eka1.com Open in urlscan Pro
104.196.203.173 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.eka1.com/e2t/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2...
Effective URL:
https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2...
Submission: On December 15 via manual (December 15th 2020, 3:28:06 pm UTC) from US

Summary HTTP 112 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 45 IPs in 8 countries across 37 domains to perform 112 HTTP transactions. The main IP is 104.196.203.173, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is eka1.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 23rd 2020. Valid for: 3 months.

This is the only time eka1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.228 199.60.103.228	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
27	104.196.203.173 104.196.203.173	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3 3	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6811:b749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:eb:... 2a02:26f0:eb:390::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.218.168.80 52.218.168.80	16509 (AMAZON-02) (AMAZON-02)
2	194.145.183.49 194.145.183.49	24971 (MASTER-AS...) (MASTER-AS Czech Republic / www.master.cz)
1	65.9.73.2 65.9.73.2	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.96.108 65.9.96.108	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:3800:c:77c4:d500:93a1	16509 (AMAZON-02) (AMAZON-02)
6	13.225.84.144 13.225.84.144	16509 (AMAZON-02) (AMAZON-02)
1	104.111.216.96 104.111.216.96	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e7cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1	99.79.84.87 99.79.84.87	16509 (AMAZON-02) (AMAZON-02)
1	65.9.96.19 65.9.96.19	16509 (AMAZON-02) (AMAZON-02)
1	104.26.10.16 104.26.10.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.73.32 65.9.73.32	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1 5	104.108.144.126 104.108.144.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.73.94 65.9.73.94	16509 (AMAZON-02) (AMAZON-02)
1 2	52.51.179.214 52.51.179.214	16509 (AMAZON-02) (AMAZON-02)
1	52.19.70.84 52.19.70.84	16509 (AMAZON-02) (AMAZON-02)
1	52.212.239.19 52.212.239.19	16509 (AMAZON-02) (AMAZON-02)
1	34.232.47.250 34.232.47.250	14618 (AMAZON-AES) (AMAZON-AES)
1 1	65.9.96.17 65.9.96.17	16509 (AMAZON-02) (AMAZON-02)
12	65.9.73.58 65.9.73.58	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	75.2.88.188 75.2.88.188	16509 (AMAZON-02) (AMAZON-02)
1	65.9.73.85 65.9.73.85	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
112	45

2 199.60.103.228 (Canada) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., GB)

email.eka1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.196.203.173 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 173.203.196.104.bc.googleusercontent.com

eka1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.11 (Dallas, United States) 3 redirects

ASN20446 (HIGHWINDS3, US)

cdn.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:eb:390::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.168.80 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.145.183.49 (Czech Republic)

ASN24971 (MASTER-AS Czech Republic / www.master.cz, CZ)
PTR: chewie.imper.cz

t.leady.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.108 (Seattle, United States)

ASN16509 (AMAZON-02, US)

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:3800:c:77c4:d500:93a1 (United States)

ASN16509 (AMAZON-02, US)

t.visitorqueue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.84.144 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-144.fra2.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.216.96 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-96.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e7cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.79.84.87 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-79-84-87.ca-central-1.compute.amazonaws.com

a.visitorqueue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.19 (Seattle, United States)

ASN16509 (AMAZON-02, US)

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.10.16 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.108.144.126 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-126.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.94 (Seattle, United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.179.214 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.70.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-70-84.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.239.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ws1.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.47.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

nextroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.17 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 65.9.73.58 (Seattle, United States)

ASN16509 (AMAZON-02, US)

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 75.2.88.188 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.85 (Seattle, United States)

ASN16509 (AMAZON-02, US)

static.intercomassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	eka1.com 1 redirects email.eka1.com eka1.com	3 MB
12	intercomcdn.com js.intercomcdn.com	510 KB
6	adroll.com 1 redirects s.adroll.com d.adroll.com	71 KB
6	cloudfront.net d10lpsik1i8c69.cloudfront.net	100 KB
5	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com ws1.hotjar.com	63 KB
4	hubspot.com track.hubspot.com forms.hubspot.com	880 B
4	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	5 KB
4	addthis.com s7.addthis.com m.addthis.com	191 KB
3	google.de www.google.de	322 B
3	google.com 1 redirects www.google.com	936 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	4 KB
3	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	976 B
3	google-analytics.com www.google-analytics.com	19 KB
3	shortpixel.ai 3 redirects cdn.shortpixel.ai	428 B
2	visitorqueue.com t.visitorqueue.com a.visitorqueue.com	7 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	leady.com t.leady.com	2 KB
2	amazonaws.com s3-us-west-2.amazonaws.com
2	licdn.com snap.licdn.com	3 KB
2	googleadservices.com www.googleadservices.com	14 KB
2	gstatic.com fonts.gstatic.com	24 KB
2	hs-scripts.com js.hs-scripts.com	1 KB
2	googletagmanager.com www.googletagmanager.com	89 KB
1	intercomassets.com static.intercomassets.com	5 KB
1	nextroll.com nextroll.com	2 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	addthisedge.com v1.addthisedge.com	822 B
1	luckyorange.net settings.luckyorange.net	2 KB
1	hsleadflows.net js.hsleadflows.net	76 KB
1	hs-banner.com js.hs-banner.com	13 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	hsadspixel.net js.hsadspixel.net	2 KB
1	moatads.com z.moatads.com	1 KB
1	zoominfo.com ws.zoominfo.com	723 B
1	hsforms.com forms.hsforms.com	2 KB
1	hsforms.net js.hsforms.net	126 KB
1	googleapis.com fonts.googleapis.com	615 B
112	37

	Domain	Requested by
27	eka1.com	email.eka1.com eka1.com
12	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com eka1.com
6	d10lpsik1i8c69.cloudfront.net	email.eka1.com d10lpsik1i8c69.cloudfront.net
5	s.adroll.com	1 redirects www.googletagmanager.com eka1.com s.adroll.com
3	api-iam.intercom.io	js.intercomcdn.com
3	track.hubspot.com
3	www.google.de	eka1.com
3	www.google.com	1 redirects eka1.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	s7.addthis.com	eka1.com s7.addthis.com
3	cdn.shortpixel.ai	3 redirects
2	px.ads.linkedin.com	1 redirects eka1.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	t.leady.com	email.eka1.com t.leady.com
2	s3-us-west-2.amazonaws.com	www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	fonts.gstatic.com	fonts.googleapis.com
2	js.hs-scripts.com	eka1.com www.googletagmanager.com
2	www.googletagmanager.com	eka1.com
2	email.eka1.com	1 redirects
1	forms.hubspot.com	js.hsleadflows.net
1	static.intercomassets.com
1	widget.intercom.io	1 redirects
1	nextroll.com	eka1.com
1	ws1.hotjar.com	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	d.adroll.com	eka1.com
1	d.adroll.mgr.consensu.org	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	googleads.g.doubleclick.net	1 redirects
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	certify.alexametrics.com	eka1.com
1	a.visitorqueue.com	t.visitorqueue.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	z.moatads.com	s7.addthis.com
1	t.visitorqueue.com	email.eka1.com
1	certify-js.alexametrics.com	email.eka1.com
1	ws.zoominfo.com	email.eka1.com
1	static.hotjar.com	email.eka1.com
1	forms.hsforms.com	js.hsforms.net
1	js.hsforms.net	eka1.com
1	fonts.googleapis.com	eka1.com
112	50

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.linkedin.com
www.youtube.com
www.addthis.com

Subject Issuer	Validity	Valid
email.eka1.com Cloudflare Inc ECC CA-3	`2020-06-13` - `2021-06-13`	a year	crt.sh
eka1.com Let's Encrypt Authority X3	`2020-10-23` - `2021-01-21`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
t.leady.com R3	`2020-12-08` - `2021-03-08`	3 months	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
t.visitorqueue.com Amazon	`2020-02-08` - `2021-03-08`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
a.visitorqueue.com Amazon	`2020-02-11` - `2021-03-11`	a year	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
nextroll.com Let's Encrypt Authority X3	`2020-11-20` - `2021-02-18`	3 months	crt.sh
*.intercomcdn.com Amazon	`2020-03-29` - `2021-04-29`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
*.intercom.com Amazon	`2020-05-13` - `2021-06-13`	a year	crt.sh
intercomassets.com Amazon	`2020-08-15` - `2021-09-14`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Frame ID: 2CCA80C97BBB9FDCB9700C2B72A386D7
Requests: 94 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 0B37EF9713675EAD3C6019A7BB169394
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 0D0F207337660053E40788AAE2983732
Requests: 1 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=34f6965
Frame ID: 88DC8E5E65DCBE41086ADBE7D147E760
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 982C21C7F08682539C4E7557AB7D3AC9
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.2b424a5e.js
Frame ID: 4D60FF57642AF7A4C41B92CF130CEA46
Requests: 10 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: B0C68092B2EFBD896A38D06D75F578DB
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/images/dismiss.249568e7.png
Frame ID: 3FC419789DF843250F3287F7F6F24BC7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://email.eka1.com/e2t/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12... Page URL
https://email.eka1.com/events/public/v1/track/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V... HTTP 307
https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

112
Requests

97 %
HTTPS

47 %
IPv6

37
Domains

50
Subdomains

45
IPs

8
Countries

4427 kB
Transfer

9624 kB
Size

11
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.ekaplus.com%2Fenergy%2F&ref_src=twsrc%5Etfw&region=follow_link&screen_name=EkaSoftware&tw_p=followbutton

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/eka-software-solutions/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCRRX8OGrsABbedodj1b0vaw

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.eka1.com/e2t/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583TSDsN5V9pZ-Z_Q1BW33K7mL6GFHqvN89sLmFZT2fLW23fB_b3KhW2PW3gs_5s4spX4DW9ct4VN7Nx_wwW98Cbc3662SjfVv8wsy6qWhPWW7QYJW98psfSBW3FqF9N1wrh5_W2c_Fy96hc3fcW3n56Zs2ck05MW2_vZVC2y_nJBW1VcYz_7rplYCW2CK07Q5q9XBVVdgL-n23w8SRN9jyGdn2-0QF39n41 Page URL
https://email.eka1.com/events/public/v1/track/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583TSDsN5V9pZ-Z_Q1BW33K7mL6GFHqvN89sLmFZT2fLW23fB_b3KhW2PW3gs_5s4spX4DW9ct4VN7Nx_wwW98Cbc3662SjfVv8wsy6qWhPWW7QYJW98psfSBW3FqF9N1wrh5_W2c_Fy96hc3fcW3n56Zs2ck05MW2_vZVC2y_nJBW1VcYz_7rplYCW2CK07Q5q9XBVVdgL-n23w8SRN9jyGdn2-0QF39n41?_ud=ef918cca-ea68-44c7-8941-98edeaac389d&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_107,h_50/https://eka1.com/wp-content/uploads/2020/05/cropped-Eka-logo-1.png HTTP 302
https://eka1.com/wp-content/uploads/2020/05/cropped-Eka-logo-1.png

