URL: https://exlec.com/teams/logs/
Submission: On October 25 via manual from AU — Scanned from AU

Summary

This website contacted 25 IPs in 2 countries across 24 domains to perform 55 HTTP transactions. The main IP is 198.252.104.144, located in United States and belongs to HAWKHOST, CA. The main domain is exlec.com.
TLS certificate: Issued by R3 on September 28th 2022. Valid for: 3 months.
This is the only time exlec.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

Apex Domain
Subdomains
Transfer
10 joinhandshake.com
handshake-production-cdn.joinhandshake.com — Cisco Umbrella Rank: 34728
9 MB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
4 segment.io
api.segment.io — Cisco Umbrella Rank: 1020
673 B
3 outbrain.com
amplify.outbrain.com
tr.outbrain.com
4 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
219 KB
2 cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net
2 tiktok.com
analytics.tiktok.com
68 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
111 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
4 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
510 B
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 778
35 B
2 exlec.com
exlec.com
5 KB
1 facebook.com
www.facebook.com
185 B
1 google.com.au
www.google.com.au
501 B
1 google.com
www.google.com
501 B
1 company-target.com
segments.company-target.com Failed
api.company-target.com
952 B
1 googleadservices.com
www.googleadservices.com
15 KB
1 demandbase.com
tag.demandbase.com — Cisco Umbrella Rank: 4793
20 KB
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 2566
6 KB
1 extreme-ip-lookup.com
extreme-ip-lookup.com — Cisco Umbrella Rank: 19060
723 B
1 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1442
56 KB
1 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1196
1 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1404
417 B
0 adsymptotic.com Failed
p.adsymptotic.com Failed
55 24
Domain Requested by
10 handshake-production-cdn.joinhandshake.com exlec.com
handshake-production-cdn.joinhandshake.com
6 www.google-analytics.com handshake-production-cdn.joinhandshake.com
www.google-analytics.com
www.googletagmanager.com
exlec.com
4 api.segment.io cdn.segment.com
3 www.googletagmanager.com cdn.segment.com
www.googletagmanager.com
2 tr.outbrain.com amplify.outbrain.com
exlec.com
2 us-central1-adaptive-growth.cloudfunctions.net handshake-production-cdn.joinhandshake.com
2 analytics.tiktok.com exlec.com
analytics.tiktok.com
2 connect.facebook.net exlec.com
connect.facebook.net
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 stats.g.doubleclick.net www.google-analytics.com
2 sessions.bugsnag.com handshake-production-cdn.joinhandshake.com
2 exlec.com handshake-production-cdn.joinhandshake.com
1 www.facebook.com exlec.com
1 www.google.com.au exlec.com
1 www.google.com exlec.com
1 api.company-target.com tag.demandbase.com
1 www.googleadservices.com www.googletagmanager.com
1 tag.demandbase.com exlec.com
1 cdn.pdst.fm exlec.com
1 extreme-ip-lookup.com www.googletagmanager.com
1 amplify.outbrain.com exlec.com
1 cdn.segment.com handshake-production-cdn.joinhandshake.com
1 aadcdn.msftauth.net exlec.com
1 polyfill.io exlec.com
0 p.adsymptotic.com Failed exlec.com
0 segments.company-target.com Failed exlec.com
55 26

This site contains no links.

Subject Issuer Validity Valid
*.exlec.com
R3
2022-09-28 -
2022-12-27
3 months crt.sh
handshake-production-cdn.joinhandshake.com
GTS CA 1D4
2022-09-30 -
2022-12-29
3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-03-08 -
2023-04-09
a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA
2022-04-01 -
2023-04-01
a year crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA
2022-04-26 -
2023-04-26
a year crt.sh
*.segment.com
Amazon
2022-01-12 -
2023-02-10
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.segment.io
Amazon
2022-02-10 -
2023-03-11
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-08-03 -
2022-11-01
3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-03 -
2023-04-04
a year crt.sh
t1.extreme-dm.com
R3
2022-08-14 -
2022-11-12
3 months crt.sh
cdn.pdst.fm
GTS CA 1D4
2022-10-05 -
2023-01-03
3 months crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-13 -
2023-01-13
a year crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2
2022-08-17 -
2023-09-18
a year crt.sh
misc.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2
2022-09-16 -
2023-10-18
a year crt.sh
www.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.google.com.au
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://exlec.com/teams/logs/
Frame ID: 0CD02CC2F2CAEFCFAD2279F3CE43BA05
Requests: 53 HTTP requests in this frame

Screenshot

Page Title

Sign in

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

55
Requests

93 %
HTTPS

0 %
IPv6

24
Domains

26
Subdomains

25
IPs

2
Countries

9880 kB
Transfer

4753 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AAxlOU7GrpAAACGOdC0HQQ
Request Chain 42
  • https://id.rlcdn.com/464526.gif HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCOyP3ZoGEgUI6AcQAEIASgA HTTP 307
  • https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297aSZiK8Bzv-vC7K-wX-7tYYrdP34sroKc0pVwMhb1KMc
Request Chain 46
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1330564&time=1666664428126&url=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1330564&time=1666664428126&url=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1330564%26time%3D1666664428126%26url%3Dhttps%253A%252F%252Fexlec.com%252Fteams%252Flogs%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1330564&time=1666664428126&url=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&cookiesTest=true&liSync=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41e4cec8-2bc4-4b2f-bde1-68da86938f58

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
exlec.com/teams/logs/
11 KB
4 KB
Document
General
Full URL
https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.104.144 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.104.144-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/7.4.32
Resource Hash
ba274704a49e3798c8534fcb44f78871c5e5660ce2653767233930dd3def3540

