&fmt=3&is_vtc=1&random=2427253019&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/1044530512/ 42 B
548 B 88ms
39ms Image
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1044530512/?random=1649937614486&cv=9&fst=1649937600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa460&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3&async=1&fmt=3&is_vtc=1&random=2427253019&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1044530512/ 42 B
548 B 86ms
40ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1044530512/?random=1649937614489&cv=9&fst=1649937600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa460&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3&async=1&fmt=3&is_vtc=1&random=1723031390&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/1044530512/ 42 B
108 B 87ms
40ms Image
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1044530512/?random=1649937614489&cv=9&fst=1649937600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa460&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3&async=1&fmt=3&is_vtc=1&random=1723031390&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: go.concur.com
URL: https://go.concur.com/Employees_New_Era_Travel_Tools.html?pid=email&cid=CA_Insights_EE0422_E3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=213290604121006854150
dpm.demdex.net/ Frame 9421
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=38007560446675708700566816177458729442
https://dpm.demdex.net/ibs:dpid=21&dpuuid=213290604121006854150

42 B
945 B

79ms
79ms

Image
image/gif

54.68.131.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=213290604121006854150

Protocol

HTTP/1.1

Server

54.68.131.247 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-131-247.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v028-0b274f992.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: qC0VZRT9QbY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
via: 1.1 c772176b119045d2ed52ef4f42db5fe0.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: IAD79-C2
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=213290604121006854150
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: X0mq3si233naQoPlQ_psdwBV5tzj_qC6afZ7NwLokLp9Bfcf2dAu9A==
expires: 0

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=dac84e38d2eb6b4872b6cf785dbfd29109653096444835df92f5783a103057a0b0da87c991749652
dpm.demdex.net/ Frame 9421
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=38007560446675708700566816177458729442
https://dpm.demdex.net/ibs:dpid=477&dpuuid=dac84e38d2eb6b4872b6cf785dbfd29109653096444835df92f5783a103057a0b0da87c991749652

42 B
945 B

172ms
79ms

Image
image/gif

54.68.131.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=dac84e38d2eb6b4872b6cf785dbfd29109653096444835df92f5783a103057a0b0da87c991749652

Protocol

HTTP/1.1

Server

54.68.131.247 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-131-247.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v028-0f900667e.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xgULCIyRSWg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Thu, 14 Apr 2022 12:00:14 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=dac84e38d2eb6b4872b6cf785dbfd29109653096444835df92f5783a103057a0b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 114ms
79ms XHR
application/json 54.68.131.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=3F8B2B31536CFF310A490D4C%40AdobeOrg&d_nsid=0&d_mid=37982840580214853500564484911053750386&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=concuruser%01d4abc51a-9d1c-4f15-9fc1-ebc2a6ffb61f&ts=1649937614834

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.68.131.247 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-131-247.us-west-2.compute.amazonaws.com

Software

Resource Hash

937e1061478ea59562285591f919d3d53ceb7b8d60b2a90d35048ca3278b64ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.concur.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-1-v028-0edeb51e4.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 4GnnVrlnR6o=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://go.concur.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1375
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 38ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=908266409244597&ev=Microdata&dl=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3&rl=&if=false&ts=1649937614855&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%5B%22%22%2C%22%22%5D%2C%22og%3Aimage%3Awidth%22%3A%22200%22%2C%22og%3Aimage%3Aheight%22%3A%22200%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1649937614350.58441953&it=1649937614275&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 14 Apr 2022 12:00:14 GMT

GET
H/1.1

200
OK

ibs:dpid=601&dpuuid=77972959147988&random=1649937615
dpm.demdex.net/ Frame 9421
Redirect Chain

https://dp2.33across.com/ps/?pid=897&random=1648912413
https://dpm.demdex.net/ibs:dpid=601&dpuuid=77972959147988&random=1649937615

42 B
945 B

78ms
77ms

Image
image/gif

54.68.131.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=601&dpuuid=77972959147988&random=1649937615