Request Chain 63

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=88575&url=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&time=1608046067823 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D88575%26url%3Dhttps%253A%252F%252Feka1.com%252Fdemo%252Fetrm%252F%253Futm_campaign%253DReplacement%252520Campaign%252520FY21%2526utm_medium%253Demail%2526_hsmi%253D103060885%2526_hsenc%253Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%2526utm_content%253D103060885%2526utm_source%253Dhs_email%26time%3D1608046067823%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=88575&url=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&time=1608046067823&liSync=true

Request Chain 64

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069711282/?random=1211953494&cv=9&fst=1608046067788&num=1&value=0&label=9_OICKah6nUQsv-J_gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&tiba=ETRM%20-%20EKA&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=89XYX4yBMuLX7_UP_pe5oAM&sscte=1&crd=&eitems=ChAIgNrh_gUQmqmusoHL6KdOEh0ArB4hFP7awM-xuHUfs1cGdIKNvpGG_QTK2MMSow HTTP 302
https://www.google.com/pagead/1p-conversion/1069711282/?random=1211953494&cv=9&fst=1608046067788&num=1&value=0&label=9_OICKah6nUQsv-J_gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&tiba=ETRM%20-%20EKA&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=89XYX4yBMuLX7_UP_pe5oAM&eitems=ChAIgNrh_gUQmqmusoHL6KdOEh0ArB4hFMLN4kFU62hdWTRDo1UNwXKCgIEu3bZdzQ&random=4271159311&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1069711282/?random=1211953494&cv=9&fst=1608046067788&num=1&value=0&label=9_OICKah6nUQsv-J_gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&tiba=ETRM%20-%20EKA&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=89XYX4yBMuLX7_UP_pe5oAM&eitems=ChAIgNrh_gUQmqmusoHL6KdOEh0ArB4hFMLN4kFU62hdWTRDo1UNwXKCgIEu3bZdzQ&random=4271159311&resp=GooglemKTybQhCsO&ipr=y

Request Chain 67

https://cdn.shortpixel.ai/client/q_lossy,ret_img/https://eka1.com/wp-content/uploads/2020/10/Assets-Demos-2_ETRM.png HTTP 302
https://eka1.com/wp-content/uploads/2020/10/Assets-Demos-2_ETRM.png

Request Chain 68

https://cdn.shortpixel.ai/client/to_webp,q_lossy,ret_img,w_107,h_50/https://eka1.com/wp-content/uploads/2020/05/cropped-Eka-logo-1.png HTTP 302
https://eka1.com/wp-content/uploads/2020/05/cropped-Eka-logo-1.png

Request Chain 76

https://s.adroll.com/j/exp/CRTARLU57FFGFBED5U3TOM/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 78

https://d.adroll.mgr.consensu.org/consent/iabcheck/CRTARLU57FFGFBED5U3TOM?_s=9f5be1b310f29cad67046886e5344560&_b=2 HTTP 302
https://d.adroll.com/consent/check/CRTARLU57FFGFBED5U3TOM/?_s=9f5be1b310f29cad67046886e5344560&_b=2

Request Chain 84

https://widget.intercom.io/widget/nz59z1ge HTTP 302
https://js.intercomcdn.com/shim.latest.js

112 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583TSDsN5V9pZ-Z_Q1BW33K7mL6GFHqvN89sLmFZT2fLW23fB_b3K... Show response
email.eka1.com/e2t/tc/ 8 KB
3 KB 148ms
78ms Document
text/html 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://email.eka1.com/e2t/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583TSDsN5V9pZ-Z_Q1BW33K7mL6GFHqvN89sLmFZT2fLW23fB_b3KhW2PW3gs_5s4spX4DW9ct4VN7Nx_wwW98Cbc3662SjfVv8wsy6qWhPWW7QYJW98psfSBW3FqF9N1wrh5_W2c_Fy96hc3fcW3n56Zs2ck05MW2_vZVC2y_nJBW1VcYz_7rplYCW2CK07Q5q9XBVVdgL-n23w8SRN9jyGdn2-0QF39n41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.228 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., GB),
Reverse DNS
Software: cloudflare /
Resource Hash: 4886de838b127f0a79774295e8f0b8b66f4d1877605dbaf4d5f7e3fa6f17e7cd

Request headers

:method: GET
:authority: email.eka1.com
:scheme: https
:path: /e2t/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583TSDsN5V9pZ-Z_Q1BW33K7mL6GFHqvN89sLmFZT2fLW23fB_b3KhW2PW3gs_5s4spX4DW9ct4VN7Nx_wwW98Cbc3662SjfVv8wsy6qWhPWW7QYJW98psfSBW3FqF9N1wrh5_W2c_Fy96hc3fcW3n56Zs2ck05MW2_vZVC2y_nJBW1VcYz_7rplYCW2CK07Q5q9XBVVdgL-n23w8SRN9jyGdn2-0QF39n41
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:46 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d7a30fde83fd5ec5658fc7af8752798051608046066; expires=Thu, 14-Jan-21 15:27:46 GMT; path=/; domain=.email.eka1.com; HttpOnly; SameSite=Lax __cfruid=d8b4fc56d88ba2fda243cca7673ac9a2fec60f2e-1608046066; path=/; domain=.email.eka1.com; HttpOnly; Secure; SameSite=None
cf-ray: 602130c93a71c83b-AMS
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 07089cd1c20000c83b1682e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
eka1.com/demo/etrm/
Redirect Chain

https://email.eka1.com/events/public/v1/track/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583T...
https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOo...

55 KB
14 KB

426ms
200ms

Document
text/html

104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Requested by: Host: email.eka1.com
URL: https://email.eka1.com/e2t/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583TSDsN5V9pZ-Z_Q1BW33K7mL6GFHqvN89sLmFZT2fLW23fB_b3KhW2PW3gs_5s4spX4DW9ct4VN7Nx_wwW98Cbc3662SjfVv8wsy6qWhPWW7QYJW98psfSBW3FqF9N1wrh5_W2c_Fy96hc3fcW3n56Zs2ck05MW2_vZVC2y_nJBW1VcYz_7rplYCW2CK07Q5q9XBVVdgL-n23w8SRN9jyGdn2-0QF39n41
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: d1d841fd784e99c816399e1085079d6c423810cf472bb76a7c708299b81344cd

Request headers

:method: GET
:authority: eka1.com
:scheme: https
:path: /demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://email.eka1.com/e2t/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583TSDsN5V9pZ-Z_Q1BW33K7mL6GFHqvN89sLmFZT2fLW23fB_b3KhW2PW3gs_5s4spX4DW9ct4VN7Nx_wwW98Cbc3662SjfVv8wsy6qWhPWW7QYJW98psfSBW3FqF9N1wrh5_W2c_Fy96hc3fcW3n56Zs2ck05MW2_vZVC2y_nJBW1VcYz_7rplYCW2CK07Q5q9XBVVdgL-n23w8SRN9jyGdn2-0QF39n41

Response headers

server: nginx
date: Tue, 15 Dec 2020 15:27:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://eka1.com/wp-json/>; rel="https://api.w.org/" <https://eka1.com/wp-json/wp/v2/demo/3354>; rel="alternate"; type="application/json" <https://eka1.com/?p=3354>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 2
x-cache-group: normal
content-encoding: br

Redirect headers

date: Tue, 15 Dec 2020 15:27:46 GMT
location: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
cf-ray: 602130c9bb6dc83b-AMS
link: <https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 07089cd2170000c83b0295b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
server: cloudflare

GET
H2 200 style.min.css
eka1.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 123ms
119ms Stylesheet
text/css 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Thu, 05 Nov 2020 13:27:46 GMT
server: nginx
etag: W/"5fa3fdd2-d293"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 styles.css
eka1.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
858 B 129ms
125ms Stylesheet
text/css 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Wed, 22 Apr 2020 10:31:39 GMT
server: nginx
etag: W/"5ea01d0b-6d2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 popupaoc-public-style.css
eka1.com/wp-content/plugins/popup-anything-on-click/assets/css/ 42 KB
5 KB 164ms
160ms Stylesheet
text/css 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/plugins/popup-anything-on-click/assets/css/popupaoc-public-style.css?ver=1.7.5
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d2875e5480ebd07f87592a92d19131f05f74edd2cc12bf7552e72af977ab2d34

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Tue, 30 Jun 2020 14:32:31 GMT
server: nginx
etag: W/"5efb4cff-a9d5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 rs6.css
eka1.com/wp-content/plugins/revslider/public/assets/css/ 59 KB
13 KB 128ms
124ms Stylesheet
text/css 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b86f3cdcccad303cb5300fab4d2774eafc3a2788f07ff1f3cd1953dd0debaa3f

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Thu, 20 Aug 2020 14:48:32 GMT
server: nginx
etag: W/"5f3e8d40-ea95"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 4 KB
615 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Sans%3Aregular%2Citalic%2C500%2C500italic%2C700%2C700italic&subset=latin-ext%2Clatin&ver=2.3.0.5

Requested by

Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76db9f551b7db5199f25bc0051c76d8e6d7aaac5cc1456e235693d9df8a4971a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Dec 2020 15:27:46 GMT
server: ESF
date: Tue, 15 Dec 2020 15:27:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Dec 2020 15:27:46 GMT

GET
H2 200 style.css
eka1.com/wp-content/themes/uncode/library/css/ 488 KB
69 KB 157ms
154ms Stylesheet
text/css 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/themes/uncode/library/css/style.css
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 47caca10a0d1501017830608ec1f82b1c1244eb817651ff8f8307fe7a48eb340

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Thu, 05 Nov 2020 13:30:39 GMT
server: nginx
etag: W/"5fa3fe7f-7a0b8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 uncode-icons.css
eka1.com/wp-content/themes/uncode/library/css/ 58 KB
12 KB 169ms
166ms Stylesheet
text/css 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/themes/uncode/library/css/uncode-icons.css
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: aace4672403088dabb538da6540db1ae82fcf29b503721cd5e91bd344bcc100f

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Thu, 05 Nov 2020 13:30:39 GMT
server: nginx
etag: W/"5fa3fe7f-e833"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style-custom.css
eka1.com/wp-content/themes/uncode/library/css/ 168 KB
17 KB 169ms
166ms Stylesheet
text/css 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/themes/uncode/library/css/style-custom.css
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: fab2c8b5a8593723aea68b4e75eac37cdd754d5d82eb33d5902edb573fe9793c

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Thu, 19 Nov 2020 12:08:04 GMT
server: nginx
etag: W/"5fb66024-29e2c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 addthis_wordpress_public.min.css
eka1.com/wp-content/plugins/addthis/frontend/build/ 587 B
505 B 169ms
166ms Stylesheet
text/css 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.5.3
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Wed, 17 Jun 2020 06:58:44 GMT
server: nginx
etag: W/"5ee9bf24-24b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.js Show response
eka1.com/wp-includes/js/jquery/ 95 KB
34 KB 221ms
218ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: nginx
etag: W/"5cde37d2-17a69"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 rbtools.min.js Show response
eka1.com/wp-content/plugins/revslider/public/assets/js/ 117 KB
46 KB 221ms
219ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9556bca5ad5eb24439887d7339fcb687088776bbaa995553aa489c9607cf9e19

