get.catapultsystems.com Open in urlscan Pro
3.126.202.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com/t/t/x9Qxx8xZ5Q2kpq2pSO5jvn860ERCSzxZC9xKSI5hJ80x/KgYyxQVtAhyP8koRN3QF6UxLf99vaMpSfBTJdGijcasx
Effective URL:
https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_sou...
Submission: On July 18 via manual (July 18th 2022, 6:46:52 pm UTC) from PH — Scanned from DE

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 17 domains to perform 70 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is get.catapultsystems.com.
TLS certificate: Issued by R3 on May 17th 2022. Valid for: 3 months.

This is the only time get.catapultsystems.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	52.183.87.159 52.183.87.159	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	3.211.184.98 3.211.184.98	14618 (AMAZON-AES) (AMAZON-AES)
2	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
10	13.32.99.44 13.32.99.44	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:231... 2600:9000:2315:7800:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a04:4e42:400... 2a04:4e42:400::622	54113 (FASTLY) (FASTLY)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	151.101.65.131 151.101.65.131	54113 (FASTLY) (FASTLY)
2	2620:1ec:27::... 2620:1ec:27::cafe:1375	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
10	13.225.84.77 13.225.84.77	16509 (AMAZON-02) (AMAZON-02)
1	67.202.52.6 67.202.52.6	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	108.138.17.27 108.138.17.27	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.54.224 65.9.54.224	16509 (AMAZON-02) (AMAZON-02)
2	52.0.99.102 52.0.99.102	14618 (AMAZON-AES) (AMAZON-AES)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.205.143.103 18.205.143.103	14618 (AMAZON-AES) (AMAZON-AES)
70	24

3 52.183.87.159 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.184.98 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-184-98.compute-1.amazonaws.com

catapultsystems.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

get.catapultsystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.32.99.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-44.fra60.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2315:7800:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

mktdplp102cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.131 (United States)

ASN54113 (FASTLY, US)

a8085b09e5bb4f629270b7b796d93ca2.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1375 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.225.84.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-77.fra2.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.52.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-67-202-52-6.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-27.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.54.224 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-54-224.arn54.r.cloudfront.net

d2xxq4ijfwetlm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.99.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-99-102.compute-1.amazonaws.com

a8085b09e5bb4f629270b7b796d93ca2.events.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.143.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-143-103.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net d2xxq4ijfwetlm.cloudfront.net	249 KB
11	gstatic.com fonts.gstatic.com	195 KB
10	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 18575	53 KB
9	wistia.com fast.wistia.com — Cisco Umbrella Rank: 5592 distillery.wistia.com — Cisco Umbrella Rank: 8132	191 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 600 h.clarity.ms — Cisco Umbrella Rank: 6038 c.clarity.ms — Cisco Umbrella Rank: 1163	25 KB
5	ubembed.com a8085b09e5bb4f629270b7b796d93ca2.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 11352 a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com a8085b09e5bb4f629270b7b796d93ca2.events.ubembed.com	53 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 350 fonts.googleapis.com — Cisco Umbrella Rank: 81	58 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
3	dynamics.com 1 redirects d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com	3 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 235	554 B
1	google.de www.google.de — Cisco Umbrella Rank: 4915	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 17	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 138	447 B
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 26195	245 B
1	azureedge.net mktdplp102cdn.azureedge.net — Cisco Umbrella Rank: 30487	77 KB
1	catapultsystems.com get.catapultsystems.com	19 KB
1	catapultsystems.us 1 redirects catapultsystems.us	626 B
70	17

	Domain	Requested by
11	fonts.gstatic.com	fonts.googleapis.com
10	d9hhrg4mnvzow.cloudfront.net	get.catapultsystems.com
10	builder-assets.unbounce.com	get.catapultsystems.com a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
8	fast.wistia.com	get.catapultsystems.com fast.wistia.com
3	www.google-analytics.com	get.catapultsystems.com www.google-analytics.com
3	ajax.googleapis.com	get.catapultsystems.com a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
3	d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com	1 redirects mktdplp102cdn.azureedge.net
2	c.clarity.ms	1 redirects
2	a8085b09e5bb4f629270b7b796d93ca2.events.ubembed.com	assets.ubembed.com
2	h.clarity.ms	www.clarity.ms
2	fonts.googleapis.com	builder-assets.unbounce.com ajax.googleapis.com
2	www.clarity.ms	get.catapultsystems.com www.clarity.ms
2	d34qb8suadcc4g.cloudfront.net	get.catapultsystems.com d34qb8suadcc4g.cloudfront.net
1	distillery.wistia.com	fast.wistia.com
1	c.bing.com	1 redirects
1	d2xxq4ijfwetlm.cloudfront.net	a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
1	a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com	assets.ubembed.com
1	www.google.de	get.catapultsystems.com
1	www.google.com	get.catapultsystems.com
1	assets.ubembed.com	a8085b09e5bb4f629270b7b796d93ca2.js.ubembed.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	events.ub-analytics.com	get.catapultsystems.com
1	a8085b09e5bb4f629270b7b796d93ca2.js.ubembed.com	get.catapultsystems.com
1	mktdplp102cdn.azureedge.net	get.catapultsystems.com
1	get.catapultsystems.com
1	catapultsystems.us	1 redirects
70	26

This site contains no links.

Subject Issuer	Validity	Valid
get.catapultsystems.com R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh
*.unbounce.com Amazon	`2022-02-08` - `2023-03-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.ub-analytics.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
*.svc.dynamics.com Microsoft RSA TLS CA 01	`2022-04-29` - `2023-04-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.pages.ubembed.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-28` - `2023-03-31`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.events.ubembed.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.wistia.com Amazon	`2022-03-02` - `2023-03-31`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Frame ID: 8DC40938C4576BD346F30DF331314D99
Requests: 56 HTTP requests in this frame

Frame: https://d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com/t/c/PJGCp4vCJN9tAFKMijJlAK5ecfvKPtVxUnQhmrSBEQw/6fuJM1K_UdaAITgvn7Y4mbjTVyu3U-TNDiFAUEVM/qE8WjwSU?trackwebsitevisited=true&ad=https%3A%2F%2Fget.catapultsystems.com%2Fsecurity-discovery-remediation%2F%3Futm_campaign%3DSecurity_Incident_Response%26utm_medium%3DEmail%26utm_source%3DD365%26utm_content%3DEM5%23msdynttrid%3DQlmEUhdnLe01eFKpX79ab9bgTkQLOYpeY6hrIOogLWo&rf=&id=5236265826
Frame ID: 9183C06553DDCC3A603CECBD75427EC5
Requests: 1 HTTP requests in this frame

Frame: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/604c24a7-5c67-40c8-9187-923c4b75cd0d/a.html?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5&closedAt=0
Frame ID: FE7B2B63ED70C864C1D8E3BB2ECCE308
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Discovering, Remediating and Preventing Security Incidents

Page URL History Show full URLs

https://d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com/t/t/x9Qxx8xZ5Q2kpq2pSO5jvn860ERCSzxZC9xKSI5hJ80x/KgYyxQVtAhyP8koRN3QF6UxLf99... HTTP 302
https://catapultsystems.us/ueLUs HTTP 301
https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_... Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