Protocol

HTTP/1.1

Server

54.68.131.247 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-131-247.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v028-0287d4b2c.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: r0eLekBLQ1k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
referrer-policy: unsafe-url
server: 33XP002
x-33x-status: 200004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://dpm.demdex.net/ibs:dpid=601&dpuuid=77972959147988&random=1649937615
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2 200 s29465913144295 Show response
concurtechnologies.sc.omtrdc.net/b/ss/concur-global-all,concur-go/10/JS-2.22.0/ 4 KB
4 KB 96ms
95ms Script
application/x-javascript 54.212.155.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://concurtechnologies.sc.omtrdc.net/b/ss/concur-global-all,concur-go/10/JS-2.22.0/s29465913144295?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=14%2F3%2F2022%2012%3A0%3A14%204%200&cid.&concuruser.&id=d4abc51a-9d1c-4f15-9fc1-ebc2a6ffb61f&.concuruser&.cid&d.&nsid=0&jsonv=1&.d&sdid=09A2CF53F5423027-0F1FF89B16185BD3&mid=37982840580214853500564484911053750386&aamlh=9&ce=UTF-8&ns=concurtechnologies&cdp=2&pageName=Employees_New_Era_Travel_Tools.html&g=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3&cc=USD&ch=go-concur-com&server=concurtechnologies.sc.omtrdc.net&v0=CA_Insights_EE0422_E3&events=event20&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=Employees_New_Era_Travel_Tools.html&v1=marketo-programs&c6=CA_Insights_EE0422_E3%3A%3AEmployees_New_Era_Travel_Tools.html&c7=5%3A00AM&v7=D%3Dc7&c8=Thursday&v8=D%3Dc8&c9=New&v9=D%3Dc9&c10=1&v10=D%3Dc10&c11=First%20Visit&v11=D%3Dc11&c12=marketo&v12=d4abc51a-9d1c-4f15-9fc1-ebc2a6ffb61f&v13=D%3DpageName&c15=0%7C0&c17=0x0&v17=CA_Insights_EE0422_E3&c18=0x0&v18=email&v19=CA_Insights_EE0422_E3&v20=email&c22=VisitorAPI%20Present&v37=marketo&c39=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3&v39=https%3A%2F%2Fgo.concur.com%2FEmployees_New_Era_Travel_Tools.html%3Fpid%3Demail%26cid%3DCA_Insights_EE0422_E3&c40=60&v41=60&c75=NO_CCD&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=3F8B2B31536CFF310A490D4C%40AdobeOrg&AQE=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/concur/concur/prod/utag.1169.js?utv=ut4.39.202203092124

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.212.155.93 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-212-155-93.us-west-2.compute.amazonaws.com

Software

jag /

Resource Hash

2762776cd705b0c70bc0dc5dbb3cddcc4a8e4e861be3c793e5dd89f4647a0384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.concur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-aam-tid: sfVmARAkRAI=
date: Thu, 14 Apr 2022 12:00:15 GMT
x-content-type-options: nosniff
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
content-length: 4038
x-xss-protection: 1; mode=block
dcs: dcs-prod-usw2-1-v028-046ff8c18.edge-usw2.demdex.com UNKNOWN
pragma: no-cache
last-modified: Fri, 15 Apr 2022 12:00:15 GMT
server: jag
xserver: anedge-79f6bdb9b6-ps9kx
etag: 3543214049828667392-4619705619028605347
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 13 Apr 2022 12:00:15 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=5707c002-9f48-4493-bf73-2b923a742b9b
dpm.demdex.net/ Frame 9421
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5707c002-9f48-4493-bf73-2b923a742b9b

42 B
945 B

79ms
79ms

Image
image/gif

54.68.131.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=5707c002-9f48-4493-bf73-2b923a742b9b

Protocol

HTTP/1.1

Server

54.68.131.247 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-131-247.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v028-0f5ce8dfa.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7PKuyt+wR5M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=5707c002-9f48-4493-bf73-2b923a742b9b
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H/1.1