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Thu, 20 Aug 2020 14:48:32 GMT
server: nginx
etag: W/"5f3e8d40-1d25a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 rs6.min.js Show response
eka1.com/wp-content/plugins/revslider/public/assets/js/ 319 KB
82 KB 311ms
309ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 60f59e08903c3d0b70e928af542ded081c10a790b6c198c7026788b77f4256ac

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Thu, 20 Aug 2020 14:48:32 GMT
server: nginx
etag: W/"5f3e8d40-4fd58"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gtm4wp-form-move-tracker.js Show response
eka1.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
571 B 311ms
309ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.11.4
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Wed, 10 Jun 2020 00:43:45 GMT
server: nginx
etag: W/"5ee02cc1-5cf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 27ms
24ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-226206-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1faf128bfbc8a54a0308115f2fb67471b6db39dc3fdec03f9ea968966f235917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38973
x-xss-protection: 0
last-modified: Tue, 15 Dec 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Dec 2020 15:27:47 GMT

GET
H2 200 init.min.js Show response
eka1.com/wp-content/themes/uncode/library/js/min/ 117 KB
28 KB 311ms
309ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/themes/uncode/library/js/min/init.min.js
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6c65448778e23e454fd77ae092cf130a14b194282c241b93a713b68f3a8835c6

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Thu, 05 Nov 2020 13:30:39 GMT
server: nginx
etag: W/"5fa3fe7f-1d2a1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2

200

cropped-Eka-logo-1.png
eka1.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_107,h_50/https://eka1.com/wp-content/uploads/2020/05/cropped-Eka-logo-1.png
https://eka1.com/wp-content/uploads/2020/05/cropped-Eka-logo-1.png

975 B
1 KB

109ms
109ms

Image
image/png

104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eka1.com/wp-content/uploads/2020/05/cropped-Eka-logo-1.png
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2ab71f605b0b056269461bad6b5baabdc2b88605e51361766f923836137889fa

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
last-modified: Wed, 10 Jun 2020 03:56:32 GMT
server: nginx
etag: "5ee059f0-3cf"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 975

Redirect headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: gzip
server: nginx
location: https://eka1.com/wp-content/uploads/2020/05/cropped-Eka-logo-1.png
x-purge: 1
x-tag: Domain:eka1.com
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=2592000
accept-ranges: bytes
content-length: 20
x-hw: 1608046067.cds087.lo4.hn,1608046067.cds053.lo4.c

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 519 KB
126 KB 56ms
56ms Script
application/javascript 2606:4700::6811:b749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1620c0f17ad8773aa6a85d8a5efc5e4d7a579da1f4c3672ad9ae61598bc8a101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
via: 1.1 8d6071bd169bbf5fd46638140132b1d1.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 87
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07089cd6f8000005ed6d26d000000001
last-modified: Thu, 10 Dec 2020 05:20:34 UTC
server: cloudflare
etag: W/"c48d8d2dfbe0af6f1b8a59ce5502cf95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: _ekQ.wl4wnFT_tbELPyQLVF6zpitFifz
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 602130d18cd905ed-FRA
x-amz-cf-id: VpOLRLl5f53D0Cdq-kp8dxIzQ4msEPNhjzuLmtLi8y_thD6l3jOsaQ==

GET
H2 200 lazysizes.min.js Show response
eka1.com/wp-content/plugins/autoptimize/classes/external/js/ 9 KB
4 KB 153ms
150ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.7.7
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8b88ddfa92e4cb2646d5c7e19274939caa3495dcb33c307f1bbaec31b1d9691a

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Sun, 30 Aug 2020 21:19:32 GMT
server: nginx
etag: W/"5f4c17e4-22ea"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 scripts.js Show response
eka1.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 110ms
110ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Wed, 22 Apr 2020 10:31:39 GMT
server: nginx
etag: W/"5ea01d0b-3868"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 455947.js Show response
js.hs-scripts.com/ 2 KB
731 B 121ms
119ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/455947.js?integration=WordPress
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7317d869e7aaa3e30e0b010e98135165e7ed11433a24e0cdf0c7f348cbb0926

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2B7B0929AAFBA7D2F3A79FA9FF42EAF55FCB1289F5000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://eka1.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 602130d1af0b1f19-FRA
cf-request-id: 07089cd70e00001f19fabce000000001
expires: Tue, 15 Dec 2020 15:28:47 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 40ms
36ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?ver=5.5.3

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 15 Dec 2020 15:27:47 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 mediaelement-and-player.min.js Show response
eka1.com/wp-includes/js/mediaelement/ 157 KB
39 KB 150ms
146ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.13-9993131
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 282c86db3fc6cedcc79b172069ba09831ce0e6ba235d13bff382f57f0d3977ff

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Tue, 08 Oct 2019 16:06:02 GMT
server: nginx
etag: W/"5d9cb3ea-272c5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 mediaelement-migrate.min.js Show response
eka1.com/wp-includes/js/mediaelement/ 1 KB
759 B 150ms
146ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.5.3
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b37a604b4add99725c3a9e6b0440fc4452f71139517e7d7deb452ed98499068c

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Sat, 05 Oct 2019 19:49:10 GMT
server: nginx
etag: W/"5d98f3b6-4a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-mediaelement.min.js Show response
eka1.com/wp-includes/js/mediaelement/ 907 B
685 B 151ms
147ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.5.3
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 12aae45dbaf66e541e14694a7810a96fdd8b17f9ac5f5346fdc23d61d6fd74b0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Thu, 05 Nov 2020 13:27:45 GMT
server: nginx
etag: W/"5fa3fdd1-38b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 plugins.min.js Show response
eka1.com/wp-content/themes/uncode/library/js/min/ 448 KB
122 KB 152ms
149ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/themes/uncode/library/js/min/plugins.min.js
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5b4f5971ab1e59c6bc12ea0b224375ca93723cc0bfeb78871e832cdefc2b5a94

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Thu, 05 Nov 2020 13:30:39 GMT
server: nginx
etag: W/"5fa3fe7f-6fe6a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 app.min.js Show response
eka1.com/wp-content/themes/uncode/library/js/min/ 128 KB
30 KB 152ms
149ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/themes/uncode/library/js/min/app.min.js
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0134302df9c7ad952d348ded08486819ad29c551c593eb737cea25d3ee233fed

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Thu, 05 Nov 2020 13:30:39 GMT
server: nginx
etag: W/"5fa3fe7f-20155"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
eka1.com/wp-includes/js/ 1 KB
951 B 152ms
149ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Thu, 05 Nov 2020 13:27:45 GMT
server: nginx
etag: W/"5fa3fdd1-59a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-emoji-release.min.js Show response
eka1.com/wp-includes/js/ 14 KB
5 KB 152ms
150ms Script
application/javascript 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
last-modified: Thu, 05 Nov 2020 13:27:45 GMT
server: nginx
etag: W/"5fa3fdd1-37a6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 152 KB
51 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHH9VNS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecd4373b8cafbcb997c77243620c8182606fdc6d7a3eabc791709d596cb12124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51853
x-xss-protection: 0
last-modified: Tue, 15 Dec 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Dec 2020 15:27:47 GMT

GET
H2 200 uncode-icons.woff2
eka1.com/wp-content/themes/uncode/library/fonts/ 138 KB
138 KB 148ms
148ms Font
font/woff2 104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eka1.com/wp-content/themes/uncode/library/fonts/uncode-icons.woff2
Requested by: Host: eka1.com
URL: https://eka1.com/wp-content/themes/uncode/library/css/uncode-icons.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: cb3bfa3f39f228b5e06fb6ee80aea986056d3253805a59581e6eff051050141d

Request headers

Origin: https://eka1.com
Referer: https://eka1.com/wp-content/themes/uncode/library/css/uncode-icons.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
last-modified: Thu, 05 Nov 2020 13:30:39 GMT
server: nginx
etag: "5fa3fe7f-226d0"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 141008

GET
H2 200 rP2Hp2ywxg089UriCZOIHTWEBlw.woff2
fonts.gstatic.com/s/dmsans/v6/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Hp2ywxg089UriCZOIHTWEBlw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans%3Aregular%2Citalic%2C500%2C500italic%2C700%2C700italic&subset=latin-ext%2Clatin&ver=2.3.0.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

947b7ccb1ff6effa4ba2c2a9b29c5ed5c3caf45e1c65109041676da35dfce9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eka1.com
Referer: https://fonts.googleapis.com/css?family=DM+Sans%3Aregular%2Citalic%2C500%2C500italic%2C700%2C700italic&subset=latin-ext%2Clatin&ver=2.3.0.5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 22:22:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:00:15 GMT
server: sffe
age: 493530
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12120
x-xss-protection: 0
expires: Thu, 09 Dec 2021 22:22:17 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 rP2Cp2ywxg089UriASitCBimC3YU-Ck.woff2
fonts.gstatic.com/s/dmsans/v6/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriASitCBimC3YU-Ck.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans%3Aregular%2Citalic%2C500%2C500italic%2C700%2C700italic&subset=latin-ext%2Clatin&ver=2.3.0.5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2640c4595fbc86b33401ce34230f8871add04b382ed281473dbd7fb6513c28d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eka1.com
Referer: https://fonts.googleapis.com/css?family=DM+Sans%3Aregular%2Citalic%2C500%2C500italic%2C700%2C700italic&subset=latin-ext%2Clatin&ver=2.3.0.5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 13:23:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:00:19 GMT
server: sffe
age: 266642
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12052
x-xss-protection: 0
expires: Sun, 12 Dec 2021 13:23:45 GMT

GET
H2 200 fdd82ab1-160b-4207-9387-9e71df877d90 Show response
forms.hsforms.com/embed/v3/form/455947/ 8 KB
2 KB 167ms
167ms Script
application/javascript 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/455947/fdd82ab1-160b-4207-9387-9e71df877d90?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a0909ae0ee51a7ad830f62c0cc2e8ba0a9c43c6c8f5dfba9f010b6338f66f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07089cd79f0000c2ef95b4d000000001
server: cloudflare
x-trace: 2BABB8329DA71499746F01894BECEC1232297F8ACF000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 602130d29c37c2ef-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-226206-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4974
date: Tue, 15 Dec 2020 14:04:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 15 Dec 2020 16:04:53 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 33ms
33ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHH9VNS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Dec 2020 15:27:47 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 7ms
7ms Script
application/x-javascript 2a02:26f0:eb:390::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHH9VNS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:390::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 15:27:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=13539
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H/1.1 403
Forbidden getemails.js
s3-us-west-2.amazonaws.com/files.getemails.com/account/X2JHND4/source/ 0
0 746ms
193ms Script
application/xml 52.218.168.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/files.getemails.com/account/X2JHND4/source/getemails.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHH9VNS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.168.80 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden getemails_suppression.js
s3-us-west-2.amazonaws.com/files.getemails.com/account/X2JHND4/source/ 0
0 750ms
192ms Script
application/xml 52.218.168.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/files.getemails.com/account/X2JHND4/source/getemails_suppression.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHH9VNS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.168.80 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK L.js Show response
t.leady.com/5920zfYdQ9CEiHym/ 3 KB
2 KB 114ms
36ms Script
application/javascript 194.145.183.49
MASTER-AS Czech R...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.leady.com/5920zfYdQ9CEiHym/L.js
Requested by: Host: email.eka1.com
URL: https://email.eka1.com/e2t/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583TSDsN5V9pZ-Z_Q1BW33K7mL6GFHqvN89sLmFZT2fLW23fB_b3KhW2PW3gs_5s4spX4DW9ct4VN7Nx_wwW98Cbc3662SjfVv8wsy6qWhPWW7QYJW98psfSBW3FqF9N1wrh5_W2c_Fy96hc3fcW3n56Zs2ck05MW2_vZVC2y_nJBW1VcYz_7rplYCW2CK07Q5q9XBVVdgL-n23w8SRN9jyGdn2-0QF39n41
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 194.145.183.49 , Czech Republic, ASN24971 (MASTER-AS Czech Republic / www.master.cz, CZ),
Reverse DNS: chewie.imper.cz
Software: nginx /
Resource Hash: 7520b863d1879774108e66287f390841847ebdc096ba2ed91188544048019619