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 02:20:22 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.32
application-016e212c8ea7ce4c0ffbf47a534fa99dc96443ff7c6ff9ea206ff7dc8c52a7e0.css
handshake-production-cdn.joinhandshake.com/assets/
572 KB
572 KB
Stylesheet
General
Full URL
https://handshake-production-cdn.joinhandshake.com/assets/application-016e212c8ea7ce4c0ffbf47a534fa99dc96443ff7c6ff9ea206ff7dc8c52a7e0.css
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
47bcc16c316c698b60302a65557a931be680b895d98415057c5cb873f53788d2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 11:03:44 GMT
x-goog-meta-goog-reserved-file-mtime
1658852333
age
54998
x-guploader-uploadid
ADPycdtA2QfqCQlFTTpAPvNWO0zzxGUUcIpC5m7ZG6QVXlAEhMICqxY1_faxz_IfNN5pRBCHGX4p5llfVVwmMtS1Viyd-QKYGqz-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
585282
last-modified
Tue, 26 Jul 2022 16:34:52 GMT
server
UploadServer
etag
"a2be3153ad75a423b6b628caf57eb933"
x-goog-generation
1658853291896076
x-goog-hash
crc32c=pDfs9g==, md5=or4xU611pCO2tijK9X65Mw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600,s-maxage=3600
x-goog-stored-content-length
585282
accept-ranges
bytes
content-type
text/css
18cce89b3dc1d5f99696.chunk.css
handshake-production-cdn.joinhandshake.com/dist/
2 MB
2 MB
Stylesheet
General
Full URL
https://handshake-production-cdn.joinhandshake.com/dist/18cce89b3dc1d5f99696.chunk.css
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
028e61342f23d8785109e734a407fa9f2e1611d3142a54b02cabafd871296e5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 11:03:44 GMT
x-goog-meta-goog-reserved-file-mtime
1657559062
age
54998
x-guploader-uploadid
ADPycdslFEYNDDLy8jKmOS_HcJcVrksWnCMiEZFso8vjAPY2YrdTsiZE4vqRnixWRATSILWn1D0qX5SZPHdN1FxFKCv5qGOlcneM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1744689
last-modified
Mon, 11 Jul 2022 17:27:36 GMT
server
UploadServer
etag
"fa3f492e43e3202afac6b93eb5b39e88"
x-goog-generation
1657560456048842
x-goog-hash
crc32c=p8k8lw==, md5=+j9JLkPjICr6xrk+tbOeiA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600,s-maxage=3600
x-goog-stored-content-length
1744689
accept-ranges
bytes
content-type
text/css
polyfill.min.js
polyfill.io/v3/
101 B
417 B
Script
General
Full URL
https://polyfill.io/v3/polyfill.min.js?features=es2015%2Ces2016%2Ces2017%2Ces2018%2Ces2019%2CURL%2CURLSearchParams
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 02:20:22 GMT
content-encoding
br
last-modified
Wed, 19 Oct 2022 13:32:57 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/106.0.0
server-timing
cache-mel11266, PASS, fastly;desc="Edge time";dur=10
accept-ranges
bytes
content-length
94
application_limited-23aaab36deb7367c89759868537508ae44a294e047004d0c9cdb8f7f8f9b6b05.js
handshake-production-cdn.joinhandshake.com/assets/manifests/
556 KB
556 KB
Script
General
Full URL
https://handshake-production-cdn.joinhandshake.com/assets/manifests/application_limited-23aaab36deb7367c89759868537508ae44a294e047004d0c9cdb8f7f8f9b6b05.js
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
89cb0bca591268620d211f9755885ca99935d83358986e11dbc1f2677bddc040