97 %
HTTPS

48 %
IPv6

17
Domains

26
Subdomains

24
IPs

4
Countries

945 kB
Transfer

2515 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com/t/t/x9Qxx8xZ5Q2kpq2pSO5jvn860ERCSzxZC9xKSI5hJ80x/KgYyxQVtAhyP8koRN3QF6UxLf99vaMpSfBTJdGijcasx HTTP 302
https://catapultsystems.us/ueLUs HTTP 301
https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=8D0F3660FFD64293AB81B32A8E72F4F8&RedC=c.clarity.ms&MXFR=0808D4DD34AE684507C1C53830AE6675 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=8D0F3660FFD64293AB81B32A8E72F4F8&MUID=2C49003D6CB36AB8269211D86DD86B83

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
get.catapultsystems.com/security-discovery-remediation/
Redirect Chain

https://d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com/t/t/x9Qxx8xZ5Q2kpq2pSO5jvn860ERCSzxZC9xKSI5hJ80x/KgYyxQVtAhyP8koRN3QF6UxLf99vaMpSfBTJdGijcasx
https://catapultsystems.us/ueLUs
https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5

111 KB
19 KB

505ms
305ms

Document
text/html

3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1c3c7222f56d0a5e864594f0f49d40d32898a6156742bb1dfe82ebae88636596

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-location: https://get.catapultsystems.com/security-discovery-remediation/
content-type: text/html; charset=UTF-8
date: Mon, 18 Jul 2022 18:46:45 GMT
etag: "a:e25943026927bea5b72e7eb29ab53fb7"
last-modified: Mon, 11 Jul 2022 13:28:47 GMT
link: <https://get.catapultsystems.com/security-discovery-remediation/>; rel="canonical"
p3p: CP="This is not a privacy policy."
transfer-encoding: chunked
x-proxy-backend: page-server
x-unbounce-pageid: acfc0960-3420-4622-9047-777285080a42
x-unbounce-variant: a
x-unbounce-visitorid: 9e1e0f73-74b6-472c-9dce-cb2888c678ca

Redirect headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Authorization, x-access-token, Accept, *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: keep-alive
Content-Length: 384
Content-Type: text/html; charset=utf-8
Date: Mon, 18 Jul 2022 18:46:45 GMT
Location: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Referer: D365
Server: nginx/1.10.3
Vary: Accept
X-Powered-By: Express

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 104ms
24ms Stylesheet
text/css 13.32.99.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 01:12:18 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 22:28:54 GMT
server: AmazonS3
age: 14146469
etag: "43729a62fb549c1f6784cd5cc32082e0"
x-cache: Hit from cloudfront
x-amz-version-id: kJDetr_gaa4mXuLbtL4sIGZNSy2Uu.RY
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: 2THIWdsqS6tmgcsn2fNN9yd3lBX9us-MONTDCWYAZ4UKdHFstyFwgA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 99ms
23ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 02:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 02:16:20 GMT

GET
H2 200 jquery-shims.bundle-aa41391.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 104ms
26ms Script
application/javascript 13.32.99.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 17 May 2022 03:43:53 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 15:25:07 GMT
server: AmazonS3
age: 5410974
etag: "99f105cfe0be5c178ca50c04e9b011ce"
x-cache: Hit from cloudfront
x-amz-version-id: YMfa0bbw54Aahx5ZUN4N2_zxUfJCGiaM
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: application/javascript
content-length: 1991
x-amz-cf-id: ZKDvWjSFaAiG8WcKRknoPQMP-NMq3P9SVENg_jO45UPFsWwKEYe3pA==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 84ms
23ms Script
application/javascript 2600:9000:2315:7800:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:7800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 05 May 2022 12:14:08 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
server: AmazonS3
age: 6417159
etag: "f6420c864830b5860bfaadd47a2bb21b"
x-cache: Hit from cloudfront
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
content-length: 1856
x-amz-cf-id: kpsRIQ9yQu3J0mFzjGofidtJDVV0Z_j7wwoXbwrJeOjyWNbljm31ug==

GET
H2 200 ra7x3ca2x5.jsonp Show response
fast.wistia.com/embed/medias/ 5 KB
2 KB 172ms
119ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/ra7x3ca2x5.jsonp

Requested by

Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

939c1ab8bab5e922e1ac0352604fc4f8b161b1ad1e548729960e2241c78e570b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 0
x-cache: HIT, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length: 1884
x-request-id: 252a98b3713b393ffb230a9b6807db33
x-served-by: cache-iad-kiad7000077-IAD, cache-hhn4042-HHN
x-runtime: 0.085393
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1658170006.172198,VS0,VE92
etag: W/"939c1ab8bab5e922e1ac0352604fc4f8"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 103
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 624 KB
114 KB 77ms
25ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98f89d4b3d44aaf5829e7adb779f18a60ff068260e1a3593686892d1d66fbb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:46 GMT
content-encoding: br
vary: Accept-Encoding
age: 2041
x-cache: HIT, HIT
content-length: 115822
x-served-by: cache-iad-kiad7000120-IAD, cache-hhn4042-HHN
access-control-allow-origin: *
x-browser-version: 103
last-modified: Mon, 18 Jul 2022 18:11:29 GMT
x-timer: S1658170006.172141,VS0,VE0
etag: "62d5a251-1c46e"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 565

GET
H2 200 swatch
fast.wistia.com/embed/medias/ra7x3ca2x5/ 4 KB
4 KB 172ms
120ms Image
image/jpeg 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/ra7x3ca2x5/swatch

Requested by

Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

321e7e0fcb6753a1a4ff11ec64dabc6577a9c2e0d39bb3f7fecbf03a73769508

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:46 GMT
access-control-request-method: *
age: 20263
x-cache: HIT, MISS
content-disposition: inline
content-length: 3897
x-served-by: cache-iad-kcgs7200095-IAD, cache-hhn4042-HHN
access-control-allow-origin: *, *
x-browser-version: 103
last-modified: Tue, 23 Mar 2021 20:44:19 UTC
x-timer: S1658170006.172198,VS0,VE91
strict-transport-security: max-age=0
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: public, no-cache, max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 form-loader.js Show response
mktdplp102cdn.azureedge.net/public/latest/js/ 342 KB
77 KB 104ms
21ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mktdplp102cdn.azureedge.net/public/latest/js/form-loader.js?v=1.65.1064.0
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E8D) /
Resource Hash: bb704660a7253f6ed7b8fb3c625c31d7902132b6ee1b787687f80c30e55df349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Jul 2022 18:46:46 GMT
content-encoding: gzip
content-md5: 6If7hQbjy90SxtaUZeq/Gg==
age: 541065
x-cache: HIT
content-length: 78299
x-ms-lease-status: unlocked
last-modified: Tue, 12 Jul 2022 12:26:16 GMT
server: ECAcc (frc/8E8D)
etag: 0x8DA6401B7B1A50E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 957a10c5-001e-0000-71ea-9553a3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 main.bundle-384ff03.z.js Show response
builder-assets.unbounce.com/published-js/ 103 KB
33 KB 30ms
28ms Script
application/javascript 13.32.99.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:18:57 GMT
content-encoding: gzip
last-modified: Mon, 04 Jul 2022 16:47:26 GMT
server: AmazonS3
age: 1214870
etag: "1825a0c47b2e38b6cf30a4072987bce1"
x-cache: Hit from cloudfront
x-amz-version-id: 8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: application/javascript
content-length: 33495
x-amz-cf-id: 2TGFpr_STywQLaDYMrU20HI7ZzDpUEnxHWPky5eHtUF1877huMWAkA==