200
OK

ibs:dpid=22052&dpuuid=3626501596554723350
dpm.demdex.net/ Frame 9421
Redirect Chain

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626501596554723350

42 B
945 B

79ms
79ms

Image
image/gif

54.68.131.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626501596554723350

Protocol

HTTP/1.1

Server

54.68.131.247 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-131-247.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v028-00c3d9e75.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 6qb8XTqbRvc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
location: https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626501596554723350
cache-control: private
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 185
expires: 0,Fri, 15 Apr 2022 08:00:15 GMT

GET
H/1.1 204
No Content match
ps.eyeota.net/ Frame 9421 0
83 B 96ms
23ms Image
text/plain 34.231.251.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=6j5b2cv&uid=38007560446675708700566816177458729442&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-251-31.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 12:00:15 GMT
Content-Length: 0

GET
H/1.1

200
OK

ibs:dpid=575&dpuuid=-5269870153460071266
dpm.demdex.net/ Frame 9421
Redirect Chain

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=38007560446675708700566816177458729442
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-5269870153460071266

42 B
945 B

78ms
77ms

Image
image/gif

54.68.131.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=575&dpuuid=-5269870153460071266

Protocol

HTTP/1.1

Server

54.68.131.247 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-131-247.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v028-066e56ee5.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: enAdQ2tGRDc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:14 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp7.us1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://dpm.demdex.net/ibs:dpid=575&dpuuid=-5269870153460071266
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H/1.1

200
OK

ibs:dpid=79908&dpuuid=c:40346a10a306d38de9ccdb1d292aef26
dpm.demdex.net/ Frame 9421
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=124&cm=38007560446675708700566816177458729442&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:40346a10a306d38de9ccdb1d292aef26

42 B
959 B

77ms
77ms

Image
image/gif

54.68.131.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:40346a10a306d38de9ccdb1d292aef26

Protocol

HTTP/1.1

Server

54.68.131.247 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-131-247.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v028-0b4a59d1a.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300
X-TID: NxO4hfZURjQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Thu, 14 Apr 2022 12:00:15 GMT
server: Aorta/20220310.de5380a
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:40346a10a306d38de9ccdb1d292aef26
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-21-203.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=69b13d99d45949f786ea8a6ca7d342af
dpm.demdex.net/ Frame 9421
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=38007560446675708700566816177458729442?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=38007560446675708700566816177458729442?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=69b13d99d45949f786ea8a6ca7d342af

42 B
945 B

78ms
78ms

Image
image/gif

54.68.131.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=69b13d99d45949f786ea8a6ca7d342af

Protocol

HTTP/1.1

Server

54.68.131.247 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-131-247.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v028-0391e9060.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: oosHbyevQ7A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=69b13d99d45949f786ea8a6ca7d342af
cache-control: no-cache
x-server: 10.40.1.184
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9421
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWxnTXpnQUFBTHBPQXdRTA==

170 B
502 B

85ms
37ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWxnTXpnQUFBTHBPQXdRTA==

Protocol

Server

142.250.80.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649937616.651900,VS0,VE0
x-served-by: cache-yul12831-YUL
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWxnTXpnQUFBTHBPQXdRTA==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 9421
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YlgMzgAAALpOAwQL&expires=90

42 B
755 B

97ms
25ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YlgMzgAAALpOAwQL&expires=90
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649937616.729363,VS0,VE0
x-served-by: cache-yul12831-YUL
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YlgMzgAAALpOAwQL&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9421
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlgMzgAAALpOAwQL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlgMzgAAALpOAwQL&C=1

43 B
1001 B

33ms
33ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlgMzgAAALpOAwQL&C=1
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 12:00:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 14 Apr 2022 12:00:15 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 12:00:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlgMzgAAALpOAwQL&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Thu, 14 Apr 2022 12:00:15 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 9421
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YlgMzgAAALpOAwQL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYlgMzgAAALpOAwQL