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 11:03:44 GMT
x-goog-meta-goog-reserved-file-mtime
1657568587
age
54998
x-guploader-uploadid
ADPycdssMf1cb_XZhTq-0qgMQlzmgxgiqDyt32jT54v_nmvPXnC2XTDLjcG6047s3cixoN4NuUstYqNLtStNOTUlb-9tp70vSs2L
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
569223
last-modified
Mon, 11 Jul 2022 20:03:42 GMT
server
UploadServer
etag
"d471909be1e59ae084290ecc4b11d570"
x-goog-generation
1657569822507095
x-goog-hash
crc32c=Rm8wZg==, md5=1HGQm+HlmuCEKQ7MSxHVcA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600,s-maxage=3600
x-goog-stored-content-length
569223
accept-ranges
bytes
content-type
application/javascript
microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png
aadcdn.msftauth.net/shared/1.0/content/images/
1 KB
1 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.242 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mbw/47CE) /
Resource Hash
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 25 Oct 2022 02:20:23 GMT
content-md5
7ZyesNzhfXUr7eprWs2m2Q==
age
27499786
x-cache
HIT
content-length
1057
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (mbw/47CE)
etag
0x8D79A1B9F708D24
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
4d85f0fa-501e-0003-80fc-ed2de5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
sessions.bugsnag.com/
0
0
Preflight
General
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://exlec.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 25 Oct 2022 02:20:23 GMT
via
1.1 google
analytics.min.js
cdn.segment.com/analytics.js/v1/pnQHEivdIUFd9xRvgislwwVfPIFaAskT/
358 KB
56 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/pnQHEivdIUFd9xRvgislwwVfPIFaAskT/analytics.min.js
Requested by
Host: handshake-production-cdn.joinhandshake.com
URL: https://handshake-production-cdn.joinhandshake.com/assets/manifests/application_limited-23aaab36deb7367c89759868537508ae44a294e047004d0c9cdb8f7f8f9b6b05.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.44.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-44-219.cpt52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
898d455067378e41a9d31bc6dd809afca6ff4defc671e06d82aff31740db52f8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
DST.V2IGmwtP3mTQRf7jRFwGynD_aRow
content-encoding
br
via
1.1 5c44cb015c3431d8f9e08b0a464578ee.cloudfront.net (CloudFront)
date
Tue, 25 Oct 2022 02:20:26 GMT
x-amz-cf-pop
CPT52-C1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 15 Jun 2022 20:29:35 GMT
server
AmazonS3
etag
W/"67f898a4269643e4dca88c561facf390"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
pGX26bVfcdmTz0Au34h7_qahablbARJKDpPgw30ID1tXvF995JWFzw==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: handshake-production-cdn.joinhandshake.com
URL: https://handshake-production-cdn.joinhandshake.com/assets/manifests/application_limited-23aaab36deb7367c89759868537508ae44a294e047004d0c9cdb8f7f8f9b6b05.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 00:21:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
7127
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 25 Oct 2022 02:21:37 GMT
/
sessions.bugsnag.com/
21 B
35 B
XHR
General
Full URL
https://sessions.bugsnag.com/
Requested by
Host: handshake-production-cdn.joinhandshake.com
URL: https://handshake-production-cdn.joinhandshake.com/assets/manifests/application_limited-23aaab36deb7367c89759868537508ae44a294e047004d0c9cdb8f7f8f9b6b05.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://exlec.com/
Bugsnag-Sent-At
2022-10-25T02:20:23.653Z
accept-language
en-AU,en;q=0.9
Bugsnag-Api-Key
f1dfe922d5f1f32f82bde65c4e382436
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 25 Oct 2022 02:20:24 GMT
via
1.1 google
bugsnag-session-uuid
a2c2fad7-6ebe-420e-b651-e9127503cf4a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
application-479b440e969ce5d39ec3531e366c8ded93c630624895137e17149d37e238d731.js
handshake-production-cdn.joinhandshake.com/assets/manifests/
0
1 MB
Other
General
Full URL
https://handshake-production-cdn.joinhandshake.com/assets/manifests/application-479b440e969ce5d39ec3531e366c8ded93c630624895137e17149d37e238d731.js
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 00:50:49 GMT
x-goog-meta-goog-reserved-file-mtime
1657568587
age
5374
x-guploader-uploadid
ADPycdvILFvYB1la6quhtE9aqsjE3WfNOAVkwmiXtUf-0bAWouQcAeafm6Bo0UDr7opqGRDVfa9rzh1glU53WWYBY31r
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1437043
last-modified
Mon, 11 Jul 2022 20:03:42 GMT
server
UploadServer
etag
"c54d318d7c0e1f694a15c9abacead8a7"
x-goog-generation
1657569822479376
x-goog-hash
crc32c=5pW3yQ==, md5=xU0xjXwOH2lKFcmrrOrYpw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600,s-maxage=3600
x-goog-stored-content-length
1437043
accept-ranges
bytes
content-type
application/javascript
frameworks-ffad89b451548d544f87d9504132bfef0279c3a5443127504a87558f32531736.js
handshake-production-cdn.joinhandshake.com/assets/manifests/
0
2 MB
Other
General
Full URL
https://handshake-production-cdn.joinhandshake.com/assets/manifests/frameworks-ffad89b451548d544f87d9504132bfef0279c3a5443127504a87558f32531736.js
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 00:50:49 GMT
x-goog-meta-goog-reserved-file-mtime
1666289960
age
5374
x-guploader-uploadid
ADPycdvkuWN3yXwhrGyCb0bd-bhyXN0y7Kxijq4plGPdVbn3xYFFZ9td2wK_nDLCoFGtWkOTM4iYZ1eby3TDBKECxx41NKarHwa-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1773427
last-modified
Thu, 20 Oct 2022 18:56:53 GMT
server
UploadServer
etag
"68d55d809b78f741cdd2d22d0cf6c7c3"
x-goog-generation
1666292213585947
x-goog-hash
crc32c=7oo4Tg==, md5=aNVdgJt490HN0tItDPbHww==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600,s-maxage=3600
x-goog-stored-content-length
1773427
accept-ranges
bytes
content-type
application/javascript
566715fd189d97b07386.bundle.es2015.js
handshake-production-cdn.joinhandshake.com/dist/
0
345 KB
Other
General
Full URL
https://handshake-production-cdn.joinhandshake.com/dist/566715fd189d97b07386.bundle.es2015.js
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 00:50:49 GMT
x-goog-meta-goog-reserved-file-mtime
1657559062
age
5374
x-guploader-uploadid
ADPycdvJwqQNxKHylkxtg-cPBQ4Bsl9l42XbEvkQd53oGtSZgmPZEOtGfx-Qg_wfHczpkeuP1EuLCcJCD6hAhKyOJP5q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
352832
last-modified
Mon, 11 Jul 2022 17:27:40 GMT
server
UploadServer
etag
"0d42cc490f3a797b865c04c9ad941b15"
x-goog-generation
1657560460393407
x-goog-hash
crc32c=dIyDmQ==, md5=DULMSQ86eXuGXATJrZQbFQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600,s-maxage=3600
x-goog-stored-content-length
352832
accept-ranges
bytes
content-type
application/javascript
53c4b16e36eabe1eccd0.bundle.es2015.js
handshake-production-cdn.joinhandshake.com/dist/
0
3 MB
Other
General
Full URL
https://handshake-production-cdn.joinhandshake.com/dist/53c4b16e36eabe1eccd0.bundle.es2015.js
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 00:50:49 GMT
x-goog-meta-goog-reserved-file-mtime
1656700346
age
5374
x-guploader-uploadid
ADPycdtdkWKSy58oGe86zLFiqcCzswtod5oBsNIt9_dYziX6PW3rNPdBpFDVq6_Qb85Xwh4F37kzjAf5tEw627OL15hb
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3045829
last-modified
Fri, 01 Jul 2022 18:55:27 GMT
server
UploadServer
etag
"f962ff9c8afb4288149f923cdb60d130"
x-goog-generation
1656701726999493
x-goog-hash
crc32c=PaqpYQ==, md5=+WL/nIr7QogUn5I822DRMA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600,s-maxage=3600
x-goog-stored-content-length
3045829
accept-ranges
bytes
content-type
application/javascript
suisse-intl-regular-web-s-16e3e6bf4b3c5534f419f3fd73b3d5a4fb4761e077ba1e7586bc236137d907d1.woff2
handshake-production-cdn.joinhandshake.com/assets/
17 KB
17 KB
Font
General
Full URL
https://handshake-production-cdn.joinhandshake.com/assets/suisse-intl-regular-web-s-16e3e6bf4b3c5534f419f3fd73b3d5a4fb4761e077ba1e7586bc236137d907d1.woff2
Requested by
Host: handshake-production-cdn.joinhandshake.com
URL: https://handshake-production-cdn.joinhandshake.com/assets/application-016e212c8ea7ce4c0ffbf47a534fa99dc96443ff7c6ff9ea206ff7dc8c52a7e0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bfa8da72e8d895c5fbe216a4182390481510ef1a15e2e5e0099931882918b9f5