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 15:27:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Mar 2020 18:11:47 GMT
Server: nginx
ETag: W/"5e78fbe3-cce"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=21600
Connection: keep-alive
Expires: Tue, 15 Dec 2020 21:27:47 GMT

GET
H2 200 hotjar-1245574.js Show response
static.hotjar.com/c/ 34 KB
4 KB 110ms
59ms Script
application/javascript 65.9.73.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1245574.js?sv=6

Requested by

Host: email.eka1.com
URL: https://email.eka1.com/e2t/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583TSDsN5V9pZ-Z_Q1BW33K7mL6GFHqvN89sLmFZT2fLW23fB_b3KhW2PW3gs_5s4spX4DW9ct4VN7Nx_wwW98Cbc3662SjfVv8wsy6qWhPWW7QYJW98psfSBW3FqF9N1wrh5_W2c_Fy96hc3fcW3n56Zs2ck05MW2_vZVC2y_nJBW1VcYz_7rplYCW2CK07Q5q9XBVVdgL-n23w8SRN9jyGdn2-0QF39n41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.2 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

902c07117ed5a5393694e807b70329f9298a320288ffb176d7d07a9e8820800a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
etag: W/75855e4b24778e034fe74a4234e94f25
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: BwQg8WD7L5O6F8td_-1TYb4CqxUV7ZPZjQpjzgcwUTyC_6eA4gZXqA==
via: 1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)

GET
H2 200 0OZqbnI8azVf3CSb9goF Show response
ws.zoominfo.com/pixel/ 0
723 B 266ms
226ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/0OZqbnI8azVf3CSb9goF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 602130d2fda39754-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0
cf-request-id: 07089cd7dc000097549a966000000001

GET
H2 200 455947.js Show response
js.hs-scripts.com/ 2 KB
560 B 124ms
124ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/455947.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHH9VNS
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2dd3c00e0a4a61ea1f19e9a4feb21d6bf1e74956db3030df1bd6c36b3142f3e

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2BF46CC984BFCB50DB6B5907186D8925A621551676000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://eka1.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 602130d2b9311f19-FRA
cf-request-id: 07089cd7b500001f19a7161000000001
expires: Tue, 15 Dec 2020 15:28:47 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 110ms
38ms Script
text/javascript 65.9.96.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: email.eka1.com
URL: https://email.eka1.com/e2t/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583TSDsN5V9pZ-Z_Q1BW33K7mL6GFHqvN89sLmFZT2fLW23fB_b3KhW2PW3gs_5s4spX4DW9ct4VN7Nx_wwW98Cbc3662SjfVv8wsy6qWhPWW7QYJW98psfSBW3FqF9N1wrh5_W2c_Fy96hc3fcW3n56Zs2ck05MW2_vZVC2y_nJBW1VcYz_7rplYCW2CK07Q5q9XBVVdgL-n23w8SRN9jyGdn2-0QF39n41
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 00:43:22 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 5841866
ETag: W/"96c08723796affab377d9bb08d631cd0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: 8YCJryIB-vrnd7vVCjnNYGdIZTPx_UvuOqz8ZN7d45WQMlOFhQROKA==

GET
H2 200 tracking.min.js Show response
t.visitorqueue.com/p/ 7 KB
7 KB 54ms
10ms Script
application/javascript 2600:9000:2127:3800:c:77c4:d500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.visitorqueue.com/p/tracking.min.js?id=d9b44a81-6693-46bd-9db3-b1a20e213327
Requested by: Host: email.eka1.com
URL: https://email.eka1.com/e2t/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583TSDsN5V9pZ-Z_Q1BW33K7mL6GFHqvN89sLmFZT2fLW23fB_b3KhW2PW3gs_5s4spX4DW9ct4VN7Nx_wwW98Cbc3662SjfVv8wsy6qWhPWW7QYJW98psfSBW3FqF9N1wrh5_W2c_Fy96hc3fcW3n56Zs2ck05MW2_vZVC2y_nJBW1VcYz_7rplYCW2CK07Q5q9XBVVdgL-n23w8SRN9jyGdn2-0QF39n41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3800:c:77c4:d500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8118b1c7f970c9d2c702417a5231b779e2ecb1638ca09c757fb1dc34a18576aa

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 5emjWBypCWpOHMdfI2gB22fDSLbxD0D9
via: 1.1 e3568b144ae2b93deb0c17907b662ac2.cloudfront.net (CloudFront)
last-modified: Thu, 10 Dec 2020 20:01:07 GMT
server: AmazonS3
age: 2798
etag: "f1e18700538602e9324ea0466586db56"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 15 Dec 2020 14:50:29 GMT
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 7022
x-amz-cf-id: _gKXkM09f2Bsp-thRE8ZIQcmJB3JWpHzWwFjYe5Peekp_bf3Qi112Q==

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 87ms
27ms Script
application/javascript 13.225.84.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: email.eka1.com
URL: https://email.eka1.com/e2t/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583TSDsN5V9pZ-Z_Q1BW33K7mL6GFHqvN89sLmFZT2fLW23fB_b3KhW2PW3gs_5s4spX4DW9ct4VN7Nx_wwW98Cbc3662SjfVv8wsy6qWhPWW7QYJW98psfSBW3FqF9N1wrh5_W2c_Fy96hc3fcW3n56Zs2ck05MW2_vZVC2y_nJBW1VcYz_7rplYCW2CK07Q5q9XBVVdgL-n23w8SRN9jyGdn2-0QF39n41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.144 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-144.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485603ca5c95fbd9a102d2a309786f8f77a2d2ff731fcf160c3d175eff8c8b5d

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 14:33:26 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 19:52:05 GMT
server: AmazonS3
age: 3262
etag: "f504462f90440a259bb14715b69c121a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: msjZSBZtTyRTaulFGWZjlXt137VEDFZuzoSNkUcko_QUO4Jm0D8g-w==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 25ms
24ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.5.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 6CDA04CEF72D568E
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=17296
accept-ranges: bytes
content-length: 948
x-amz-id-2: vmrAbpbzrBs8g4V4M3AoGAqwWb0EhELJ1wy9AWvX/tuPVstbiwgv0ja/UaK2kknp20dNDPCNIa4=

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
2 KB 24ms
23ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/455947.js?integration=WordPress
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
via: 1.1 20f0d9cf6610f77242f5c592d2ecfd1d.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 417
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.218/bundles/pixels-release.js&cfRay=602126a088281786-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 07089cd848000096e0e9951000000001
last-modified: Wed, 02 Dec 2020 05:20:17 UTC
server: cloudflare
etag: W/"6159aaab2b9ebbe66181371c0b06ec68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 2loL3K5wOlJ4UYDOHK3xdpXBRt2L9KwW
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 602130d3ae1196e0-FRA
x-amz-cf-id: AfHwX2HARxaoU35D-VA26qpg7ePIWpo0r_O4R2MPxIivZKdq_b_rPQ==

GET
H2 200 455947.js Show response
js.hs-analytics.net/analytics/1608045900000/ 63 KB
19 KB 131ms
130ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1608045900000/455947.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/455947.js?integration=WordPress
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d2f76ac397d4cdf8f9fe163e81fbbf2b977a5bc8c5ee2acd4e91efa74b2d961

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: DB61CB577B10D141
x-amz-server-side-encryption: AES256
cf-ray: 602130d3a9f12bf2-FRA
x-amz-id-2: IAxfO8Tf1Xp96BCmonR6ZuAQYQjo9JWcLU50OsPvRl+Ju71thlXS32qbEdMtuagNrYurMSGBBwc=
last-modified: Mon, 14 Dec 2020 16:24:26 GMT
server: cloudflare
etag: W/"88b911df882bda8ac736af01c46a9a3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 07089cd84800002bf2e6a8d000000001
content-type: text/javascript
expires: Tue, 15 Dec 2020 15:32:47 GMT

GET
H2 200 455947.js Show response
js.hs-banner.com/ 52 KB
13 KB 14ms
13ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/455947.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/455947.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 954c9ea04b864590b952e01e3023e49a71a9cd0dbbc53da0d1cdc05b6d319714

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=r6CD6Q==, md5=zkLLIm6bfVw6LPbkHZpnZA==
date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 207
x-guploader-uploadid: ABg5-UzOZZ3G4BD22IIgBZMMg5qv9X6YeQtrxMlWfOnl2kvwUoYKTFFWB8Gskd3IoWalnaAShm1fLbsWKihphmZJBEs
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 07089cd84800002bdd6b947000000001
timing-allow-origin: *
last-modified: Wed, 09 Dec 2020 18:26:31 GMT
server: cloudflare
etag: W/"ce42cb226e9b7d5c3a2cf6e41d9a6764"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1607538391139212
access-control-allow-origin: https://eka1.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 53372
cf-ray: 602130d3a9772bdd-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Tue, 15 Dec 2020 15:29:20 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 448 KB
76 KB 47ms
46ms Script
application/javascript 2606:4700::6811:e7cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/455947.js?integration=WordPress
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 828db6b7e79c6f9a935026a3383990ac60d9b5ae13bc6b8e76e63b6ddc087635

Request headers

Origin: https://eka1.com
Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
via: 1.1 c889e9448c63bb4bf9dd41fcb2250e09.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 2537
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.966/bundle/main/lead-flows-release.js&cfRay=6020f2e14a3c63d7-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 07089cd84900001f2df0260000000001
cf-ray: 602130d3a9041f2d-FRA
last-modified: Fri, 11 Dec 2020 01:11:46 UTC
server: cloudflare
etag: W/"e1b953bd86e03038d178c0bb365f8217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: Yq1r0GUWtO8V8yuu1CBe2h7KDqj0ZMby
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 5cTOBecGDF74LYqyw5gdrJj8YxJvhAW58P1CyEn3k3pHVq8i97Ka6Q==

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:eb:390::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:390::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 15:27:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 20:29:41 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=16965
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/1069711282/ 2 KB
2 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1069711282/?random=1608046067788&cv=9&fst=1608046067788&num=1&value=0&label=9_OICKah6nUQsv-J_gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&tiba=ETRM%20-%20EKA&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfd023889f4f275746c3c914614a70bf1272254cc38214a2dbd8a8a5f422835c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1361
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
61 B 13ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=355909283&t=pageview&_s=1&dl=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=ETRM%20-%20EKA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1228715344&gjid=1961569873&cid=873009452.1608046068&tid=UA-226206-1&_gid=1888103653.1608046068&_r=1&gtm=2oubu0&z=1206913711