43 B
1 KB

31ms
30ms

Image
image/gif

68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYlgMzgAAALpOAwQL

Protocol

HTTP/1.1

Server

68.67.160.184 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 12:00:16 GMT
X-Proxy-Origin: 149.56.153.181; 149.56.153.181; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 98289a76-a0ce-44d1-ada9-3844a482373e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 12:00:15 GMT
X-Proxy-Origin: 149.56.153.181; 149.56.153.181; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: c4d20830-1907-4461-839d-c1b59d66468f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYlgMzgAAALpOAwQL
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 9421
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YlgMzgAAALpOAwQL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YlgMzgAAALpOAwQL

43 B
61 B

42ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YlgMzgAAALpOAwQL
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:16 GMT
via: 1.1 google
server: OXGW/18.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YlgMzgAAALpOAwQL
date: Thu, 14 Apr 2022 12:00:16 GMT
via: 1.1 google
server: OXGW/18.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9421
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlgMzgAAALpOAwQL

1 B
547 B

74ms
25ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlgMzgAAALpOAwQL
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:16 GMT
cache-control: no-store, no-cache, private
x-lat: va1pug003:0:1286
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649937616.133283,VS0,VE0
x-served-by: cache-yul12831-YUL
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlgMzgAAALpOAwQL
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 9421
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YlgMzgAAALpOAwQL&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YlgMzgAAALpOAwQL&img=1&__user_check__=1&sync_id=72ba8748-bbea-11ec-8a59-1ee132960203

43 B
548 B

33ms
33ms

Image
image/gif

192.35.249.127
SPOTX-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YlgMzgAAALpOAwQL&img=1&__user_check__=1&sync_id=72ba8748-bbea-11ec-8a59-1ee132960203
Protocol: HTTP/1.1
Server: 192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 12:00:16 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 65
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 14 Apr 2022 12:00:16 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YlgMzgAAALpOAwQL&img=1&__user_check__=1&sync_id=72ba8748-bbea-11ec-8a59-1ee132960203
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 256
Connection: keep-alive
Content-Length: 0

GET
H3

200

b.php
www.facebook.com/fr/ Frame 9421
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YlgMzgAAALpOAwQL&t=2592000&o=0

43 B
68 B

32ms
32ms

Image
image/gif

2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YlgMzgAAALpOAwQL&t=2592000&o=0

Protocol

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://concur.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 05:00:16 PDT
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: YWSmYmVn2ZyJNsd95mgG/T7V2TKc4eFYYMKzJZlWF4PfhQIPmv///9gp2mETHRhJeWSefaZlwQYjy7Ug6jQAnA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Thu, 14 Apr 2022 05:00:16 PDT