Request headers

Referer
https://handshake-production-cdn.joinhandshake.com/assets/application-016e212c8ea7ce4c0ffbf47a534fa99dc96443ff7c6ff9ea206ff7dc8c52a7e0.css
Origin
https://exlec.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:49:31 GMT
x-goog-meta-goog-reserved-file-mtime
1666394306
age
63052
x-guploader-uploadid
ADPycdtEBettgiNN9EtAvMxnnVUOXngA9H3DQoZibtmKmLQqgIB1C2v29HCTe8oDJKwF5_BSfj2kNQdMCbaK1kwDqE9OZugmG5KO
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17228
last-modified
Fri, 21 Oct 2022 23:46:48 GMT
server
UploadServer
etag
"5ff578be98a31a99629e8169b3c904de"
x-goog-generation
1666396008888280
x-goog-hash
crc32c=Iay+rw==, md5=X/V4vpijGplinoFps8kE3g==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600,s-maxage=3600
x-goog-stored-content-length
17228
accept-ranges
bytes
content-type
font/woff2
suisse-intl-bold-web-s-0d17fbdfb3f4556ed15e3e9bfa9c1664decabc8ffc5ed94eba88282140efd604.woff2
handshake-production-cdn.joinhandshake.com/assets/
17 KB
18 KB
Font
General
Full URL
https://handshake-production-cdn.joinhandshake.com/assets/suisse-intl-bold-web-s-0d17fbdfb3f4556ed15e3e9bfa9c1664decabc8ffc5ed94eba88282140efd604.woff2
Requested by
Host: handshake-production-cdn.joinhandshake.com
URL: https://handshake-production-cdn.joinhandshake.com/assets/application-016e212c8ea7ce4c0ffbf47a534fa99dc96443ff7c6ff9ea206ff7dc8c52a7e0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
dbdfd67cbff37388edec11154461ee56acdba6bb123d5fb9ee62bcb0e812b7d3

Request headers

Referer
https://handshake-production-cdn.joinhandshake.com/assets/application-016e212c8ea7ce4c0ffbf47a534fa99dc96443ff7c6ff9ea206ff7dc8c52a7e0.css
Origin
https://exlec.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:49:31 GMT
x-goog-meta-goog-reserved-file-mtime
1666394306
age
63052
x-guploader-uploadid
ADPycduWXjJeU4KbnMpRanbUn6T4WOdKRs0iWDHOMYrE3mPnIb3UNGwGXKbBdrcdIH6zvz-49RDoDWgEv1k2XmwgdGruqcBGG7or
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17852
last-modified
Fri, 21 Oct 2022 23:46:48 GMT
server
UploadServer
etag
"14b102a6d21cfc5d3b9634c173ff2b13"
x-goog-generation
1666396008811674
x-goog-hash
crc32c=+/yHtg==, md5=FLECptIc/F07ljTBc/8rEw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600,s-maxage=3600
x-goog-stored-content-length
17852
accept-ranges
bytes
content-type
font/woff2
suisse-intl-medium-web-s-f0999005738574a32c42beb8cbcbd65943e4cc31b16cd65b2ec7071d61bac930.woff2
handshake-production-cdn.joinhandshake.com/assets/
17 KB
18 KB
Font
General
Full URL
https://handshake-production-cdn.joinhandshake.com/assets/suisse-intl-medium-web-s-f0999005738574a32c42beb8cbcbd65943e4cc31b16cd65b2ec7071d61bac930.woff2
Requested by
Host: handshake-production-cdn.joinhandshake.com
URL: https://handshake-production-cdn.joinhandshake.com/assets/application-016e212c8ea7ce4c0ffbf47a534fa99dc96443ff7c6ff9ea206ff7dc8c52a7e0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
01f9af31241983b9313916763efd351ec8e6cfe0097d93cc45d718ccc32286fb