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 15:27:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eka1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 start
a.visitorqueue.com/ 2 B
138 B 361ms
110ms Other
text/plain 99.79.84.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.visitorqueue.com/start
Requested by: Host: t.visitorqueue.com
URL: https://t.visitorqueue.com/p/tracking.min.js?id=d9b44a81-6693-46bd-9db3-b1a20e213327
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.79.84.87 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-79-84-87.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 15 Dec 2020 15:27:48 GMT
access-control-request-method: *
access-control-allow-headers: *
content-length: 2
content-type: text/plain

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 106ms
35ms Image
image/gif 65.9.96.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=ETRM%20-%20EKA&time=1608046067813&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&random_number=17063561288&sess_cookie=8107ec931766703c065092d49de&sess_cookie_flag=1&user_cookie=8107ec931766703c065092d49de&user_cookie_flag=1&dynamic=true&domain=eka1.com&account=EyWgv1DlQy20Y8&jsv=20130128&user_lang=en-US
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 19:06:56 GMT
Via: 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 73252
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: PRG50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: -P-VHHxVaOTRQKLwWIDjHjCJjzdft_tEczgitqTxgdxfyc3yFADFLw==

POST
H/1.1 204
No Content L
t.leady.com/ 0
103 B 36ms
36ms Other
text/plain 194.145.183.49
MASTER-AS Czech R...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.leady.com/L?k=5920zfYdQ9CEiHym&d=i&s=175927b9-9732-4775-ae43-9154057573a9&l=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%20Campaign%20FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&r=&g=4741312e322e3837333030393435322e31363038303436303638
Requested by: Host: t.leady.com
URL: https://t.leady.com/5920zfYdQ9CEiHym/L.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 194.145.183.49 , Czech Republic, ASN24971 (MASTER-AS Czech Republic / www.master.cz, CZ),
Reverse DNS: chewie.imper.cz
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Connection: keep-alive
Date: Tue, 15 Dec 2020 15:27:47 GMT
Server: nginx

GET
H2 200 / Show response
settings.luckyorange.net/ 2 KB
2 KB 171ms
130ms Fetch
application/json 104.26.10.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&s=261166

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

490dd9b15628a331fd5a5b73844cb87292958fed8ad1924cd879ca8a013e6dd8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 07089cd89c0000fa8c5bbfa000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a8KtVv6HseHYTrOQr9m%2FXJrW2O%2BDZG270k%2Fe8B%2F%2BF8dwVlW8bhni7RtcwKa%2B0Jsbfl%2FOfdOYnJXSBBSR1LbnbpSlK0Cfrd87iPjaMrRSpCfzOvAkCj6%2FefU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://eka1.com
access-control-allow-credentials: true
cf-ray: 602130d42f6ffa8c-AMS
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 modules.f2a0c48472fc3a6a1664.js Show response
script.hotjar.com/ 222 KB
59 KB 102ms
56ms Script
application/javascript 65.9.73.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f2a0c48472fc3a6a1664.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1245574.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.32 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3422a566d3586aa83e09fd661635fe9ebcf90f0f4824fdf3d42d6698662cbfcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 12:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10241
x-cache: Hit from cloudfront
content-length: 59564
access-control-allow-origin: *
last-modified: Tue, 15 Dec 2020 12:34:17 GMT
etag: "5a8a077d3cc3e6ab1290703959e9ca39"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: etFdnyMVndqSkMEAnV5YwaStTHfNdI__7mczbina734K-jg3RbBB7Q==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-226206-1&cid=873009452.1608046068&jid=1228715344&gjid=1961569873&_gid=1888103653.1608046068&_u=IEBAAUAAAAAAAC~&z=206394211

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 15 Dec 2020 15:27:47 GMT
content-type: text/plain
access-control-allow-origin: https://eka1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=88575&url=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_h...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D88575%26url%3Dhttps%253A%252F%252Feka1.com%252Fdemo%252Fetrm%252F%253Futm_campaig...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=88575&url=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_h...

0
641 B

659ms
658ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=88575&url=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&time=1608046067823&liSync=true
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:48 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: 0EkHGmHtUBZg3cbOWysAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action: 1
content-length: 0
x-li-uuid: d/P9D2HtUBbQ8pqcmSsAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: 9BAA9FD427394A28A9261AA2DD348203 Ref B: VIEEDGE2515 Ref C: 2020-12-15T15:27:48Z
x-frame-options: sameorigin
date: Tue, 15 Dec 2020 15:27:48 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=88575&url=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&time=1608046067823&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1069711282/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069711282/?random=1211953494&cv=9&fst=1608046067788&num=1&value=0&label=9_OICKah6nUQsv-J_gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
https://www.google.com/pagead/1p-conversion/1069711282/?random=1211953494&cv=9&fst=1608046067788&num=1&value=0&label=9_OICKah6nUQsv-J_gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
https://www.google.de/pagead/1p-conversion/1069711282/?random=1211953494&cv=9&fst=1608046067788&num=1&value=0&label=9_OICKah6nUQsv-J_gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...

42 B
108 B

21ms
21ms

Image
image/gif

2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1069711282/?random=1211953494&cv=9&fst=1608046067788&num=1&value=0&label=9_OICKah6nUQsv-J_gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&tiba=ETRM%20-%20EKA&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=89XYX4yBMuLX7_UP_pe5oAM&eitems=ChAIgNrh_gUQmqmusoHL6KdOEh0ArB4hFMLN4kFU62hdWTRDo1UNwXKCgIEu3bZdzQ&random=4271159311&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 15:27:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 15:27:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1069711282/?random=1211953494&cv=9&fst=1608046067788&num=1&value=0&label=9_OICKah6nUQsv-J_gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&tiba=ETRM%20-%20EKA&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=89XYX4yBMuLX7_UP_pe5oAM&eitems=ChAIgNrh_gUQmqmusoHL6KdOEh0ArB4hFMLN4kFU62hdWTRDo1UNwXKCgIEu3bZdzQ&random=4271159311&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-226206-1&cid=873009452.1608046068&jid=1228715344&_u=IEBAAUAAAAAAAC~&z=931221150

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 15:27:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-226206-1&cid=873009452.1608046068&jid=1228715344&_u=IEBAAUAAAAAAAC~&z=931221150

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 15:27:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Assets-Demos-2_ETRM.png
eka1.com/wp-content/uploads/2020/10/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lossy,ret_img/https://eka1.com/wp-content/uploads/2020/10/Assets-Demos-2_ETRM.png
https://eka1.com/wp-content/uploads/2020/10/Assets-Demos-2_ETRM.png

2 MB
2 MB

125ms
125ms

Image
image/png

104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eka1.com/wp-content/uploads/2020/10/Assets-Demos-2_ETRM.png
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2ee2573e421fcc52724ef9d0e110ef920405cd73b2c5d37e377ef073f2434ef0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:47 GMT
last-modified: Thu, 29 Oct 2020 10:06:22 GMT
server: nginx
etag: "5f9a941e-2566d7"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2451159

Redirect headers

date: Tue, 15 Dec 2020 15:27:47 GMT
content-encoding: gzip
server: nginx
location: https://eka1.com/wp-content/uploads/2020/10/Assets-Demos-2_ETRM.png
x-purge: 1
x-tag: Domain:eka1.com
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=2592000
accept-ranges: bytes
content-length: 20
x-hw: 1608046067.cds087.lo4.hn,1608046067.cds073.lo4.c

GET
H2

200

cropped-Eka-logo-1.png
eka1.com/wp-content/uploads/2020/05/
Redirect Chain

https://cdn.shortpixel.ai/client/to_webp,q_lossy,ret_img,w_107,h_50/https://eka1.com/wp-content/uploads/2020/05/cropped-Eka-logo-1.png
https://eka1.com/wp-content/uploads/2020/05/cropped-Eka-logo-1.png

975 B
1 KB

216ms
215ms

Image
image/png

104.196.203.173
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eka1.com/wp-content/uploads/2020/05/cropped-Eka-logo-1.png
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.203.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.203.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2ab71f605b0b056269461bad6b5baabdc2b88605e51361766f923836137889fa

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:48 GMT
last-modified: Wed, 10 Jun 2020 03:56:32 GMT
server: nginx
etag: "5ee059f0-3cf"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 975

Redirect headers

date: Tue, 15 Dec 2020 15:27:48 GMT
content-encoding: gzip
server: nginx
location: https://eka1.com/wp-content/uploads/2020/05/cropped-Eka-logo-1.png
x-purge: 1
x-tag: Domain:eka1.com
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=2592000
accept-ranges: bytes
content-length: 20
x-hw: 1608046068.cds087.lo4.hn,1608046068.cds215.lo4.c

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5ee9bc9d87121edc/ 2 KB
822 B 287ms
286ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5ee9bc9d87121edc/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.5.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a4522716a194448df51f4ac887133345f112fde2e1070969d5453f31223927f3

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:48 GMT
content-encoding: gzip
etag: -769311807--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 646

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 162ms
161ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5fd8d5f3948678fe&bkl=0&bl=1&pdt=795&sid=5fd8d5f3948678fe&pub=ra-5ee9bc9d87121edc&rev=v8.28.8-wp&ln=en&pc=wpp&cb=0&ab=-&dp=eka1.com&fp=demo%2Fetrm%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1608046068116&wpv=wpp-6.2.6&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.6%22%2C%22plugin_mode%22%3A%22AddThis%22%2C%22anonymous_profile_id%22%3A%22wp-fc81fcf7f2c48c659a3c2d18e459abf7%22%2C%22page_info%22%3A%7B%22template%22%3A%22posts%22%2C%22post_type%22%3A%22demo%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Atrue%7D&jsl=1&skipb=1&callback=addthis.cbs.jsonp__85358909539922130
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.5.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f1b610bf12b9846cb900e2d767d5e8d2918c55435cb43115ee9c6320286b588d

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 15:27:48 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 0B37 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 0D0F 0
0 36ms
35ms Document
text/html 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.5.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 15 Dec 2020 15:27:48 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame 88DC 286 KB
92 KB 175ms
97ms Script
application/javascript 13.225.84.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=34f6965
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.144 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-144.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9cc69093eb458759b4fc04f41883e324293e8e2bfeafbab6246c5284d1bc0c5

Request headers

Origin: https://eka1.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 08:39:30 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1838899
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 03 Nov 2020 19:52:04 GMT
server: AmazonS3
etag: W/"d79a1aa1a3a7733819e346e91f36fab4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Cz_k3KoYb0PxJOknxORLbzgwwsYR4X0UBLaoM5tp6WwGaKWwUbOorA==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 40 KB
13 KB 102ms
36ms Script
text/javascript 104.108.144.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHH9VNS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.126 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-126.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: eHeCFa11ZmebQv0hmrjMAs.eB.BPo.q4
Content-Encoding: gzip
ETag: "0aed5b94bc26ce0fe9e58d25dd314418"
x-amz-request-id: A153E367E4F64E44
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12695
x-amz-id-2: 1CcC1EKrieRTlAyvmM8I9czxbYiNWqUAlIg4XQoBWjKMxkmKs0MXuebcXJ5+1jv9UbHz74EL7Lo=
Last-Modified: Thu, 10 Dec 2020 18:09:34 GMT
Server: AmazonS3
Date: Tue, 15 Dec 2020 15:27:48 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 982C 0
0 87ms
25ms Document
text/html 65.9.73.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1245574.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email