GET
H2 200 / Show response
a8085b09e5bb4f629270b7b796d93ca2.js.ubembed.com/ 2 KB
1 KB 199ms
120ms Script
application/json 151.101.65.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a8085b09e5bb4f629270b7b796d93ca2.js.ubembed.com/
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 02a73ecd4e183dba8a4a8b9c164c42025a9676529088efd671148f7935ace1f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:46 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 0
etag: W/1b0c66d09a6ac25020f17586a2c0fd62-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA56-C1
accept-ranges: none
x-amz-apigw-id: VeeXgGaRjoEFSEw=

GET
H2 200 6k6s4htwsa Show response
www.clarity.ms/tag/ 1 KB
2 KB 228ms
139ms Script
application/x-javascript 2620:1ec:27::cafe:1375
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/6k6s4htwsa
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1375 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 05a82e926ed06279fb60462857baf2d2451d656d9540df33e65008199e30fbf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:45 GMT
x-powered-by: ASP.NET
x-azure-ref: 0lqrVYgAAAAC9+KRvdtO+RLvyuwNEF0bpVklFRURHRTA3MDcANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6286
date: Mon, 18 Jul 2022 17:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 18 Jul 2022 19:02:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 28ms
28ms Script
application/javascript 2600:9000:2315:7800:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:7800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 23 May 2022 06:02:31 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
age: 4884256
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
content-length: 30399
x-amz-cf-id: yq-du4ONCxCDuUTx3Gs3_Xxxe4cUylRuIL-Ay_ySKhLdSCEuK9aG_g==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 28ms
28ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=561100708&t=pageview&_s=1&dl=https%3A%2F%2Fget.catapultsystems.com%2Fsecurity-discovery-remediation%2F%3Futm_campaign%3DSecurity_Incident_Response%26utm_medium%3DEmail%26utm_source%3DD365%26utm_content%3DEM5&dp=%2Fsecurity-discovery-remediation%2Fa%3Futm_campaign%3DSecurity_Incident_Response%26utm_medium%3DEmail%26utm_source%3DD365%26utm_content%3DEM5&ul=en-us&de=UTF-8&dt=Discovering%2C%20Remediating%20and%20Preventing%20Security%20Incidents&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=325399107&gjid=852497153&cid=1748548686.1658170006&tid=UA-2095316-1&_gid=454212458.1658170006&_r=1&_slc=1&z=1320899320

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.catapultsystems.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 18:46:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.catapultsystems.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 59094165-landing-page-header-city-grid-dark-teal-1700x500_10000001b80bo000014000.jpg
d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/ 159 KB
160 KB 540ms
473ms Image
image/jpeg 13.225.84.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/59094165-landing-page-header-city-grid-dark-teal-1700x500_10000001b80bo000014000.jpg
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-77.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5fc7a50cb4254d1ae76c0b59f6c8779e16e9e7f10962a864b6a611b91a4dd13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:47 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2022 13:28:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "636e160ec65ffde37a82006e06eb5bc8"
x-cache: Miss from cloudfront
x-amz-version-id: ewFrAdPRx0DPuVUhDtt8N2SyzWacMG2T
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
content-length: 162761
x-amz-cf-id: 0JYaNF5RNKVf-ms6onWm7oIK_Rdff0W9LqFzQ1idYo9pWudR0_TFAA==

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 442ms
111ms Image
image/gif 67.202.52.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1658170006251&e=pv&url=https%3A%2F%2Fget.catapultsystems.com%2Fsecurity-discovery-remediation%2F%3Futm_campaign%3DSecurity_Incident_Response%26utm_medium%3DEmail%26utm_source%3DD365%26utm_content%3DEM5%23msdynttrid%3DQlmEUhdnLe01eFKpX79ab9bgTkQLOYpeY6hrIOogLWo&page=Discovering%2C%20Remediating%20and%20Preventing%20Security%20Incidents&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=67506fcf-78dc-475c-94e2-66c4ecfcb1d7&dtm=1658170006232&vp=1600x1200&ds=1600x2007&vid=1&sid=886e3708-661e-49f9-8dab-bcfd13b411cb&duid=1dc7d034-e5ad-446a-8fc0-7c2fe633f4ab&uid=9e1e0f73-74b6-472c-9dce-cb2888c678ca&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiYWNmYzA5NjAtMzQyMC00NjIyLTkwNDctNzc3Mjg1MDgwYTQyIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.202.52.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-67-202-52-6.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Jul 2022 18:46:46 GMT
access-control-allow-credentials: true
server: akka-http/10.0.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 136cd2e0-bf52-4dd9-aab0-15f1a57adad1
https://get.catapultsystems.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://get.catapultsystems.com/136cd2e0-bf52-4dd9-aab0-15f1a57adad1
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 87ms
36ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,regular,600,700%7CRubik:500,regular,700%7CPoppins:regular,700,300,500%7CMontserrat:800,600%7CRoboto+Condensed:regular%7CSource+Sans+Pro:italic

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa163bfc579e749d6cb71322857b399770b728ff9c6d8f32f57d1c55c4e46aff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 18:46:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Jul 2022 18:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Jul 2022 18:46:46 GMT

GET
H2 200 b6ee38b7-cat-quis-logo-png_104b01b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/ 3 KB
3 KB 491ms
453ms Image
image/png 13.225.84.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/b6ee38b7-cat-quis-logo-png_104b01b000000000000028.png
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-77.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a684c679fce3f0a93d4a068fc9786b08593f8890e9d46aea79f30ccbdc38ab62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:47 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2022 13:28:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "7b02736658d618e97585da216276c941"
x-cache: Miss from cloudfront
x-amz-version-id: OLt9W6ZIOb5sqNfeFJbkChf5RVZYpp_c
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 2644
x-amz-cf-id: aLYlV4Fldg9On7rTuTlp-TjKULr6AtJuj6a37rpDE945QK_SrmVNvg==

GET
H2 200 a52e8b87-microsoft-logo-color_1052017000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/ 2 KB
2 KB 501ms
464ms Image
image/png 13.225.84.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/a52e8b87-microsoft-logo-color_1052017000000000000028.png
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-77.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21f5ab126fed5350111a226d5371b546889bb6267e95d68d16be62b4e151ae05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:47 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2022 13:28:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "bf4cae36264ad13dcad8a879be5edde9"
x-cache: Miss from cloudfront
x-amz-version-id: jiQ_w9b3zoJHIuUzBIUs.YWhHB_JoCeA
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 1706
x-amz-cf-id: zEGP1R5a0-87WG1J49SRlSJMfGuMDKtGnw54dA0IC70142qp64FJIA==

GET
H2 200 e1e6c56d-darkness-mob_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/ 7 KB
8 KB 491ms
454ms Image
image/png 13.225.84.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/e1e6c56d-darkness-mob_1000000000000000000028.png
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-77.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34faea15ae35728106e46964b28661f965780aceb99f3c32016291b8291311a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:47 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2022 13:28:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "c8efa1fe659ac4eb554b84b1f4774cba"
x-cache: Miss from cloudfront
x-amz-version-id: .97L6noao55fEP_2DZOdrN6mKKWqWdWp
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 7658
x-amz-cf-id: FUaVfUauQtn5VmeT5SKe2DISZIVQreUX1wA683uUjTdRkK-UIzxbJw==