Request headers

Referer
https://handshake-production-cdn.joinhandshake.com/assets/application-016e212c8ea7ce4c0ffbf47a534fa99dc96443ff7c6ff9ea206ff7dc8c52a7e0.css
Origin
https://exlec.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 08:49:31 GMT
x-goog-meta-goog-reserved-file-mtime
1666394306
age
63052
x-guploader-uploadid
ADPycdsMTt8av0-Zwrgkkt9ZFDXuPTMFg660yY_OJVpHaC0Dcn0OeBzJo6VwpTM5jn4a6YNtgflcQrtfGvDXH7K_2I131O-sIlLz
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17788
last-modified
Fri, 21 Oct 2022 23:46:48 GMT
server
UploadServer
etag
"ca8c90bfd9bf7d0f5878b48154778ba2"
x-goog-generation
1666396008854537
x-goog-hash
crc32c=tFXWBw==, md5=yoyQv9m/fQ9YeLSBVHeLog==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600,s-maxage=3600
x-goog-stored-content-length
17788
accept-ranges
bytes
content-type
font/woff2
collect
www.google-analytics.com/j/
4 B
204 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=497896001&t=pageview&_s=1&dl=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&ul=en-us&de=UTF-8&dt=Sign%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1577657771&gjid=1149059855&cid=656187691.1666664424&tid=UA-58165706-2&_gid=438553447.1666664424&_r=1&_slc=1&cd3=production&z=1436951249
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://exlec.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 02:20:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://exlec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
434 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-58165706-2&cid=656187691.1666664424&jid=1577657771&gjid=1149059855&_gid=438553447.1666664424&_u=YEBAAEAAAAAAACAAI~&z=2136224201
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://exlec.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 25 Oct 2022 02:20:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://exlec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
api.segment.io/v1/
21 B
168 B
XHR
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pnQHEivdIUFd9xRvgislwwVfPIFaAskT/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.88.131 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-88-131.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://exlec.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://exlec.com
date
Tue, 25 Oct 2022 02:20:27 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/
21 B
168 B
XHR
General
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pnQHEivdIUFd9xRvgislwwVfPIFaAskT/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.88.131 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-88-131.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://exlec.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://exlec.com
date
Tue, 25 Oct 2022 02:20:27 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
p
api.segment.io/v1/
21 B
168 B
XHR
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pnQHEivdIUFd9xRvgislwwVfPIFaAskT/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.88.131 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-88-131.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://exlec.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://exlec.com
date
Tue, 25 Oct 2022 02:20:27 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/
21 B
169 B
XHR
General
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pnQHEivdIUFd9xRvgislwwVfPIFaAskT/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.88.131 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-88-131.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://exlec.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://exlec.com
date
Tue, 25 Oct 2022 02:20:27 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
gtm.js
www.googletagmanager.com/
323 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TX6VSHG&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pnQHEivdIUFd9xRvgislwwVfPIFaAskT/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
44021f8b62e841f256de85b089e50531ece5f5d0f48ed0439558006cc96e5ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 02:20:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98616
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Oct 2022 02:20:26 GMT
js
www.googletagmanager.com/gtag/
214 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4M16ZMP2G5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6VSHG&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
58eb078138465791e2469afb08a61f43915ba7348a3e8096ffb2142f3305b768
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 02:20:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76696
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 25 Oct 2022 02:20:27 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
996 B
689 B
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6VSHG&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.116.81 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-116-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
156544cd13b925123ef0a1b00a86d757161c0352c181070c26ffd2988316db74

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
752
date
Tue, 25 Oct 2022 02:20:27 GMT
content-encoding
gzip
last-modified
Mon, 24 Oct 2022 21:01:38 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=67424
accept-ranges
bytes
content-length
470
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=497896001&t=pageview&_s=1&dl=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&ul=en-us&de=UTF-8&dt=Sign%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAACAAI~&jid=1135348734&gjid=1125331336&cid=656187691.1666664424&tid=UA-58165706-1&_gid=438553447.1666664424&_r=1&gtm=2wgaj0TX6VSHG&z=1731278014
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://exlec.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 02:20:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://exlec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
118 KB
47 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-743986196
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6VSHG&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8419704ac95ce8968ecd2c438dec904810f9864de0898656a8f45c446c7e1f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 02:20:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47835
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Oct 2022 02:20:27 GMT
fbevents.js
connect.facebook.net/en_US/
102 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 25 Oct 2022 02:20:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27027
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
eltU+rPeFjksqedOTVCEXbViIF5AF9fL1D4zz/mldySBgE0hupeYEl0xEcsQoy32w1J/MhRaHL5kucalIOrodA==
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/
8 KB
4 KB
Script
General
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.229.95 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8f0234cadec8f9755a2b8aa9a745c354a5fbbff63a241a774c156cf93d375413