Response headers

content-type: text/html
content-length: 851
date: Wed, 04 Nov 2020 19:00:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Wed, 04 Nov 2020 16:31:53 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: y2hkW9DWttyZtThsemH-AnhQDJOiRWDFqgfCZ7H_EzYkTLgRh-B5NA==
age: 3529636

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/CRTARLU57FFGFBED5U3TOM/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

27ms
26ms

Script
application/javascript

104.108.144.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.126 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-126.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NRd5BJy3mTVGILCcmBdUI4KKHh2sq935
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 7W9WAWDN1PDJ9K6T
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: NBvratIHE//44TPOypShMaCv/9QzRoRblXgrQhIlv+9B2ymzS7rKcZPf7Q+NJ4aV6oOIl9m1JcE=
Last-Modified: Wed, 02 Dec 2020 20:19:48 GMT
Server: AmazonS3
Date: Tue, 15 Dec 2020 15:27:48 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Tue, 15 Dec 2020 15:27:48 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/CRTARLU57FFGFBED5U3TOM/UZTY72ETX5FH7D24PV6QU5/ 1 KB
1 KB 103ms
26ms Script
text/javascript 104.108.144.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/CRTARLU57FFGFBED5U3TOM/UZTY72ETX5FH7D24PV6QU5/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.126 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-126.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: CIvwBxe8UNTAHJjpx80pwBj_AWkwPzVD
Content-Encoding: gzip
ETag: "3996d65282dd996ee0d7d4c90c139158"
x-amz-request-id: E96F026D6D53807F
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 635
x-amz-id-2: D/Ghb6z0mvhSxhNxyCXnfJR5Ki+cYXiauIFWlcF2LbdVsAczR3+ipI8o420Oh/ckRpgDULbfBd8=
Last-Modified: Mon, 14 Dec 2020 23:18:14 GMT
Server: AmazonS3
Date: Tue, 15 Dec 2020 15:27:48 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/CRTARLU57FFGFBED5U3TOM/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/CRTARLU57FFGFBED5U3TOM?_s=9f5be1b310f29cad67046886e5344560&_b=2
https://d.adroll.com/consent/check/CRTARLU57FFGFBED5U3TOM/?_s=9f5be1b310f29cad67046886e5344560&_b=2

385 B
477 B

39ms
37ms

Script
application/javascript

52.51.179.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/CRTARLU57FFGFBED5U3TOM/?_s=9f5be1b310f29cad67046886e5344560&_b=2
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.179.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6cfbf56e5f0577047ea86db33d8d32b7af40f325ef41ebbca8e14cb761a91618

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:48 GMT
server: nginx/1.18.0
content-length: 385
content-type: application/javascript

Redirect headers

location: https://d.adroll.com/consent/check/CRTARLU57FFGFBED5U3TOM/?_s=9f5be1b310f29cad67046886e5344560&_b=2
date: Tue, 15 Dec 2020 15:27:48 GMT
server: nginx/1.18.0
content-length: 105

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1245574/ 178 B
321 B 113ms
41ms XHR
application/json 52.19.70.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1245574/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f2a0c48472fc3a6a1664.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.70.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-70-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 15 Dec 2020 15:27:48 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 26ms
25ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.5.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 15 Dec 2020 15:27:48 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H/1.1 200
OK content Show response
ws1.hotjar.com/api/v2/sites/1245574/recordings/ 69 B
394 B 202ms
103ms XHR
application/json 52.212.239.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws1.hotjar.com/api/v2/sites/1245574/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f2a0c48472fc3a6a1664.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.239.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6cb573c045420557c540d1de48a6b2f64b37a1f4e2db54b8250f41bb015db191

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Tue, 15 Dec 2020 15:27:48 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 397 KB
55 KB 31ms
31ms Script
application/javascript 104.108.144.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.126 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-126.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 7sDcLvGKTPrh8xIq2f5DynXc_Mi9vQVX
Content-Encoding: gzip
ETag: "1f2c64002f8e1b6eb56c304c2e892afb"
x-amz-request-id: 9C0A466D5B644741
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 55575
x-amz-id-2: RKvpIdckCIUfU1lGu4A9Vc4434+rKFeY6PhXnAc0s4O7wCj+IxmfMnCnJnqRhSwxJEODB4ztDYM=
Last-Modified: Mon, 07 Dec 2020 23:59:35 GMT
Server: AmazonS3
Date: Tue, 15 Dec 2020 15:27:48 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK favicon-32x32.png
nextroll.com/ 2 KB
2 KB 353ms
110ms Image
image/png 34.232.47.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nextroll.com/favicon-32x32.png
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.47.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 15:27:48 GMT
Via: 1.1 vegur
Last-Modified: Mon, 30 Nov 2020 21:05:36 GMT
Server: Apache
Etag: "64f-5b5595f1ce800"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1615

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/nz59z1ge
https://js.intercomcdn.com/shim.latest.js

12 KB
5 KB

195ms
32ms

Script
application/javascript

65.9.73.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f3f30259ddf8fdb8dd215e8df393f7cdfee6f401b6dccddfb0d4c7b5c7c8d83

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 15 Dec 2020 15:26:06 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 15:11:03 GMT
server: AmazonS3
age: 104
etag: "0ae16aef24e2bf72c69c657198bd4a9d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 4395
x-amz-cf-id: DU3MxE5qCxXJbplosR_DDMLQ8MkIyJG8F51jlM2sQCCtaFc0a_ZwhQ==

Redirect headers

date: Thu, 10 Dec 2020 06:47:13 GMT
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
server: AmazonS3
age: 463237
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: PRG50-C1
content-length: 0
x-amz-cf-id: 2Wz9GRJFobbRnXDAiCBiWT4OmdEVM6jGFXKWcuMTsLeU9IcRXdviPA==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
130 B 148ms
147ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=455947&ct=blog-post&rcu=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F&pu=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&t=ETRM+-+EKA&cts=1608046069107&vi=a1c2cce8057a4418d9155aec1d19882b&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 602130dbfc0cd70d-FRA
date: Tue, 15 Dec 2020 15:27:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 07089cddc90000d70d5f0a8000000001
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
257 B 125ms
124ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=fdd82ab1-160b-4207-9387-9e71df877d90&fci=c92c3ede-dd69-4a0e-9a36-274841081aa9&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=455947&ct=blog-post&rcu=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F&pu=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&t=ETRM+-+EKA&cts=1608046069112&vi=a1c2cce8057a4418d9155aec1d19882b&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 602130dbfc10d70d-FRA
date: Tue, 15 Dec 2020 15:27:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 07089cddca0000d70da120e000000001
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
130 B 172ms
172ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=fdd82ab1-160b-4207-9387-9e71df877d90&fci=c92c3ede-dd69-4a0e-9a36-274841081aa9&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=455947&ct=blog-post&rcu=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F&pu=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&t=ETRM+-+EKA&cts=1608046069116&vi=a1c2cce8057a4418d9155aec1d19882b&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 602130dc0c33d70d-FRA
date: Tue, 15 Dec 2020 15:27:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 07089cddcf0000d70d5f0a9000000001
x-robots-tag: none

GET
H2 200 blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
2 KB 26ms
26ms Image
image/png 13.225.84.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.144 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-144.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 01:34:06 GMT
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
last-modified: Tue, 03 Nov 2020 19:52:04 GMT
server: AmazonS3
age: 222824
etag: "2e4ff7ec8bf18d247ee942621e0f9d65"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1283
x-amz-cf-id: 3rVjsmRN9PL9vk-imTacDQ_LUHG7PBQK9frZsnUxlpb9GyDbYr4VNg==

GET
H2 200 logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
1 KB 26ms
25ms Image
image/png 13.225.84.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.144 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-144.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 16:55:48 GMT
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
last-modified: Tue, 03 Nov 2020 19:52:04 GMT
server: AmazonS3
age: 1031522
etag: "35ce74c31e3ef54462a234340af702d7"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1143
x-amz-cf-id: NmPCMyWQNpsDN4PZhvzyNXuk5VJxdTPywki5NwuAX0rALkbejWFFhw==

GET
H2 200 sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 277 B
618 B 26ms
26ms Image
image/png 13.225.84.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.144 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-144.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 01:07:28 GMT
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
last-modified: Tue, 03 Nov 2020 19:52:04 GMT
server: AmazonS3
age: 397222
etag: "76f1993de0fd323f67cece8d8e63bfa2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 277
x-amz-cf-id: CQjTHIgjsLjbPlN3UmDd9BcXEwQMv8jtG9xc4i9R3u6CPSB_6LCtag==

GET
H2 200 reset.css
d10lpsik1i8c69.cloudfront.net/css/ 2 KB
1 KB 24ms
23ms Stylesheet
text/css 13.225.84.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=34f6965
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.144 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-144.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 19:52:08 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 19:52:04 GMT
server: AmazonS3
age: 3612942
etag: W/"7144eaceff0b31347712515a6116074e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: UwhQgZ_gTDp-DhJM62unxhCR0FS1xwF3gbo5OlcOPxHf6Ml6R-GyNg==

GET
H2 200 frame-modern.2b424a5e.js Show response
js.intercomcdn.com/ Frame 4D60 243 KB
66 KB 32ms
31ms Script
application/javascript 65.9.73.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.2b424a5e.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/nz59z1ge
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78b4097d63974e50e5328364c9c4815a443fcdd769585a59cabcbfa5bcd8c72e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 15 Dec 2020 15:11:07 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 14:59:42 GMT
server: AmazonS3
age: 1003
etag: "3adf615ac3778fecffa2a7b5a71488df"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 67099
x-amz-cf-id: jTdDWnAFzQ8l4o3yIu0vhS4bOALm2n2TYg-32Dw3q2YCN5aebFqvPg==

GET
H2 200 vendor-modern.9d1078c3.js Show response
js.intercomcdn.com/ Frame 4D60 123 KB
38 KB 32ms
31ms Script
application/javascript 65.9.73.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.9d1078c3.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/nz59z1ge
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 848c5de83cc5769619fb12455772acca45887021ab6fdc7b5c88f36a31ff0946

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 15 Dec 2020 14:09:10 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 14:01:33 GMT
server: AmazonS3
age: 4720
etag: "9b5b470a28e38dff426854ef00fb72e0"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 38314
x-amz-cf-id: rwtN6DxFW7349IDIaE6wplcuHzFBdThH5lFg4WRzn3J6hKWKOcYG_Q==

GET
BLOB 200
OK 614c9959-8d84-474d-8ae7-53494fa79dd4
https://eka1.com/ Frame 88DC 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://eka1.com/614c9959-8d84-474d-8ae7-53494fa79dd4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 0

GET
BLOB 200
OK 2735e82b-520b-426e-ba16-508ad9a21e6f
https://eka1.com/ Frame 88DC 30 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://eka1.com/2735e82b-520b-426e-ba16-508ad9a21e6f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83c9688107b373823973bcf48dd284bfbca6d5c23153b86bbd8512cec1404a3d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 31224