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:00:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649937616.335450,VS0,VE0
x-served-by: cache-yul12831-YUL
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YlgMzgAAALpOAwQL&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go.concur.com/	1969-12-31 23:59:59	Name: BIGipServerab13web-nginx-app_https Value: !ySvQw0sQH6y4OJraQbCLRqc3TBcuivZNytUOOFNJ69Tv3FGtuJf8ReS6NA1KnDLWM2gnJkUDO9XuBg==
go.concur.com/	1969-12-31 23:59:59	Name: qs_pid_last Value: email
go.concur.com/	1969-12-31 23:59:59	Name: qs_cid_last Value: CA_Insights_EE0422_E3
go.concur.com/	1970-01-20 11:04:33	Name: qs_pid Value: email
go.concur.com/	1970-01-20 11:04:33	Name: qs_cid Value: CA_Insights_EE0422_E3
go.concur.com/	1970-01-20 11:04:33	Name: concur_uuid Value: d4abc51a-9d1c-4f15-9fc1-ebc2a6ffb61f
.concur.com/	1970-01-20 19:50:09	Name: _mkto_trk Value: id:013-GAX-394&token:_mch-concur.com-1649937614059-90821
.concur.com/	1970-01-20 04:28:33	Name: OPTOUTMULTI Value: 0:0%7C1068:0%7C1191:0%7C2011:0%7C2044:0%7C2045:0%7C2063:0%7C3015:0%7C3095:0%7C4001:0%7C4023:0%7C4041:0%7C4049:0%7C4054:0%7C6026:0%7C6031:0%7C7117:0%7C7129:0%7C7132:0%7C12047:0%7C13032:0%7C13060:0%7C13090:0%7C14022:0%7C15032:0%7C17001:0%7C17009:0%7C18016:0%7C18048:0%7C19063:0%7C20010:0%7C20011:0%7C20054:0%7C20067:0%7C20078:0%7C20103:0%7C20110:0%7C20113:0%7C25016:0%7C25019:0%7C25023:0%7C25024:0
.concur.com/	1970-01-20 11:04:33	Name: utag_main Value: v_id:018027f20523001675c70c38001903073005d06b00b08$_sn:1$_ss:1$_pn:1%3Bexp-session$_st:1649939414115$ses_id:1649937614115%3Bexp-session$vapi_domain:concur.com
.concur.com/	1969-12-31 23:59:59	Name: notice_behavior Value: implied,us
.concur.com/	1970-01-20 04:28:33	Name: _fbp Value: fb.1.1649937614350.58441953
.concur.com/	1970-01-20 04:28:33	Name: _gcl_au Value: 1.1.343949491.1649937614
.facebook.com/	1970-01-20 04:28:33	Name: fr Value: 0ngGvIUMQ2rjVy9OY..BiWAzO...1.0.BiWAzO.
.rlcdn.com/	1970-01-20 11:04:33	Name: rlas3 Value: CqBvzjbjRu+FsZOOJNeii40YphgSwqxuJChAVDe1oUw=
.twitter.com/	1970-01-20 19:50:09	Name: personalization_id Value: "v1_uI7fglDAG7NVxDgOdzrhEA=="
.t.co/	1970-01-20 19:50:09	Name: muc_ads Value: 8b479b5b-64f3-4358-b130-8458d62e9fce
.demdex.net/	1970-01-20 06:38:09	Name: demdex Value: 38007560446675708700566816177458729442
.bidr.io/	1970-01-20 11:47:31	Name: bito Value: AABfdk7EsBoAADkXwKN0yQ
.bidr.io/	1970-01-20 11:47:31	Name: bitoIsSecure Value: ok
.concur.com/	1969-12-31 23:59:59	Name: AMCVS_3F8B2B31536CFF310A490D4C%40AdobeOrg Value: 1
.company-target.com/	1970-01-20 19:50:09	Name: tuuid_lu Value: 1649937614
.doubleclick.net/	1970-01-20 02:18:58	Name: test_cookie Value: CheckForPermission
.company-target.com/	1970-01-20 19:50:09	Name: tuuid Value: df103dbe-c56f-43f4-9431-939aaa4616d5
.everesttech.net/	1970-01-20 11:04:33	Name: everest_g_v2 Value: g_surferid~YlgMzgAAALpOAwQL
.dpm.demdex.net/	1970-01-20 06:38:09	Name: dpm Value: 38007560446675708700566816177458729442
.agkn.com/	1970-01-20 11:04:33	Name: ab Value: 0001%3AjXQgePvr0UfsVJH5z8wNN6a0SnRxr679
.rlcdn.com/	1970-01-20 03:45:21	Name: pxrc Value: CM6Z4JIGEgUI6AcQABIGCPHrARAAEgYIyt0qEAA=
.concur.com/	1970-01-20 03:02:09	Name: s_nr Value: 1649937614953
.concur.com/	1970-01-20 03:02:09	Name: s_vnum Value: 1652529614954%26vn%3D1
.concur.com/	1970-01-20 02:18:59	Name: s_invisit Value: true
.concur.com/	1970-01-21 04:35:45	Name: s_lv Value: 1649937614955