GET
H2 200 f181b752-male-female-laptop-glass-blue_107g07g07f07g000000000.jpg
d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/ 32 KB
33 KB 479ms
442ms Image
image/jpeg 13.225.84.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/f181b752-male-female-laptop-glass-blue_107g07g07f07g000000000.jpg
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-77.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1eb78a3e35e2ad4d681f4173ad2836e4a1d716055299002f40393776a738379e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:47 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2022 13:28:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "2dd4d5496df7b88dc8869622dcce4aaa"
x-cache: Miss from cloudfront
x-amz-version-id: wQRGElgSR.K8swuM94ikNoGBeCYcp8CM
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
content-length: 32889
x-amz-cf-id: p8vfIHgeZhqGpzTzypLlL6lkRrCweXi1gxcQCLqx2qgA7cKXpBGamw==

GET
H2 200 499bcfa6-quisitive-logo_105200s000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/ 1 KB
2 KB 449ms
412ms Image
image/png 13.225.84.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/499bcfa6-quisitive-logo_105200s000000000000028.png
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-77.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4235af5fb9d731a67329ff42d7467980f82021f5e62945b061a3bab2c3f36a95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:47 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2022 13:28:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "296c9715a368f2243a9781ea06d25a14"
x-cache: Miss from cloudfront
x-amz-version-id: u.ywuVlf.gX.AdehCYh5IiwZS51IBMgq
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 1461
x-amz-cf-id: FVQKl83VMz7oR_sOIS0dGNx-VRRvXVbvc5zGLdCqYPew4uYU9_QY3w==

GET
H2 200 682ada1c-cat-fy20-us-m365-security-3x_104j020000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/ 2 KB
2 KB 25ms
25ms Image
image/png 13.225.84.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/682ada1c-cat-fy20-us-m365-security-3x_104j020000000000000028.png
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-77.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2168b376fa9e4b8564dbb1c230178ba585095a3f062fb0ba8915c380a50f9f00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 18:04:11 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2022 13:28:47 GMT
server: AmazonS3
age: 261756
etag: "0222cd5cf7508b6d29a6251f0b4ff6bb"
x-cache: Hit from cloudfront
x-amz-version-id: mAH8d4fF464YtjQovTo583bbExJhWr98
cache-control: max-age=31557600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
content-length: 2126
x-amz-cf-id: tAk4VVH8P1bqGnFFwtZPCs35bdsvEHyeGtqBBSHrA21ui0--CrvJ_A==

GET
H2 200 d1a5509b-icon-wvd-security-_1025024000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/ 838 B
1 KB 466ms
465ms Image
image/png 13.225.84.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/d1a5509b-icon-wvd-security-_1025024000000000000028.png
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-77.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b6a5660a7bf1d115cef1ca825edf4224fa381bed71ff2ff6635ca494f1b9c4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:47 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2022 13:28:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "6c6f6b8370e5b00f2da365a74b7ba415"
x-cache: Miss from cloudfront
x-amz-version-id: znsUKvvyEW_G0mPnkk_BIT.qnXUloflQ
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 838
x-amz-cf-id: lEWJJ9IMrTioBKSaMTZ-KlyGvorXXleCjDYseA8gXpyJNX4vNw0FJQ==

GET
H2 200 b6ee38b7-cat-quis-logo-png_104d01c000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/ 3 KB
3 KB 41ms
40ms Image
image/png 13.225.84.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/b6ee38b7-cat-quis-logo-png_104d01c000000000000028.png
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-77.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bc3253cffd20760ef1c7d1115f9cbdf1c4423e414ad52e9cff500bc38d21d33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 18:04:11 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2022 13:28:47 GMT
server: AmazonS3
age: 261756
etag: "022bffae3c3cfa2d34f18edc39a592a2"
x-cache: Hit from cloudfront
x-amz-version-id: 1szrsOOE2kyld1iCfZ28VDDAvCWA2iHw
cache-control: max-age=31557600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
content-length: 2703
x-amz-cf-id: FnlZx3OeCDO2rkwHfW3Uc7XfS8lSeGH7j4McEkVIA6q0BeQtKj3ZUQ==

GET
H2 200 499bcfa6-quisitive-logo_105400t000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/ 1 KB
2 KB 465ms
465ms Image
image/png 13.225.84.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.catapultsystems.com/security-discovery-remediation/499bcfa6-quisitive-logo_105400t000000000000028.png
Requested by: Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-77.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f217e2fdad4e7db375a29298e2eae0fd7ad60725ddc2807b36dd80909aec8b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:47 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2022 13:28:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "d3e4581238ca18948de12d03d111be36"
x-cache: Miss from cloudfront
x-amz-version-id: I3OhA0vvyXrmDhwrM1A.DcpRCGpLxD9e
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 1447
x-amz-cf-id: qR41WOBaViDkkiuf5K9Hc0fiymVV4h9fVQxXFVmysr6osy2B8IvcMg==

GET
H2 200 qE8WjwSU Show response
d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com/t/c/PJGCp4vCJN9tAFKMijJlAK5ecfvKPtVxUnQhmrSBEQw/6fuJM1K_UdaAITgvn7Y4mbjTVyu3U-TNDiFAUEVM/ Frame 9183 2 KB
2 KB 538ms
538ms Document
text/html 52.183.87.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com/t/c/PJGCp4vCJN9tAFKMijJlAK5ecfvKPtVxUnQhmrSBEQw/6fuJM1K_UdaAITgvn7Y4mbjTVyu3U-TNDiFAUEVM/qE8WjwSU?trackwebsitevisited=true&ad=https%3A%2F%2Fget.catapultsystems.com%2Fsecurity-discovery-remediation%2F%3Futm_campaign%3DSecurity_Incident_Response%26utm_medium%3DEmail%26utm_source%3DD365%26utm_content%3DEM5%23msdynttrid%3DQlmEUhdnLe01eFKpX79ab9bgTkQLOYpeY6hrIOogLWo&rf=&id=5236265826

Requested by

Host: mktdplp102cdn.azureedge.net
URL: https://mktdplp102cdn.azureedge.net/public/latest/js/form-loader.js?v=1.65.1064.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.183.87.159 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

7bb836df8b26fc7f56da48e9c6cd274e0cc27af2e9ba8ab6d8770322c501138a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.catapultsystems.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

api-deprecated: False
content-length: 2042
content-type: text/html; charset=utf-8
date: Mon, 18 Jul 2022 18:46:45 GMT
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000; includeSubDomains
x-activity-id: d22133c5-5d22-485a-b540-10e9de0d6fbc
x-content-type-options: nosniff
x-ms-activity-id: d22133c5-5d22-485a-b540-10e9de0d6fbc
x-servicefabricrequestid: b046420f-c778-4c43-9960-06c6ece34540 dd59f128-64a6-4c71-a9f8-dd69ef8c7987

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 89ms
30ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2095316-1&cid=1748548686.1658170006&jid=325399107&gjid=852497153&_gid=454212458.1658170006&_u=IEBAAEAAAAAAAC~&z=1197073357

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.catapultsystems.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 Jul 2022 18:46:46 GMT
content-type: text/plain
access-control-allow-origin: https://get.catapultsystems.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.2/ 174 KB
48 KB 89ms
27ms Script
application/javascript 108.138.17.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by: Host: a8085b09e5bb4f629270b7b796d93ca2.js.ubembed.com
URL: https://a8085b09e5bb4f629270b7b796d93ca2.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 25 May 2022 02:45:33 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
server: AmazonS3
age: 4723273
etag: W/"359008fe01078c59c66e034866170bd2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: 46rfbAVG5D3RJ2oFbMxQ5oy-6bc_w6BI4nfY5gbebMJOmFUyx3mUHA==