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 4D60 3 KB
2 KB 644ms
449ms XHR
application/json 75.2.88.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b424a5e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

3b8453df45fb84c9caedb899f47d55d6ca3f3f1830c5301be9a243dd4454319d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 15 Dec 2020 15:27:50 GMT
content-encoding: gzip
x-ami-version: ami-04a8a471b0875e008
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0001sflmvuttuqmpilu0
x-runtime: 0.338794
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"3b8453df45fb84c9caedb899f47d55d6"
x-ratelimit-remaining: 19996
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://eka1.com
x-intercom-version: 0b3bf1c2a7293b7222b1541f25ceba14df932ac6
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1608046080
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

POST
H2 200 match Show response
api-iam.intercom.io/messenger/web/rulesets/10538585/ Frame 4D60 2 KB
1 KB 960ms
960ms XHR
application/json 75.2.88.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/rulesets/10538585/match

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b424a5e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

4a3424950a541fb7503ebcb6879adaf880ee0960274bd6d2e853e14138937afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 15 Dec 2020 15:27:56 GMT
content-encoding: gzip
x-ami-version: ami-04a8a471b0875e008
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 003glcshvc7p8jnroue0
x-runtime: 0.855144
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"4a3424950a541fb7503ebcb6879adaf8"
x-ratelimit-remaining: 19995
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://eka1.com
x-intercom-version: 0b3bf1c2a7293b7222b1541f25ceba14df932ac6
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1608046080
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

POST
H2 200 27251788347 Show response
api-iam.intercom.io/messenger/web/conversations/ Frame 4D60 2 KB
1 KB 240ms
240ms XHR
application/json 75.2.88.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/conversations/27251788347

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b424a5e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

cd5f6facb46f7fb2dbdd33d355489ed5d54a0f9c197c51bb96a1e171255fdefc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 15 Dec 2020 15:27:56 GMT
content-encoding: gzip
x-ami-version: ami-04a8a471b0875e008
status: 200 OK
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 003hdr30gi2umk7j6gjg
x-runtime: 0.136634
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"cd5f6facb46f7fb2dbdd33d355489ed5"
strict-transport-security: max-age=31556952; includeSubDomains; preload
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://eka1.com
x-intercom-version: 0b3bf1c2a7293b7222b1541f25ceba14df932ac6
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H2 200 vendors~app-modern.c279cae0.js Show response
js.intercomcdn.com/ Frame 4D60 322 KB
97 KB 32ms
32ms Script
application/javascript 65.9.73.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app-modern.c279cae0.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b424a5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11c15562b4931c4b503a33204073cca47ae52f9ffb7409a5c8dab4c41914b45d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 15 Dec 2020 14:09:11 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 14:01:33 GMT
server: AmazonS3
age: 4726
etag: "b189f0aeba558badd4212bdd5ac3c0a8"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 98476
x-amz-cf-id: Gd_Q-3zk2RXldko_rxla_6SM973Qd8L_-Zs94UUoYbUCahvjf5WdIQ==

GET
H2 200 app-modern.59b9b430.js Show response
js.intercomcdn.com/ Frame 4D60 670 KB
157 KB 391ms
391ms Script
application/javascript 65.9.73.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app-modern.59b9b430.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b424a5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc481a4f03072a23e391be07e2f744e442e61c74134ce79d4ca2ff211c8beb56

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 15 Dec 2020 15:11:08 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 14:59:42 GMT
server: AmazonS3
age: 1009
etag: "142ad6f3b336bbee4df13e6692804022"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 160645
x-amz-cf-id: ZgiIzy469rwHMzyd691tYwXv2Ag35foJr-gyWH6NBLFZRdrMXIYYog==

GET
H2 206 operator.2b750c4a.mp3
js.intercomcdn.com/audio/ Frame 4D60 27 KB
28 KB 1072ms
1071ms Media
audio/mpeg 65.9.73.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/audio/operator.2b750c4a.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a89eff3892013214c69fba61e95f78271fceebaf466217a783f1f568eeef71cc

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 15 Dec 2020 14:11:08 GMT
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
etag: "2b750c4aa8cd865ec68fb3658f26a7c8"
last-modified: Fri, 06 Nov 2020 10:50:40 GMT
server: AmazonS3
age: 4609
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-27824/27825
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
Content-Length: 27825
x-amz-cf-id: vFWAX7DtWyPMBm8dUAcfHmuQdfygWJzx2hK6EArflhrULmwcu-z9dw==

GET
H2 200 vendors~message-modern.0e80b3bf.js Show response
js.intercomcdn.com/ Frame 4D60 30 KB
9 KB 60ms
59ms Script
application/javascript 65.9.73.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~message-modern.0e80b3bf.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b424a5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d1e416739c26ccb5148bc8365af1c8a792f605526bc6c0b291425a497a67c89

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 15 Dec 2020 14:09:12 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 14:01:33 GMT
server: AmazonS3
age: 4726
etag: "2f9880acd4293aeda5d5c4d507bd5c97"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 9021
x-amz-cf-id: 2m0uRyejX4UTAc4Nxe1SCV985tbYXRz10BVFGb7BmCJPnudMj352Iw==

GET
H2 200 message-modern.fb269a57.js Show response
js.intercomcdn.com/ Frame 4D60 92 KB
24 KB 60ms
59ms Script
application/javascript 65.9.73.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/message-modern.fb269a57.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b424a5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 689e0e7a87b856a3653eff7e1e0490c486df2d4f423f4249d3b6813114dea1d0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 15 Dec 2020 14:09:12 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 14:01:33 GMT
server: AmazonS3
age: 4726
etag: "c4a7879dd2cc9c5975ca2adb64afd2c8"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 24105
x-amz-cf-id: t4w6ZkJ9ggzGFIHgv_lOZPDqnJ-XK7fr6b9yyK2Rqp35qGqjMsSUWw==

GET
H2 200 proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame B0C6 28 KB
29 KB 76ms
34ms Font
font/woff 65.9.73.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Origin: https://eka1.com
Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 14:07:26 GMT
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
age: 4832
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 28960
last-modified: Mon, 14 Dec 2020 16:39:52 GMT
server: AmazonS3
etag: "a7942249ca925ef356c0f2b1dab17ef3"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 6k7ly5sk7mdSg34glFvSfi6llTbzJ9J86IntE7Yf2BeZWtJSzeTOkA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
204 B 13ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=355909283&t=event&ni=1&_s=2&dl=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=ETRM%20-%20EKA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Intercom%20Messenger&ea=Triggered%20Message&el=Custom%20Bot%20ID%3A%20%2792601%27&_u=KFBAAUABAAAAAC~&jid=1608172588&gjid=1862684788&cid=873009452.1608046068&tid=UA-226206-1&_gid=1888103653.1608046068&_r=1&_slc=1&z=875589005

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 15:27:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eka1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dismiss.249568e7.png
js.intercomcdn.com/images/ Frame 3FC4 124 B
505 B 26ms
26ms Image
image/png 65.9.73.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js.intercomcdn.com/images/dismiss.249568e7.png
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3878bc01fed86222528eaaad9dd98fac94e82c88e7d8bf6e5e3750db93f6caa3

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 14:41:38 GMT
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
etag: "249568e72cec7bca9d1887e46abe4f74"
last-modified: Mon, 07 Dec 2020 15:44:26 GMT
server: AmazonS3
age: 2782
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 124
x-amz-cf-id: hmMM9B4fue99sfmUvPiJNWjYxhr7F2fhrpeFo-aAYLTwlRQevIzt0g==

GET
H2 200 proximanova-semibold.46e3f047.woff
js.intercomcdn.com/fonts/ Frame 3FC4 28 KB
29 KB 205ms
205ms Font
font/woff 65.9.73.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-semibold.46e3f047.woff
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a4f797cc141bbd16a3341cf3f4f482f0ecd00e14c206cbd2f77c5ca7bc9e704

Request headers

Origin: https://eka1.com
Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 14:07:26 GMT
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
age: 4832
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 28732
last-modified: Mon, 14 Dec 2020 16:39:52 GMT
server: AmazonS3
etag: "46e3f047b6d568624167376a87e01ebd"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: qduFEcjsOeeqpa8xAqpXiv2i1kbOEHMA19rDQCDTzi1m0CS6xlslPg==

GET
H2 200 proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame 3FC4 28 KB
29 KB 90ms
90ms Font
font/woff 65.9.73.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by: Host: eka1.com
URL: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Origin: https://eka1.com
Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 14:07:26 GMT
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
age: 4832
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 28960
last-modified: Mon, 14 Dec 2020 16:39:52 GMT
server: AmazonS3
etag: "a7942249ca925ef356c0f2b1dab17ef3"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: R4d_XQgs1HJOSbpbvYQDnygKeyzhcygXb2tqPhQD0IhqlL_CgJwJ8g==

GET
H2 200 custom_avatar-1591767632.png
static.intercomassets.com/avatars/1999556/square_128/ Frame 3FC4 4 KB
5 KB 85ms
27ms Image
image/png 65.9.73.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/1999556/square_128/custom_avatar-1591767632.png?1591767632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79925197df28c53c2a761b4a1253213b410adf1a81cc7d7a9693d2570d0dd744

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 15 Dec 2020 08:47:49 GMT
via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jun 2020 05:40:33 GMT
server: AmazonS3
age: 24009
etag: "71a813dbd2c844d9c8792a65d7d1f385"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 4278
x-amz-cf-id: 9P1hIlF-mXzeHiSYjOMuw2C6sHhHGKCUvEQX9ya6g8nHozURAFCq1Q==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-226206-1&cid=873009452.1608046068&jid=1608172588&gjid=1862684788&_gid=1888103653.1608046068&_u=KFBAAUABAAAAAC~&z=1943822213

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 15 Dec 2020 15:27:57 GMT
content-type: text/plain
access-control-allow-origin: https://eka1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 22ms
22ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-226206-1&cid=873009452.1608046068&jid=1608172588&_u=KFBAAUABAAAAAC~&z=1547271297

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 15:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-226206-1&cid=873009452.1608046068&jid=1608172588&_u=KFBAAUABAAAAAC~&z=1547271297