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 02:20:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 09 Oct 2022 07:50:08 GMT
Server
AkamaiNetStorage
ETag
"0d5508c59e34b5d35cde5aea2aa1c2fd:1665301953.026714"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3471
Expires
Tue, 25 Oct 2022 02:40:28 GMT
/
extreme-ip-lookup.com/json/
575 B
723 B
Script
General
Full URL
https://extreme-ip-lookup.com/json/?callback=getIP&key=LNAdIvLithtC3U7Pe4fR
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6VSHG&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.107.159.62 , Singapore, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx /
Resource Hash
c08612ebc30172aca39a390dfec4092f69c4a2aaff4ddd86f949739a76cff62a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 25 Oct 2022 02:20:27 GMT
cache-control
max-age=3600
server
nginx
access-control-allow-headers
*
content-length
575
content-type
text/javascript; charset=utf-8;
ping.min.js
cdn.pdst.fm/
26 KB
6 KB
Script
General
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 02:10:19 GMT
content-encoding
gzip
age
608
x-guploader-uploadid
ADPycduFpOr5XtHDssZnQuaM0Wcu3CKv3BFkL59wNmKqApCDwElAaX7WdpyIqyx3-kBWKgd5H22rl9l92xXoi3A02OkDfw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5774
last-modified
Fri, 28 May 2021 20:34:03 GMT
server
UploadServer
etag
"d001d1c9f5a942fa5524eeacb047e819"
vary
Accept-Encoding
x-goog-generation
1622234043862937
x-goog-hash
crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5774
accept-ranges
bytes
content-type
application/javascript;
expires
Tue, 25 Oct 2022 03:10:19 GMT
events.js
analytics.tiktok.com/i18n/pixel/
124 KB
37 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBMJC5RC77U606K821BG&lib=ttq
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.40.74 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
cc4dce71c55fb8e3c2296f0b7f7eefb366f9e0d874918e703b51fc9663f95ff9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id
34a02543.314808d2
date
Tue, 25 Oct 2022 02:20:28 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-52-40-70.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time
301,23.52.40.70
server-timing
cdn-cache; desc=MISS, edge; dur=258, origin; dur=44, inner; dur=4
content-length
37308
pragma
no-cache
server
nginx
x-tt-logid
20221025022028A81917DB84343F1C90F8
x-cache-remote
TCP_MISS from a23-32-17-153.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
44,23.32.17.153
x-tt-trace-host
015760794e2eb22213c7a482cb881690bcf3d66436a4bd2b7d76110093589c681bbfcdfb7431073fe2aa7bfa9e6e71dea38c8b9931a5984dd01b6849a7f25f875275c4e01addf3d460c5355876430c839e9c1e8ba5997efd26839a51527f78da9e
expires
Tue, 25 Oct 2022 02:20:28 GMT
anonymous_id
exlec.com/sessions/
708 B
822 B
XHR
General
Full URL
https://exlec.com/sessions/anonymous_id
Requested by
Host: handshake-production-cdn.joinhandshake.com
URL: https://handshake-production-cdn.joinhandshake.com/assets/manifests/application_limited-23aaab36deb7367c89759868537508ae44a294e047004d0c9cdb8f7f8f9b6b05.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.104.144 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.104.144-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

Accept
*/*
Referer
https://exlec.com/teams/logs/
X-Requested-With
XMLHttpRequest
X-CSRF-Token
wC1QTG3NkzAe5O2jME7jK0mMbHKIOe5kGItf/NALiTTv7bPTJY+ZY202H0YCvY2pxClH3yBYeoWFB40yKdNfpg==
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 02:20:27 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
server
LiteSpeed
content-length
708
content-type
text/html
ae38a8d18ce3fbd6.min.js
tag.demandbase.com/
77 KB
20 KB
Script
General
Full URL
https://tag.demandbase.com/ae38a8d18ce3fbd6.min.js
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-128.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e2b4dc77092b79976e923ff6ad8180b5c315bab3aae682425c604c729b486ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
YZRAZNMG8piNwqzip5iQVu6mF_puXupi
content-encoding
gzip
via
1.1 91085d9a0810fca6dacd51dae7dd6a32.cloudfront.net (CloudFront)
date
Tue, 25 Oct 2022 02:01:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
SIN5-C1
age
1152
x-cache
Hit from cloudfront
last-modified
Tue, 11 Oct 2022 20:14:01 GMT
server
AmazonS3
etag
W/"f01043dac752a8c1d7a964f524c81ef0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id
xM6D8D_JCymHw-dFuy5XdPq1YTabZsgEgXOsKy7eQqKa5pNYQyajrA==
collect
stats.g.doubleclick.net/j/
8 B
76 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-58165706-1&cid=656187691.1666664424&jid=1135348734&gjid=1125331336&_gid=438553447.1666664424&_u=aGDACEABBAAAACAAI~&z=1932370662
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://exlec.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 25 Oct 2022 02:20:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://exlec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/
0
0
Fetch
General
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by
Host: handshake-production-cdn.joinhandshake.com
URL: https://handshake-production-cdn.joinhandshake.com/assets/manifests/application_limited-23aaab36deb7367c89759868537508ae44a294e047004d0c9cdb8f7f8f9b6b05.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.54 -, , ASN (),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
application/json
Referer
https://exlec.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Oct 2022 02:20:28 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
561a589381722419140767a6e257ab9c
function-execution-id
gu58retysesh
access-control-allow-headers
Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/
0
0
Preflight
General
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.54 -, , ASN (),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://exlec.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
22
content-type
text/html; charset=utf-8
date
Tue, 25 Oct 2022 02:20:28 GMT
etag
W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id
yxu2idmjl8ew
server
Google Frontend
x-cloud-trace-context
775a508d69a9d2a0c1d6ad0374a588da
x-powered-by
Express
insight.old.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.116.81 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-116-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 02:20:28 GMT
content-encoding
gzip
last-modified
Mon, 24 Oct 2022 21:02:26 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=67399
accept-ranges
bytes
content-length
3063
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-4M16ZMP2G5&gtm=2oeaj0&_p=497896001&cid=656187691.1666664424&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666664427&sct=1&seg=0&dl=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&dt=Sign%20in&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4M16ZMP2G5&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 02:20:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://exlec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/
41 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-743986196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
6eb1a85c484ea6b5692b2846247099262ca28243d78e5ee99077f3f7a0ecc77a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 02:20:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15180
x-xss-protection
0
server
cafe
etag
6306170824501671363
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 25 Oct 2022 02:20:28 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=497896001&t=event&ni=1&_s=1&dl=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&ul=en-us&de=UTF-8&dt=Sign%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Website&ea=ISP%20Found&el=Strong%20Technology%2C%20LLC%20%7C%20&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=656187691.1666664424&tid=UA-58165706-1&_gid=438553447.1666664424&cd5=Strong%20Technology%2C%20LLC&cd6=&gtm=2wgaj0TX6VSHG&z=702989196
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 15:48:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37941
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
log
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
  • https://segments.company-target.com/log?vendor=choca&user_id=AAxlOU7GrpAAACGOdC0HQQ
0
0