.concur.com/	1970-01-20 02:18:59	Name: s_lv_s Value: First%20Visit
.concur.com/	1970-01-20 02:18:59	Name: s_ppn Value: Employees_New_Era_Travel_Tools.html
.concur.com/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
.concur.com/	1969-12-31 23:59:59	Name: s_ppv Value: Employees_New_Era_Travel_Tools.html%2C54%2C54%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.concur.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.concur.com/	1970-01-20 19:51:36	Name: AMCV_3F8B2B31536CFF310A490D4C%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19097%7CMCMID%7C37982840580214853500564484911053750386%7CMCAAMLH-1650542414%7C9%7CMCAAMB-1650542414%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1649944814s%7CNONE%7CMCSYNCSOP%7C411-19104%7CMCAID%7CNONE%7CMCCIDH%7C-1831291794%7CvVersion%7C5.2.0
.33across.com/	1970-01-20 11:04:33	Name: 33x_ps Value: u%3D77972959147988%3As1%3D1649937615004%3Ats%3D1649937615004
.go.concur.com/	1970-01-20 03:02:09	Name: aam_uuid Value: 38007560446675708700566816177458729442
.concur.com/	1969-12-31 23:59:59	Name: s_ht Value: 1649937615060
.concur.com/	1969-12-31 23:59:59	Name: s_hc Value: 1%7C0%7C0%7C0%7C0
.adsrvr.org/	1970-01-20 11:04:33	Name: TDID Value: 5707c002-9f48-4493-bf73-2b923a742b9b
.adsrvr.org/	1970-01-20 11:04:33	Name: TDCPM Value: CAESEgoDYWFtEgsI-sO56IuGzzoQBRgFIAEoAjILCKjYvZKihs86EAU4AQ..
.ml314.com/	1970-01-20 11:04:33	Name: pi Value: 3626501596554723350
.crwdcntrl.net/	1970-01-20 08:47:45	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 08:47:45	Name: _cc_id Value: 69b13d99d45949f786ea8a6ca7d342af
.rubiconproject.com/	1970-01-20 11:04:33	Name: khaos Value: L1YY987E-25-9FOM
.rubiconproject.com/	1970-01-20 11:04:33	Name: audit Value: 1\|elN/eC0nPioxStKaxM/YIRB+EElZQS6CvWIjUJEMibYeECEUBMheijTvynjWGjH0Rb9+fzqirk0wHTRO1/p4iM1d+xr7gW6vRTjahTvbHTESibsu1h27HX5R6tM4Qf2ttK9+wB9mUPetAOTmjEas6/WQzJBJR0DUpRuCy0WrP/0=
.casalemedia.com/	1970-01-20 11:04:33	Name: CMID Value: YlgMzwm03qvWWcaL5Or5CgAA
.casalemedia.com/	1970-01-20 04:28:33	Name: CMPS Value: 463
.casalemedia.com/	1970-01-20 04:28:33	Name: CMPRO Value: 014
.casalemedia.com/	1970-01-20 02:20:24	Name: CMST Value: YlgMz2JYDM8A
.casalemedia.com/	1970-01-20 11:04:33	Name: CMRUM3 Value: 5862580ccf2760YlgMzgAAALpOAwQL
.adnxs.com/	1970-01-20 04:28:33	Name: uuid2 Value: 6629884944155990748
.adnxs.com/	1970-01-20 04:28:33	Name: anj Value: dTM7k!M4.FErk#WF']wIg2GTrt:@e$!]tbPl1MwL(!R7qUY$Zat4X`YWJW`NaTbCXXCrFV4G]P<QG=%9sk?bIRwi:w9Ld1_NgRz17Mco/y@Yw#u!#KRXUZ
.openx.net/	1970-01-20 11:04:33	Name: i Value: 83d0a4f6-03e3-4a5f-be28-428a64b60331\|1649937616
.pubmatic.com/	1970-01-20 04:28:33	Name: KRTBCOOKIE_218 Value: 4056-YlgMzgAAALpOAwQL&KRTB&22978-YlgMzgAAALpOAwQL&KRTB&23194-YlgMzgAAALpOAwQL&KRTB&23209-YlgMzgAAALpOAwQL
.pubmatic.com/	1970-01-20 03:02:09	Name: PugT Value: 1649937616
.pubmatic.com/	1970-01-20 04:28:33	Name: PUBMDCID Value: 2
.demdex.net/	1970-01-20 06:38:09	Name: dextp Value: 21-1-1649937614709\|60-1-1649937614811\|601-1-1649937614912\|903-1-1649937615013\|22052-1-1649937615114\|30064-1-1649937615215\|575-1-1649937615316\|79908-1-1649937615418\|121998-1-1649937615520\|144230-1-1649937615621\|144231-1-1649937615722\|144232-1-1649937615823\|144233-1-1649937615924\|144234-1-1649937616025\|144235-1-1649937616126\|144236-1-1649937616227\|144237-1-1649937616328
.spotxchange.com/	1970-01-20 11:04:37	Name: audience Value: 72ba86fb-bbea-11ec-8a59-1ee132960203