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 127 KB
32 KB 25ms
25ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

73460faf84573b2c35bfba8dd01a7579e06632decd9b78e96dba619cd42613f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:46 GMT
content-encoding: br
vary: Accept-Encoding
age: 2041
x-cache: HIT, HIT
content-length: 32426
x-served-by: cache-iad-kjyo7100044-IAD, cache-hhn4042-HHN
access-control-allow-origin: *
x-browser-version: 103
last-modified: Mon, 18 Jul 2022 18:11:29 GMT
x-timer: S1658170006.363897,VS0,VE1
etag: "62d5a251-7eaa"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 415

GET
H2 200 share-v2.js Show response
fast.wistia.com/assets/external/ 50 KB
14 KB 21ms
21ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/share-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1b36f5fb177f9c0bce4cc478bf43c473fae2dfa3b67bd156eb544afb9971ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:46 GMT
content-encoding: br
vary: Accept-Encoding
age: 2042
x-cache: HIT, HIT
content-length: 14002
x-served-by: cache-iad-kiad7000150-IAD, cache-hhn4042-HHN
access-control-allow-origin: *
x-browser-version: 103
last-modified: Mon, 18 Jul 2022 18:11:29 GMT
x-timer: S1658170006.384338,VS0,VE0
etag: "62d5a251-36b2"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 16

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 77ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,regular,600,700%7CRubik:500,regular,700%7CPoppins:regular,700,300,500%7CMontserrat:800,600%7CRoboto+Condensed:regular%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.catapultsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 02:27:06 GMT
x-content-type-options: nosniff
age: 145180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 02:27:06 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 99ms
46ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.catapultsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 429713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 19:24:53 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 129ms
78ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.catapultsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 429662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 19:25:44 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 105ms
55ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.catapultsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 400946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 03:24:20 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v20/ 33 KB
33 KB 129ms
80ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v20/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.catapultsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:25:03 GMT
x-content-type-options: nosniff
age: 429703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33620
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 19:25:03 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 114ms
67ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.catapultsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 429662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 19:25:44 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 118ms
72ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.catapultsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 03:09:34 GMT
x-content-type-options: nosniff
age: 142632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 03:09:34 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 119ms
65ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2095316-1&cid=1748548686.1658170006&jid=325399107&_u=IEBAAEAAAAAAAC~&z=829877642

Requested by

Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 18:46:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 112ms
60ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2095316-1&cid=1748548686.1658170006&jid=325399107&_u=IEBAAEAAAAAAAC~&z=829877642

Requested by

Host: get.catapultsystems.com
URL: https://get.catapultsystems.com/security-discovery-remediation/?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 18:46:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-c/s/0.6.36/ 52 KB
23 KB 133ms
133ms Script
application/javascript 2620:1ec:27::cafe:1375
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-c/s/0.6.36/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/6k6s4htwsa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1375 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:45 GMT
content-encoding: br
etag: "1d897c159e34826"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0lqrVYgAAAAAiKyWUOWcgQLvTN6AIvd2UVklFRURHRTA3MDcANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
content-length: 23009
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 googleAds.js Show response
fast.wistia.com/assets/external/ 15 KB
4 KB 23ms
23ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/googleAds.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

753e986546a4ebbac430c652cab3fd9efe560c33a5878187ec7397bc9fc08978

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:46 GMT
content-encoding: br
vary: Accept-Encoding
age: 2042
x-cache: HIT, HIT
content-length: 3986
x-served-by: cache-iad-kcgs7200076-IAD, cache-hhn4042-HHN
access-control-allow-origin: *
x-browser-version: 103
last-modified: Mon, 18 Jul 2022 18:11:29 GMT
x-timer: S1658170006.404711,VS0,VE0
etag: "62d5a251-f92"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 6

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 112ms
74ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.catapultsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 19:11:51 GMT
x-content-type-options: nosniff
age: 344095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 19:11:51 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
12 KB 106ms
68ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.catapultsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 20:15:44 GMT
x-content-type-options: nosniff
age: 426662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12580
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 20:15:44 GMT

GET
H/1.1 200
OK a.html Show response
a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/604c24a7-5c67-40c8-9187-923c4b75cd0d/ Frame FE7B 12 KB
4 KB 697ms
623ms Document
text/html 3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/604c24a7-5c67-40c8-9187-923c4b75cd0d/a.html?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5&closedAt=0
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bf2b875420e84df779d5151eb313392bff931263ca628b37f092cd5dcb780474

Request headers

Referer: https://get.catapultsystems.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 18 Jul 2022 18:46:47 GMT
etag: 59e85abd3ce456039e177bdcfee5432c
last-modified: Tue, 17 Jul 2018 14:10:49 GMT
p3p: CP="This is not a privacy policy."
transfer-encoding: chunked
x-proxy-backend: page-server
x-unbounce-pageid: 604c24a7-5c67-40c8-9187-923c4b75cd0d

POST
H2 204 collect Show response
h.clarity.ms/ 0
25 B 1790ms
341ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.36/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://get.catapultsystems.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://get.catapultsystems.com
date: Mon, 18 Jul 2022 18:46:47 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H2 200 qCtpFn_yNRUoMrIPYvsvVp4gNRqaTopttHN4-GaE7Kg Show response
d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com/f/cv/PJGCp4vCJN9tAFKMijJlAK5ecfvKPtVxUnQhmrSBEQw/c/ 0
337 B 663ms
315ms XHR
text/plain 52.183.87.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com/f/cv/PJGCp4vCJN9tAFKMijJlAK5ecfvKPtVxUnQhmrSBEQw/c/qCtpFn_yNRUoMrIPYvsvVp4gNRqaTopttHN4-GaE7Kg

Requested by

Host: mktdplp102cdn.azureedge.net
URL: https://mktdplp102cdn.azureedge.net/public/latest/js/form-loader.js?v=1.65.1064.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.183.87.159 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.catapultsystems.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
x-servicefabricrequestid: 417c6eb8-2e78-4cd2-af09-214680d1f75d, 8c5d23f5-a7b8-4127-990d-de521395ea7d
vary: Origin
access-control-allow-origin: https://get.catapultsystems.com
x-ms-activity-id: 55622093-bd93-4530-9d7b-a6a594709c3a
x-activity-id: 55622093-bd93-4530-9d7b-a6a594709c3a
date: Mon, 18 Jul 2022 18:46:47 GMT
content-length: 0
api-deprecated: False

GET
H2 200 page-defaults-bb36b9f.z.css
builder-assets.unbounce.com/published/ Frame FE7B 16 KB
4 KB 28ms
23ms Stylesheet
text/css 13.32.99.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published/page-defaults-bb36b9f.z.css
Requested by: Host: a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
URL: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/604c24a7-5c67-40c8-9187-923c4b75cd0d/a.html?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb36b9fe93d43849c0956657d7650e76a84e217c79a86d88e4d6f329169f79c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 19 May 2022 22:53:37 GMT
content-encoding: gzip
last-modified: Tue, 18 Sep 2018 23:52:25 GMT
server: AmazonS3
age: 5169191
etag: "54e3b222dab7f62aa7c4457acdc8c0c6"
x-cache: Hit from cloudfront
x-amz-version-id: TDUQ4aVZ_oT.nDZblcqvM_oMZYR3wKXC
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: text/css
content-length: 3236
x-amz-cf-id: R2jqrGxB4FvEOKe_xw6K4BpBLD5rlGtJkFsWEZD4tlxUlqSa1oHEGA==