log
segments.company-target.com/
Redirect Chain
  • https://id.rlcdn.com/464526.gif
  • https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCOyP3ZoGEgUI6AcQAEIASgA
  • https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297aSZiK8Bzv-vC7K-wX-7tYYrdP34sroKc0pVwMhb1KMc
0
0

ip.json
api.company-target.com/api/v2/
467 B
952 B
XHR
General
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&page_title=Sign%20in
Requested by
Host: tag.demandbase.com
URL: https://tag.demandbase.com/ae38a8d18ce3fbd6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.100 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
bc52385be77ae5a9787fef27810dc3d6424c79c681dae3311688b6bc09937427

Request headers

Referer
https://exlec.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 25 Oct 2022 02:20:28 GMT
identification-source
CENTRAL
content-encoding
gzip
via
1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
request-id
c154b82e-000e-4970-9dbe-a96318a50567
pragma
no-cache
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://exlec.com
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding, Origin
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
yvKG3UWBpFZfFgChJu46H1dX46IkiWM6Z8FVO7ItBwKpp3r2KNouUg==
expires
Mon, 24 Oct 2022 02:20:28 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-58165706-1&cid=656187691.1666664424&jid=1135348734&_u=aGDACEABBAAAACAAI~&z=870020871
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.105 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 02:20:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-58165706-1&cid=656187691.1666664424&jid=1135348734&_u=aGDACEABBAAAACAAI~&z=870020871
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 02:20:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1330564&time=1666664428126&url=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1330564&time=1666664428126&url=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1330564%26time%3D1666664428126%26url%3Dhttps%253A%252F%252Fexlec.com%252Fteams%25...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1330564&time=1666664428126&url=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&cookiesTest=true&liSync=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41e4cec8-2bc4-4b2f-bde1-68da86938f58
0
0

646099589226753
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/646099589226753?v=2.9.87&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
ba462c71e05995a2cec96395d8d73fadf68549970c71d3f82a62bd8f4886778a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 25 Oct 2022 02:20:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85920
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
eydWj2qEnY2ccX00eaOC2nNwKQce6sBpyWb+2LYqGWTQxKQb8rY0HekY2YWlbhNDWycwhJ42bnPjqT2SlxRU1A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cachedClickId
tr.outbrain.com/
35 B
239 B
Script
General
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00f1f1166b770111131f2ab435741c3245
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 02:20:29 GMT
content-encoding
gzip
X-TraceId
ccaff8be0bd2677fbf9f49b0a9446f2a
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/
43 B
256 B
Image
General
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00f1f1166b770111131f2ab435741c3245&obApiVersion=1.1&obtpVersion=1.10.0&name=PAGE_VIEW&dl=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&optOut=false&bust=05929063806256964&referrer=
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 02:20:29 GMT
Cache-Control
no-cache
content-encoding
gzip
X-TraceId
c990af464be68949ed2308dfc9b1210f
Content-Length
60
Content-Type
image/gif;
identify.js
analytics.tiktok.com/i18n/pixel/
114 KB
31 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBMJC5RC77U606K821BG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.40.74 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id
db52dbca.31480d5e
date
Tue, 25 Oct 2022 02:20:29 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-52-40-70.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time
290,23.52.40.70
server-timing
cdn-cache; desc=MISS, edge; dur=243, origin; dur=48, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
202210250220281AB255A22C26BB292A19
x-cache-remote
TCP_MISS from a23-62-155-204.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
48,23.62.155.204
x-tt-trace-host
015760794e2eb22213c7a482cb881690bcf3d66436a4bd2b7d76110093589c681bbd258632bbf1a6acba11228df773416186516b8e65c53881fae9d788ae25ed6fb2fe5661c230ff5cef9ed0e2352e28db4aa7a39944280ea2c25fdccaac6836a2
expires
Tue, 25 Oct 2022 02:20:29 GMT
config.js
analytics.tiktok.com/i18n/pixel/
0
0

collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=497896001&t=event&ni=1&_s=2&dl=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&ul=en-us&de=UTF-8&dt=Sign%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHDACEABBAAAACAAI~&jid=&gjid=&cid=656187691.1666664424&tid=UA-58165706-1&_gid=438553447.1666664424&gtm=2wgaj0TX6VSHG&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=(Non-Company%20Visitor)&cd13=Bot&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=Melbourne&cd17=VIC&cd18=Australia&z=1435402589
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 15:48:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37941
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=646099589226753&ev=PageView&dl=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&rl=&if=false&ts=1666664428846&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666664428845.2084451543&it=1666664428135&coo=false&rqm=GET
Requested by
Host: exlec.com
URL: https://exlec.com/teams/logs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.35 -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://exlec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 25 Oct 2022 02:20:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
segments.company-target.com
URL
https://segments.company-target.com/log?vendor=choca&user_id=AAxlOU7GrpAAACGOdC0HQQ
Domain
segments.company-target.com
URL
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297aSZiK8Bzv-vC7K-wX-7tYYrdP34sroKc0pVwMhb1KMc
Domain
p.adsymptotic.com
URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41e4cec8-2bc4-4b2f-bde1-68da86938f58
Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=CBMJC5RC77U606K821BG&hostname=exlec.com