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

013-gax-394.mktoresp.com
aa.agkn.com
ajax.googleapis.com
analytics.twitter.com
aorta.clickagy.com
api.company-target.com
cdn.schemaapp.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
code.jquery.com
concur.demdex.net
concurtechnologies.sc.omtrdc.net
connect.facebook.net
consent.trustarc.com
consent.truste.com
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
fei.pro-market.net
go.concur.com
googleads.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
match.adsrvr.org
match.prod.bidr.io
ml314.com
munchkin.marketo.net
pixel.rubiconproject.com
ps.eyeota.net
scripts.demandbase.com
segments.company-target.com
static.ads-twitter.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
t.co
tags.tiqcdn.com
us-u.openx.net
www.facebook.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.244.42.197
104.244.42.67
142.250.65.162
142.250.80.66
146.75.36.157
151.101.130.49
184.85.204.146
184.85.206.51
192.28.144.124
192.35.249.127
2001:4de0:ac18::1:a:1a
23.198.216.246
23.52.162.21
2600:1901:0:8eee::
2600:9000:20e2:2e00:a:6e64:b280:93a1
2600:9000:20e2:5600:1a:609a:6780:93a1
2606:4700::6811:180e
2607:f8b0:4006:809::2004
2607:f8b0:4006:80c::2003
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::2008
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.33.220.150
34.111.234.236
34.231.251.31
35.190.60.146
35.244.159.8
50.16.69.23
52.206.5.208
52.6.248.150
54.192.192.30
54.212.155.93
54.236.195.76
54.237.219.153
54.68.131.247
67.202.105.23
68.67.160.184
8.28.7.83
8.43.72.97
99.84.111.79
99.84.221.5
99.86.231.106
99.86.231.20
05b1903ed47119e10e2bc928d336dbdbf7c26c864399de3cb2d790f35334db1b
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
143fb9e2f2e8500547daf5197cc38b2a694b66533ffa18e4785098928c4fbbe7
1a4ce2a1cc2b6969fb1a68b2bbb678a439d6fa0cc6696b6485e94b9e8838630c
1ab4e50d84b67ba2b3142ad1a4b789921557ab9f2cf0d6e73b00f3f0f3fac84c
1c6b9cd5f9d4e65f2cfae62421cd7f73a3f8ab7cf8605167b5651202ffc516ed
219c9f2d6a741aab05fd55b7df20c953090829a744b3f3f7d43f7723c3832312
2762776cd705b0c70bc0dc5dbb3cddcc4a8e4e861be3c793e5dd89f4647a0384
301531b3e516df724cf86367f8a8b7b2c5f46a7c7d63c337027dfd435dc061e8
3a2981c69e546f47a0447c9d7596ad5cd0e11c30ba3b5ab06e1a0d1d26f37344
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3f75417dc22ff2af906f5f4cdea6326e5f14f232688f51447968fd1ed4c29198
40ff921d7caec9008517dc2a473855a88f2956be984a6c7660bfdbc5e2a08f2d
432d1eca8be2058541908813bb88e55b1e1f8226b0a78a9517aea433572351e4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e75024ceaca9d9803f04c6dffc671c65ca219e47f46f22173bef148434369
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4c9a1a2fa888cd77229b55ff0ac8cb4ea23ae5056caf59598f38e1ddce9ede8d
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4de8ccf7f082848e3ea03bcd4e0aa0164c3370dcad3252fdae29d0f3a48aac5b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