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ Frame FE7B 70 KB
24 KB 76ms
25ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
URL: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/604c24a7-5c67-40c8-9187-923c4b75cd0d/a.html?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5&closedAt=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 02:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 02:16:20 GMT

GET
H2 200 unbounce.js Show response
d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/api/ Frame FE7B 641 B
985 B 148ms
40ms Script
application/javascript 65.9.54.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/api/unbounce.js
Requested by: Host: a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
URL: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/604c24a7-5c67-40c8-9187-923c4b75cd0d/a.html?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.54.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-54-224.arn54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb23e74443fd3afd6f6a57e70cc0cd49afca31cb61c6224df8036dc7a11f555a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3bf14a720d62e0d1295d99086d103efa.cloudfront.net (CloudFront)
last-modified: Tue, 07 Jan 2014 17:53:15 GMT
server: AmazonS3
age: 39728
etag: "550bf4d55f148aa3459eafa64f3eb6a3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 18 Jul 2022 07:45:38 GMT
x-amz-cf-pop: ARN54-C1
accept-ranges: bytes
content-length: 641
x-amz-cf-id: joqsirTWyXvYd291Psyfpmn-rl7CX8bvkuyMsFu3OdbFWkTnnNUw9A==

GET
H2 200 main-90cd9cc.z.js Show response
builder-assets.unbounce.com/modules/lp-block/public/ Frame FE7B 1020 B
831 B 29ms
25ms Script
application/javascript 13.32.99.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/modules/lp-block/public/main-90cd9cc.z.js
Requested by: Host: a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
URL: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/604c24a7-5c67-40c8-9187-923c4b75cd0d/a.html?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90cd9cc3f3648004b94945176c5331b6cbaf477e541623caf80d580933d0cb02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:15:58 GMT
content-encoding: gzip
last-modified: Wed, 26 Sep 2018 23:30:31 GMT
server: AmazonS3
age: 5409050
etag: "d842560f2f4cfe39a294c0f146f407b4"
x-cache: Hit from cloudfront
x-amz-version-id: w1fSbW._ZH40Sbo1PoSNI.QohsaGb0Cq
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: application/javascript
content-length: 423
x-amz-cf-id: PeDBRN6fbPXBWEQDilezZbuQBOaAolx10KIVJDtknkK177KDBpktRg==

GET
H2 200 matchMedia-ba7af92.z.js Show response
builder-assets.unbounce.com/published/ Frame FE7B 925 B
973 B 28ms
24ms Script
application/javascript 13.32.99.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published/matchMedia-ba7af92.z.js
Requested by: Host: a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
URL: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/604c24a7-5c67-40c8-9187-923c4b75cd0d/a.html?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba7af92cb3ffbf763257405d2bd170cca3fc4a68906b000f4f0b4a615bb0e9a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 23:00:19 GMT
content-encoding: gzip
last-modified: Thu, 23 Aug 2018 23:35:23 GMT
server: AmazonS3
age: 7847189
etag: "8a3d44556a9fc8bb91dc41c3257f7ed7"
x-cache: Hit from cloudfront
x-amz-version-id: g.GoVUMSvf6WvcM6YYncLMIfUOararmI
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: application/javascript
content-length: 562
x-amz-cf-id: M_-7WRa_HSKTP7rRh5BFgT1XGRwv-tBXeUFdqOsy8qRg8EyfBjEXag==

GET
H2 200 main-ab7c8d0.z.js Show response
builder-assets.unbounce.com/modules/lp-text/public/ Frame FE7B 10 KB
4 KB 29ms
26ms Script
application/javascript 13.32.99.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/modules/lp-text/public/main-ab7c8d0.z.js
Requested by: Host: a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
URL: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/604c24a7-5c67-40c8-9187-923c4b75cd0d/a.html?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab7c8d0146d1b0fdfb968015ab7d3c0883bc6317c0d10054fd85770e8a577348

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 23 May 2022 03:32:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Aug 2018 23:35:20 GMT
server: AmazonS3
age: 4893277
etag: "62d6e4c81261eeab6b02bb4058c3b34b"
x-cache: Hit from cloudfront
x-amz-version-id: M2a_Ce94Kkd7N5TgHAQmYTj1zQRfpUoi
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: application/javascript
content-length: 3639
x-amz-cf-id: 14YIOVwrv38QoV8Mtp-6lR3vgrenoXKeIDUMMlMhnsnvEaudsWirtA==

GET
H2 200 main-2c7fa8b.z.js Show response
builder-assets.unbounce.com/modules/lp-button/public/ Frame FE7B 3 KB
2 KB 29ms
27ms Script
application/javascript 13.32.99.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/modules/lp-button/public/main-2c7fa8b.z.js
Requested by: Host: a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
URL: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/604c24a7-5c67-40c8-9187-923c4b75cd0d/a.html?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c7fa8b3d3b30d225de29b96959202c2587b6abfe93235558abbb45ba0921b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:59:02 GMT
content-encoding: gzip
last-modified: Thu, 23 Aug 2018 23:35:19 GMT
server: AmazonS3
age: 13283266
etag: "6f604bd63fbd1c5da8a8e4c4b927e8c8"
x-cache: Hit from cloudfront
x-amz-version-id: Q2q.TNf2tjStcZjEPkylrYsUApV95Hgk
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: application/javascript
content-length: 1295
x-amz-cf-id: LGQyL3HG2GlrClARoClghBcEKKqul89ycl0OQstQNMXAXqTWJ3csbA==

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.4.7/ Frame FE7B 17 KB
7 KB 84ms
35ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 09:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6756
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:18:02 GMT

GET
H2 200 ub-browser-fe2b354.z.js Show response
builder-assets.unbounce.com/published/ Frame FE7B 3 KB
1 KB 30ms
28ms Script
application/javascript 13.32.99.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published/ub-browser-fe2b354.z.js
Requested by: Host: a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
URL: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/604c24a7-5c67-40c8-9187-923c4b75cd0d/a.html?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe2b354c8311d29370b5f16f544fbcf296a49d2e5bb2d991ff28b376941d8464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 20:12:17 GMT
content-encoding: gzip
last-modified: Wed, 26 Sep 2018 23:30:35 GMT
server: AmazonS3
age: 23063671
etag: "9fa3364ec05ec0dec3b7e5623808e4a4"
x-cache: Hit from cloudfront
x-amz-version-id: YaAR4YfGOjoEilISXp5dZqWkX.N3un9f
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: application/javascript
content-length: 1081
x-amz-cf-id: xBm_Mr_USC_mpWnVVFVQwCc7KHsDl7VCBdTaTqiN51sY4OCZn6pa7A==

GET
H2 200 embeddable-ed5ba84.z.js Show response
builder-assets.unbounce.com/published/ Frame FE7B 4 KB
2 KB 29ms
27ms Script
application/javascript 13.32.99.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published/embeddable-ed5ba84.z.js
Requested by: Host: a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
URL: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/604c24a7-5c67-40c8-9187-923c4b75cd0d/a.html?utm_campaign=Security_Incident_Response&utm_medium=Email&utm_source=D365&utm_content=EM5&closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed5ba84cfdcc55a4b99eeb1798c0839d7eabe361d3075abac6d1af36513b32d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 23:00:18 GMT
content-encoding: gzip
last-modified: Thu, 23 Aug 2018 23:35:23 GMT
server: AmazonS3
age: 7847189
etag: "9e130a3da2bb85a3a79986ec99f64f80"
x-cache: Hit from cloudfront
x-amz-version-id: .0uAxQyxw._lIRJrN70TgPiSjs_FJA2A
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: application/javascript
content-length: 1570
x-amz-cf-id: Iq_m0KQWSSATjc79rNj5HCCchyz--8X7zZ00BSQhz33vjPAd6ZFZ2A==