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| initializeToastr function| fullscreenCapable function| launchIntoFullscreen function| UNSAFE__HandshakeI18n function| bugsnag function| _ function| $ function| jQuery object| jQuery112405332036101828981 object| Select2 object| ko object| Handshake string| PAGE_CHANGE_EVENT function| puts function| getUrlVar function| getUrlParams function| urlsafeEncode64 function| urlsafeDecode64 function| removeFromArray function| capitalizeString function| endsWith function| getPathName function| getPath function| stickyElementOnScroll function| stickyRow object| imagePaths object| segment_helper object| analytics string| GoogleAnalyticsObject function| ga object| UNSAFE__i18n boolean| unauthenticatedBugsnag object| bugsnagClient boolean| segmentDocumentEventTrackersInitialized object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer function| normalize object| google_tag_manager function| postscribe object| google_tag_manager_external number| len string| _linkedin_data_partner_id function| fbq function| _fbq function| obApi function| getIP function| pdst string| TiktokAnalyticsObject object| ttq function| onYouTubeIframeAPIReady function| gtag object| Demandbase function| lintrk boolean| _already_called_lintrk

8 Cookies

Domain/Path Name / Value
.exlec.com/ Name: _gid
Value: GA1.2.438553447.1666664424
.exlec.com/ Name: _gat
Value: 1
.exlec.com/ Name: ajs_anonymous_id
Value: %229804ba10-3607-4983-b85f-1d80a03a3522%22
.exlec.com/ Name: _gcl_au
Value: 1.1.1154691628.1666664427
.exlec.com/ Name: _gat_UA-58165706-1
Value: 1
exlec.com/ Name: __pdst
Value: f19fa699f71a4410acf3aa9f36c05210
.exlec.com/ Name: _ga_4M16ZMP2G5
Value: GS1.1.1666664427.1.0.1666664428.0.0.0
.exlec.com/ Name: _ga
Value: GA1.2.656187691.1666664424

1 Console Messages

Source Level URL
Text
network error URL: https://exlec.com/sessions/anonymous_id
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
amplify.outbrain.com
analytics.tiktok.com
api.company-target.com
api.segment.io
cdn.pdst.fm
cdn.segment.com
connect.facebook.net
exlec.com
extreme-ip-lookup.com
handshake-production-cdn.joinhandshake.com
p.adsymptotic.com
polyfill.io
segments.company-target.com
sessions.bugsnag.com
snap.licdn.com
stats.g.doubleclick.net
tag.demandbase.com
tr.outbrain.com
us-central1-adaptive-growth.cloudfunctions.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
analytics.tiktok.com
p.adsymptotic.com
segments.company-target.com
104.65.229.95
142.251.10.157
142.251.12.113
142.251.12.94
151.101.1.26
152.199.39.242
157.240.15.13
157.240.15.35
172.107.159.62
172.217.194.105
172.253.118.97
198.252.104.144
216.239.36.54
23.45.116.81
23.52.40.74
35.190.88.7
35.227.208.115
35.244.142.80
52.26.88.131
52.84.251.128
52.85.44.219
54.192.150.100
66.225.223.31
74.125.24.154
01f9af31241983b9313916763efd351ec8e6cfe0097d93cc45d718ccc32286fb
028e61342f23d8785109e734a407fa9f2e1611d3142a54b02cabafd871296e5f
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
156544cd13b925123ef0a1b00a86d757161c0352c181070c26ffd2988316db74
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e2b4dc77092b79976e923ff6ad8180b5c315bab3aae682425c604c729b486ff
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
44021f8b62e841f256de85b089e50531ece5f5d0f48ed0439558006cc96e5ea7
47bcc16c316c698b60302a65557a931be680b895d98415057c5cb873f53788d2
58eb078138465791e2469afb08a61f43915ba7348a3e8096ffb2142f3305b768
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eb1a85c484ea6b5692b2846247099262ca28243d78e5ee99077f3f7a0ecc77a
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52
8419704ac95ce8968ecd2c438dec904810f9864de0898656a8f45c446c7e1f18
898d455067378e41a9d31bc6dd809afca6ff4defc671e06d82aff31740db52f8
89cb0bca591268620d211f9755885ca99935d83358986e11dbc1f2677bddc040
8f0234cadec8f9755a2b8aa9a745c354a5fbbff63a241a774c156cf93d375413
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
ba274704a49e3798c8534fcb44f78871c5e5660ce2653767233930dd3def3540
ba462c71e05995a2cec96395d8d73fadf68549970c71d3f82a62bd8f4886778a
bc52385be77ae5a9787fef27810dc3d6424c79c681dae3311688b6bc09937427
bfa8da72e8d895c5fbe216a4182390481510ef1a15e2e5e0099931882918b9f5
c08612ebc30172aca39a390dfec4092f69c4a2aaff4ddd86f949739a76cff62a
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cc4dce71c55fb8e3c2296f0b7f7eefb366f9e0d874918e703b51fc9663f95ff9
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dbdfd67cbff37388edec11154461ee56acdba6bb123d5fb9ee62bcb0e812b7d3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8