55d7ebf8bb5bd39d76ddc3ad76f36da5cbf0ea58e179cf0652268323c3d6d5f9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57a06b52127575aec2d8ad6f284a7e34b07bddec53bd324949362881a38865d5
58b75949861a2a9b80f13f52a26e40709914a74ec0f3b04a423dfd6327d76525
5ad1dc8d54ec07683fff9d7bbf7bf737bd197970b3d344e625f324c134b9a733
615dab20d21c4d78bef0210bb703cdfdd2dc98f6e835170737ea290fecd0ab0f
64b8c57366eb8638e1d650ef3a7aecd24da68121a0b926f2719af2fce46fb35a
68bd809fd3182aeb3c9199bd80272758014a8f7719597fb76e49f3f6d97e040e
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cd4b1f898c92df75978720c2de67383af3658660b0ca430d576df5bc6375d22
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
802acb8b14714e8232dfff3a99fa3da2c2ff6de206cb41847fc535b8daa1a479
84fbbf760f74e186fc47f8a17a515ac241144fc9e1c1a0117716461b8a38e5c4
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8938b78472f057b2c28d361d5acd005a76e76585d14e4a4cb4dfdf7ce04d4020
937e1061478ea59562285591f919d3d53ceb7b8d60b2a90d35048ca3278b64ee
9589784f7a2904054e4ac5478dc0c936c0fee83781d4368dd6343249f6ecaf5d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
994d21b992bd25bfd66f236baec3ea6d9822bfe36c74f4659d412a4c449b21ff
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae20d6e414b6de1076b14a6d83351ab872cda843048f2d1fcaaf9646a8fc57e4
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b51048452bbd696474e815e601671ec74ae912877a73a31471dae96ce331e85e
b62c80a53749bed7d1e8d6a4798f744e4701e66c8383e301621ad8839b24b09c
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b94552fdddf133797c626b9c0248f50de46de94e18f97bf778f520555115995c
bda40bb6fa7915967c4e5c9c182d3ace0d1b57db5b1ee23acdd472bf4f072533
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
ce0596e346ac2a8fb60f8fb0d142e5ac3b12665de01f8c1a1e849baf6d2b89c3
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d45127d100ba6939210f1a0ddf0f928b0219bc78b9b50ba99f0b219bef08681e
d6150f05c2bb11ed1407025656376fba2060197de622f1ad610c22d796ff1ec3
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eaee828a463281059fe29b5134debf6ca1412b8c619c882b5b3b2864f15f79e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3df8ce3726310711527aa72ccef8d45c3602379ac61a20ceb91014e80855d96
f4d7e8250f8f124f8b7d087e5e260766a34b079fddc43e7b20d8c18ca1e92e51
f602063c03750eeb71f11319890d464bffcd0eaea6dcfe91dabd5676b8cfdb05
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
fbebb6cf700f029546cf5374f54ba27ae03cdf0edddd8fd13728a1a15bf0374b

go.concur.com Open in urlscan Pro 184.85.204.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

90 Requests

78 %HTTPS

27 %IPv6

41 Domains

46 Subdomains

34 IPs

2 Countries

1299 kBTransfer

2852 kBSize

61 Cookies

4 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.concur.com Open in urlscan Pro
184.85.204.146 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

78 %
HTTPS

27 %
IPv6

41
Domains

46
Subdomains

34
IPs

2
Countries

1299 kB
Transfer

2852 kB
Size

61
Cookies

90 HTTP transactions
0 data transactions