GET
H3 200 css
fonts.googleapis.com/ Frame FE7B 4 KB
738 B 80ms
33ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:700%7COpen+Sans:regular

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7466cce299150676290c778c3a24b0452b3c74e63a809cf637bf7c29961ba946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 18:46:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Jul 2022 18:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Jul 2022 18:46:47 GMT

GET
H2 204 embeddableActivated Show response
a8085b09e5bb4f629270b7b796d93ca2.events.ubembed.com/ 0
106 B 351ms
109ms XHR
text/plain 52.0.99.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a8085b09e5bb4f629270b7b796d93ca2.events.ubembed.com/embeddableActivated?activationRuleId=4be60e6e824a4771b9ad78d0050e80f5&browserTrackingId=9b9edf25b34846128664cc1e4cb68ee5&clientId=e6a9c1e2-dab6-4383-90f8-9294dc653679&hostPageCorrelationId=8c7484ade2ef43139e0e12bd708482ef&hostPageReferrerUrl=&hostPageUrl=https%3A%2F%2Fget.catapultsystems.com%2Fsecurity-discovery-remediation%2F%3Futm_campaign%3DSecurity_Incident_Response%26utm_medium%3DEmail%26utm_source%3DD365%26utm_content%3DEM5%23msdynttrid%3DQlmEUhdnLe01eFKpX79ab9bgTkQLOYpeY6hrIOogLWo&isFirstTime=true&requestId=d57abb7c8c0f46a7a8937c8d80d4bc64&source=universalscript-v0.179.2
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.99.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-99-102.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://get.catapultsystems.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://get.catapultsystems.com
date: Mon, 18 Jul 2022 18:46:47 GMT
access-control-allow-credentials: true

GET
H2 204 embeddableViewed Show response
a8085b09e5bb4f629270b7b796d93ca2.events.ubembed.com/ 0
107 B 351ms
108ms XHR
text/plain 52.0.99.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a8085b09e5bb4f629270b7b796d93ca2.events.ubembed.com/embeddableViewed?activationRuleId=4be60e6e824a4771b9ad78d0050e80f5&browserTrackingId=9b9edf25b34846128664cc1e4cb68ee5&clientId=e6a9c1e2-dab6-4383-90f8-9294dc653679&hostPageCorrelationId=8c7484ade2ef43139e0e12bd708482ef&hostPageReferrerUrl=&hostPageUrl=https%3A%2F%2Fget.catapultsystems.com%2Fsecurity-discovery-remediation%2F%3Futm_campaign%3DSecurity_Incident_Response%26utm_medium%3DEmail%26utm_source%3DD365%26utm_content%3DEM5%23msdynttrid%3DQlmEUhdnLe01eFKpX79ab9bgTkQLOYpeY6hrIOogLWo&isFirstTime=true&requestId=b7a5fafc85184c0eabed28a86a7991cc&source=universalscript-v0.179.2
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.99.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-99-102.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://get.catapultsystems.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://get.catapultsystems.com
date: Mon, 18 Jul 2022 18:46:47 GMT
access-control-allow-credentials: true

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ Frame FE7B 16 KB
16 KB 70ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700%7COpen+Sans:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 11:57:13 GMT
x-content-type-options: nosniff
age: 24574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 11:57:13 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame FE7B 13 KB
13 KB 71ms
26ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700%7COpen+Sans:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 23:57:27 GMT
x-content-type-options: nosniff
age: 154160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12848
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jul 2023 23:57:27 GMT

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 58 KB
16 KB 26ms
25ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

30718bfb492fe873505c2e6716a17ca5d9b964ba477c312a14c6b73fede6a161

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 2042
x-cache: HIT, HIT
content-length: 15881
x-served-by: cache-iad-kiad7000135-IAD, cache-hhn4042-HHN
access-control-allow-origin: *
x-browser-version: 103
last-modified: Mon, 18 Jul 2022 18:11:29 GMT
x-timer: S1658170007.452951,VS0,VE0
etag: "62d5a251-3e09"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 405

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=8D0F3660FFD64293AB81B32A8E72F4F8&RedC=c.clarity.ms&MXFR=0808D4DD34AE684507C1C53830AE6675
https://c.clarity.ms/c.gif?CtsSyncId=8D0F3660FFD64293AB81B32A8E72F4F8&MUID=2C49003D6CB36AB8269211D86DD86B83

42 B
368 B

43ms
43ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=8D0F3660FFD64293AB81B32A8E72F4F8&MUID=2C49003D6CB36AB8269211D86DD86B83
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 18:46:46 GMT
last-modified: Sat, 02 Jul 2022 00:08:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8a177e6a78dd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 18 Jul 2022 18:46:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E53AE7A99CF740CB8A089F3140C47CC1 Ref B: FRAEDGE1409 Ref C: 2022-07-18T18:46:47Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=8D0F3660FFD64293AB81B32A8E72F4F8&MUID=2C49003D6CB36AB8269211D86DD86B83
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 x Show response
distillery.wistia.com/ 0
96 B 337ms
108ms XHR
text/plain 18.205.143.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.143.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-143-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://get.catapultsystems.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 18 Jul 2022 18:46:47 GMT
cache-control: max-age=0, private, must-revalidate

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=561100708&t=timing&_s=2&dl=https%3A%2F%2Fget.catapultsystems.com%2Fsecurity-discovery-remediation%2F%3Futm_campaign%3DSecurity_Incident_Response%26utm_medium%3DEmail%26utm_source%3DD365%26utm_content%3DEM5&ul=en-us&de=UTF-8&dt=Discovering%2C%20Remediating%20and%20Preventing%20Security%20Incidents&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3587&pdt=24&dns=153&rrt=1580&srt=305&tcp=46&dit=2411&clt=2411&_gst=2252&_gbt=2342&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1748548686.1658170006&tid=UA-2095316-1&_gid=454212458.1658170006&z=226596046

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 09:27:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33555
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
h.clarity.ms/ 0
181 B 784ms
340ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.36/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://get.catapultsystems.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://get.catapultsystems.com
date: Mon, 18 Jul 2022 18:46:47 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 21 KB
6 KB 22ms
22ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f4bff08eefad2499e70de194a62639e366424cc2b46d56d6bab3f2a0618e203c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.catapultsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 18:46:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 2709
x-cache: HIT, HIT
content-length: 5601
x-served-by: cache-iad-kcgs7200113-IAD, cache-hhn4042-HHN
access-control-allow-origin: *
x-browser-version: 103
last-modified: Mon, 18 Jul 2022 17:06:06 GMT
x-timer: S1658170008.453578,VS0,VE0
etag: "62d592fe-15e1"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 127