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 15:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
363 B 170ms
170ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=455947&currentUrl=https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83ec17174e96769691dc49e9bb770c57a9f6a7e78cab7988b1d9921f663630c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://eka1.com/demo/etrm/?utm_campaign=Replacement%20Campaign%20FY21&utm_medium=email&_hsmi=103060885&_hsenc=p2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28&utm_content=103060885&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 15:27:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-ray: 602131129d2bc2fe-FRA
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07089cffa00000c2fe7abfd000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://eka1.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addthis.com/	1970-01-20 00:11:00	Name: uvc Value: 1%7C51
.eka1.com/	1970-01-19 18:59:58	Name: __lotl Value: https%3A%2F%2Feka1.com%2Fdemo%2Fetrm%2F%3Futm_campaign%3DReplacement%2520Campaign%2520FY21%26utm_medium%3Demail%26_hsmi%3D103060885%26_hsenc%3Dp2ANqtz-8tPoMits0moa2i43fTKRywZ4W8hVzYNWBriM2Y3y7WCuTmCWaOmatHZkeV3EQgSbCCcWLeynNKtYOoVsx8zc6OL9vn7uXa2_kTUIoyekQlpvHlc28%26utm_content%3D103060885%26utm_source%3Dhs_email
.eka1.com/	1970-01-19 14:40:46	Name: _lorid Value: 261166-1608046067933-62d3110885e0c5e8
.addthis.com/	1970-01-20 00:11:00	Name: loc Value: MDAwMDBFVU5MWkgyMzExMTg0MzAwMDAwMDBDSA==
.eka1.com/	1970-01-20 08:11:58	Name: _lo_uid Value: 261166-1608046067933-f5c5382913330b2b
.eka1.com/	1970-01-19 14:40:47	Name: _hjAbsoluteSessionInProgress Value: 0
eka1.com/	1970-01-19 14:40:46	Name: _hjIncludedInPageviewSample Value: 1
eka1.com/	1970-01-19 14:40:46	Name: _hjIncludedInSessionSample Value: 1
.eka1.com/	1970-01-19 14:40:47	Name: _hjFirstSeen Value: 1
.eka1.com/	1970-01-19 23:26:22	Name: _lo_v Value: 1
.eka1.com/	1970-01-19 23:26:22	Name: _hjid Value: 4def140c-529c-4386-b60d-81e451d3efdd

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://email.eka1.com/e2t/tc/MVYrxp5tj6FW5PXXrC75tgCwW22vCbp4kDf-SN5QLhT53p_97V1-WJV7CgHPDW7FBNm12zy9y5W5wVLyw4N70DRW2mkj7z7ml_hhW88vkz68Nwz7tW64dCXf1jjDGqW7zTkSs69M3zhVF9d9583TSDsN5V9pZ-Z_Q1BW33K7mL6GFHqvN89sLmFZT2fLW23fB_b3KhW2PW3gs_5s4spX4DW9ct4VN7Nx_wwW98Cbc3662SjfVv8wsy6qWhPWW7QYJW98psfSBW3FqF9N1wrh5_W2c_Fy96hc3fcW3n56Zs2ck05MW2_vZVC2y_nJBW1VcYz_7rplYCW2CK07Q5q9XBVVdgL-n23w8SRN9jyGdn2-0QF39n41(Line 13) Message: toS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.visitorqueue.com
api-iam.intercom.io
cdn.shortpixel.ai
certify-js.alexametrics.com
certify.alexametrics.com
d.adroll.com
d.adroll.mgr.consensu.org
d10lpsik1i8c69.cloudfront.net
eka1.com
email.eka1.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
js.intercomcdn.com
m.addthis.com
nextroll.com
px.ads.linkedin.com
s.adroll.com
s3-us-west-2.amazonaws.com
s7.addthis.com
script.hotjar.com
settings.luckyorange.net
snap.licdn.com
static.hotjar.com
static.intercomassets.com
stats.g.doubleclick.net
t.leady.com
t.visitorqueue.com
track.hubspot.com
v1.addthisedge.com
vars.hotjar.com
widget.intercom.io
ws.zoominfo.com
ws1.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
z.moatads.com
s7.addthis.com
104.108.144.126
104.111.216.96
104.196.203.173
104.26.10.16
104.75.88.112
13.225.84.144
151.139.128.11
172.217.22.2
194.145.183.49
199.60.103.228
2600:9000:2127:3800:c:77c4:d500:93a1
2606:4700::6810:5605
2606:4700::6810:a852
2606:4700::6811:44b0
2606:4700::6811:74b0
2606:4700::6811:b749
2606:4700::6811:d4cc
2606:4700::6811:e7cc
2606:4700::6812:14bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:22::14
2a00:1450:4001:802::200a
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:814::2004
2a00:1450:4001:817::2003
2a00:1450:4001:824::2002
2a00:1450:4001:825::2003
2a00:1450:400c:c06::9b
2a02:26f0:eb:390::25ea
2a05:f500:11:101::b93f:9005
34.232.47.250
52.19.70.84
52.212.239.19
52.218.168.80
52.51.179.214
65.9.73.2
65.9.73.32
65.9.73.58
65.9.73.85
65.9.73.94
65.9.96.108
65.9.96.17
65.9.96.19
75.2.88.188
99.79.84.87
0134302df9c7ad952d348ded08486819ad29c551c593eb737cea25d3ee233fed
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
11c15562b4931c4b503a33204073cca47ae52f9ffb7409a5c8dab4c41914b45d
12aae45dbaf66e541e14694a7810a96fdd8b17f9ac5f5346fdc23d61d6fd74b0
1620c0f17ad8773aa6a85d8a5efc5e4d7a579da1f4c3672ad9ae61598bc8a101
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1faf128bfbc8a54a0308115f2fb67471b6db39dc3fdec03f9ea968966f235917
2640c4595fbc86b33401ce34230f8871add04b382ed281473dbd7fb6513c28d7
282c86db3fc6cedcc79b172069ba09831ce0e6ba235d13bff382f57f0d3977ff
2ab71f605b0b056269461bad6b5baabdc2b88605e51361766f923836137889fa
2ee2573e421fcc52724ef9d0e110ef920405cd73b2c5d37e377ef073f2434ef0
3422a566d3586aa83e09fd661635fe9ebcf90f0f4824fdf3d42d6698662cbfcb
3878bc01fed86222528eaaad9dd98fac94e82c88e7d8bf6e5e3750db93f6caa3
3b8453df45fb84c9caedb899f47d55d6ca3f3f1830c5301be9a243dd4454319d
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
47caca10a0d1501017830608ec1f82b1c1244eb817651ff8f8307fe7a48eb340
485603ca5c95fbd9a102d2a309786f8f77a2d2ff731fcf160c3d175eff8c8b5d
4886de838b127f0a79774295e8f0b8b66f4d1877605dbaf4d5f7e3fa6f17e7cd
490dd9b15628a331fd5a5b73844cb87292958fed8ad1924cd879ca8a013e6dd8
4a3424950a541fb7503ebcb6879adaf880ee0960274bd6d2e853e14138937afe
4d2f76ac397d4cdf8f9fe163e81fbbf2b977a5bc8c5ee2acd4e91efa74b2d961
54a0909ae0ee51a7ad830f62c0cc2e8ba0a9c43c6c8f5dfba9f010b6338f66f2
5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b4f5971ab1e59c6bc12ea0b224375ca93723cc0bfeb78871e832cdefc2b5a94
5d1e416739c26ccb5148bc8365af1c8a792f605526bc6c0b291425a497a67c89
60f59e08903c3d0b70e928af542ded081c10a790b6c198c7026788b77f4256ac
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
689e0e7a87b856a3653eff7e1e0490c486df2d4f423f4249d3b6813114dea1d0
6c65448778e23e454fd77ae092cf130a14b194282c241b93a713b68f3a8835c6
6cb573c045420557c540d1de48a6b2f64b37a1f4e2db54b8250f41bb015db191
6cfbf56e5f0577047ea86db33d8d32b7af40f325ef41ebbca8e14cb761a91618
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f3f30259ddf8fdb8dd215e8df393f7cdfee6f401b6dccddfb0d4c7b5c7c8d83
7520b863d1879774108e66287f390841847ebdc096ba2ed91188544048019619
76db9f551b7db5199f25bc0051c76d8e6d7aaac5cc1456e235693d9df8a4971a
78b4097d63974e50e5328364c9c4815a443fcdd769585a59cabcbfa5bcd8c72e
79925197df28c53c2a761b4a1253213b410adf1a81cc7d7a9693d2570d0dd744
8118b1c7f970c9d2c702417a5231b779e2ecb1638ca09c757fb1dc34a18576aa
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
828db6b7e79c6f9a935026a3383990ac60d9b5ae13bc6b8e76e63b6ddc087635
83c9688107b373823973bcf48dd284bfbca6d5c23153b86bbd8512cec1404a3d
83ec17174e96769691dc49e9bb770c57a9f6a7e78cab7988b1d9921f663630c5
848c5de83cc5769619fb12455772acca45887021ab6fdc7b5c88f36a31ff0946
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b88ddfa92e4cb2646d5c7e19274939caa3495dcb33c307f1bbaec31b1d9691a
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
902c07117ed5a5393694e807b70329f9298a320288ffb176d7d07a9e8820800a
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
947b7ccb1ff6effa4ba2c2a9b29c5ed5c3caf45e1c65109041676da35dfce9a5
954c9ea04b864590b952e01e3023e49a71a9cd0dbbc53da0d1cdc05b6d319714
9556bca5ad5eb24439887d7339fcb687088776bbaa995553aa489c9607cf9e19
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
9a4f797cc141bbd16a3341cf3f4f482f0ecd00e14c206cbd2f77c5ca7bc9e704
a2dd3c00e0a4a61ea1f19e9a4feb21d6bf1e74956db3030df1bd6c36b3142f3e
a4522716a194448df51f4ac887133345f112fde2e1070969d5453f31223927f3
a89eff3892013214c69fba61e95f78271fceebaf466217a783f1f568eeef71cc
aace4672403088dabb538da6540db1ae82fcf29b503721cd5e91bd344bcc100f
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b37a604b4add99725c3a9e6b0440fc4452f71139517e7d7deb452ed98499068c
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b86f3cdcccad303cb5300fab4d2774eafc3a2788f07ff1f3cd1953dd0debaa3f
bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5
bfd023889f4f275746c3c914614a70bf1272254cc38214a2dbd8a8a5f422835c
c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a
cb3bfa3f39f228b5e06fb6ee80aea986056d3253805a59581e6eff051050141d
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d
cd5f6facb46f7fb2dbdd33d355489ed5d54a0f9c197c51bb96a1e171255fdefc
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d1d841fd784e99c816399e1085079d6c423810cf472bb76a7c708299b81344cd
d2875e5480ebd07f87592a92d19131f05f74edd2cc12bf7552e72af977ab2d34
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc481a4f03072a23e391be07e2f744e442e61c74134ce79d4ca2ff211c8beb56
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e9cc69093eb458759b4fc04f41883e324293e8e2bfeafbab6246c5284d1bc0c5
ecd4373b8cafbcb997c77243620c8182606fdc6d7a3eabc791709d596cb12124
edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f1b610bf12b9846cb900e2d767d5e8d2918c55435cb43115ee9c6320286b588d
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7317d869e7aaa3e30e0b010e98135165e7ed11433a24e0cdf0c7f348cbb0926
fab2c8b5a8593723aea68b4e75eac37cdd754d5d82eb33d5902edb573fe9793c

eka1.com Open in urlscan Pro 104.196.203.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

97 %HTTPS

47 %IPv6

37 Domains

50 Subdomains

45 IPs

8 Countries

4427 kBTransfer

9624 kBSize

11 Cookies

4 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

eka1.com Open in urlscan Pro
104.196.203.173 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

97 %
HTTPS

47 %
IPv6

37
Domains

50
Subdomains

45
IPs

8
Countries

4427 kB
Transfer

9624 kB
Size

11
Cookies

112 HTTP transactions
3 data transactions