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
get.catapultsystems.com/security-discovery-remediation/	1970-01-20 09:01:07	Name: ubpv Value: a%2Cacfc0960-3420-4622-9047-777285080a42
d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com/	1970-01-20 22:07:22	Name: 79f08280-5c63-4331-b04d-fb6f39afda51 Value: 6QtrulgYqMZKd0_QKX9NNNq1oO2yj8-Y5rCljeSLSF8
get.catapultsystems.com/	1970-01-20 08:55:22	Name: ubvs Value: 9e1e0f73-74b6-472c-9dce-cb2888c678ca
.catapultsystems.com/	1970-01-20 04:40:29	Name: ubvt Value: 9e1e0f73-74b6-472c-9dce-cb2888c678ca
.catapultsystems.com/	1970-01-20 22:07:22	Name: _ga Value: GA1.2.1748548686.1658170006
.catapultsystems.com/	1970-01-20 04:37:36	Name: _gid Value: GA1.2.454212458.1658170006
.catapultsystems.com/	1970-01-20 04:36:10	Name: _gat Value: 1
get.catapultsystems.com/	1970-01-20 22:07:22	Name: msd365mkttr Value: 6fuJM1K_UdaAITgvn7Y4mbjTVyu3U-TNDiFAUEVM
get.catapultsystems.com/	1969-12-31 23:59:59	Name: msd365mkttrs Value: qE8WjwSU
www.clarity.ms/	1970-01-20 13:21:46	Name: CLID Value: dcdcbb7a2f33435a814b6ae206e6d2e3.20220718.20230718
.catapultsystems.com/	1970-01-20 13:21:46	Name: _clck Value: 16k8ucp\|1\|f39\|0
d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com/	1969-12-31 23:59:59	Name: 319af4c0-e197-4de9-8a9b-fe98c8a2ca04 Value: dyjXXpLNTHCmOIvirSGW3viEXkAcb07GdMroFtubL5w
.c.bing.com/	1970-01-20 13:57:46	Name: SRM_B Value: 2C49003D6CB36AB8269211D86DD86B83
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:57:46	Name: MUID Value: 2C49003D6CB36AB8269211D86DD86B83
.c.clarity.ms/	1970-01-20 04:36:10	Name: ANONCHK Value: 0
.catapultsystems.com/	1970-01-20 04:37:36	Name: _clsk Value: cqmemi\|1658170008433\|1\|1\|h.clarity.ms/collect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a8085b09e5bb4f629270b7b796d93ca2.events.ubembed.com
a8085b09e5bb4f629270b7b796d93ca2.js.ubembed.com
a8085b09e5bb4f629270b7b796d93ca2.pages.ubembed.com
ajax.googleapis.com
assets.ubembed.com
builder-assets.unbounce.com
c.bing.com
c.clarity.ms
catapultsystems.us
d2xxq4ijfwetlm.cloudfront.net
d34qb8suadcc4g.cloudfront.net
d6dba3fecd3f4b24801012d33e12abf0.svc.dynamics.com
d9hhrg4mnvzow.cloudfront.net
distillery.wistia.com
events.ub-analytics.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
get.catapultsystems.com
h.clarity.ms
mktdplp102cdn.azureedge.net
stats.g.doubleclick.net
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
108.138.17.27
13.225.84.77
13.32.99.44
151.101.65.131
18.205.143.103
20.234.93.27
2600:9000:2315:7800:1d:11cf:5800:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:27::cafe:1375
2620:1ec:c11::200
2a00:1450:4001:80f::200e
2a00:1450:4001:811::200a
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:400c:c1b::9c
2a04:4e42:400::622
3.126.202.50
3.211.184.98
52.0.99.102
52.183.87.159
52.224.31.34
65.9.54.224
67.202.52.6
02a73ecd4e183dba8a4a8b9c164c42025a9676529088efd671148f7935ace1f6
05a82e926ed06279fb60462857baf2d2451d656d9540df33e65008199e30fbf8
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
0f217e2fdad4e7db375a29298e2eae0fd7ad60725ddc2807b36dd80909aec8b5
1c3c7222f56d0a5e864594f0f49d40d32898a6156742bb1dfe82ebae88636596
1eb78a3e35e2ad4d681f4173ad2836e4a1d716055299002f40393776a738379e
2168b376fa9e4b8564dbb1c230178ba585095a3f062fb0ba8915c380a50f9f00
21f5ab126fed5350111a226d5371b546889bb6267e95d68d16be62b4e151ae05
2c7fa8b3d3b30d225de29b96959202c2587b6abfe93235558abbb45ba0921b6d
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
30718bfb492fe873505c2e6716a17ca5d9b964ba477c312a14c6b73fede6a161
321e7e0fcb6753a1a4ff11ec64dabc6577a9c2e0d39bb3f7fecbf03a73769508
34faea15ae35728106e46964b28661f965780aceb99f3c32016291b8291311a3
384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a
4235af5fb9d731a67329ff42d7467980f82021f5e62945b061a3bab2c3f36a95
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6bc3253cffd20760ef1c7d1115f9cbdf1c4423e414ad52e9cff500bc38d21d33
73460faf84573b2c35bfba8dd01a7579e06632decd9b78e96dba619cd42613f2
7466cce299150676290c778c3a24b0452b3c74e63a809cf637bf7c29961ba946
753e986546a4ebbac430c652cab3fd9efe560c33a5878187ec7397bc9fc08978
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7bb836df8b26fc7f56da48e9c6cd274e0cc27af2e9ba8ab6d8770322c501138a
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b6a5660a7bf1d115cef1ca825edf4224fa381bed71ff2ff6635ca494f1b9c4f
90cd9cc3f3648004b94945176c5331b6cbaf477e541623caf80d580933d0cb02
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
939c1ab8bab5e922e1ac0352604fc4f8b161b1ad1e548729960e2241c78e570b
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
98f89d4b3d44aaf5829e7adb779f18a60ff068260e1a3593686892d1d66fbb34
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5fc7a50cb4254d1ae76c0b59f6c8779e16e9e7f10962a864b6a611b91a4dd13
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a684c679fce3f0a93d4a068fc9786b08593f8890e9d46aea79f30ccbdc38ab62
aa163bfc579e749d6cb71322857b399770b728ff9c6d8f32f57d1c55c4e46aff
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
ab7c8d0146d1b0fdfb968015ab7d3c0883bc6317c0d10054fd85770e8a577348
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
ba7af92cb3ffbf763257405d2bd170cca3fc4a68906b000f4f0b4a615bb0e9a0
bb23e74443fd3afd6f6a57e70cc0cd49afca31cb61c6224df8036dc7a11f555a
bb36b9fe93d43849c0956657d7650e76a84e217c79a86d88e4d6f329169f79c4
bb704660a7253f6ed7b8fb3c625c31d7902132b6ee1b787687f80c30e55df349
bf2b875420e84df779d5151eb313392bff931263ca628b37f092cd5dcb780474
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
ed5ba84cfdcc55a4b99eeb1798c0839d7eabe361d3075abac6d1af36513b32d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b36f5fb177f9c0bce4cc478bf43c473fae2dfa3b67bd156eb544afb9971ab6
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f4bff08eefad2499e70de194a62639e366424cc2b46d56d6bab3f2a0618e203c
fe2b354c8311d29370b5f16f544fbcf296a49d2e5bb2d991ff28b376941d8464

get.catapultsystems.com Open in urlscan Pro 3.126.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

97 %HTTPS

48 %IPv6

17 Domains

26 Subdomains

24 IPs

4 Countries

945 kBTransfer

2515 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

get.catapultsystems.com Open in urlscan Pro
3.126.202.50 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

97 %
HTTPS

48 %
IPv6

17
Domains

26
Subdomains

24
IPs

4
Countries

945 kB
Transfer

2515 kB
Size

17
Cookies

70 HTTP transactions
1 data transactions