abnormalsecurity.com Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r20.rs6.net/tn.jsp?f=001gF4d7ZfJdIgeBCB1aN-bMEQemZq2kkEW2cmd-M6t4WFVLW0nC5Ybm4DFQYMsogQ7LNLxNkKx38bAKaYKnD66...
Effective URL:
https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
Submission: On June 30 via manual (June 30th 2022, 6:50:39 pm UTC) from US — Scanned from DE

Summary HTTP 177 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 25 domains to perform 177 HTTP transactions. The main IP is 76.76.21.21, located in United States and belongs to AMAZON-02, US. The main domain is abnormalsecurity.com. The Cisco Umbrella rank of the primary domain is 578024.
TLS certificate: Issued by R3 on June 19th 2022. Valid for: 3 months.

This is the only time abnormalsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
57	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
4	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
2	54.229.115.12 54.229.115.12	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:be00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
9	104.92.74.202 104.92.74.202	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	65.9.66.91 65.9.66.91	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
1	108.157.4.38 108.157.4.38	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:170... 2a02:26f0:1700:1b1::1c91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.64.79.98 18.64.79.98	16509 (AMAZON-02) (AMAZON-02)
2	3.69.2.47 3.69.2.47	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.80 99.86.4.80	16509 (AMAZON-02) (AMAZON-02)
62	143.204.215.107 143.204.215.107	16509 (AMAZON-02) (AMAZON-02)
2	104.92.72.193 104.92.72.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	54.74.116.255 54.74.116.255	16509 (AMAZON-02) (AMAZON-02)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1761	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
2	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
2	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
177	33

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 76.76.21.21 (United States)

ASN16509 (AMAZON-02, US)

abnormalsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o212762.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.115.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-115-12.eu-west-1.compute.amazonaws.com

vitals.vercel-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:be00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.92.74.202 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-202.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-91.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-38.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:1b1::1c91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-98.txl50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.2.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-2-47.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-80.fra6.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 143.204.215.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-107.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.72.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-193.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

metadata-static-files.sfo2.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.116.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-116-255.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

231-idp-139.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1761 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	driftt.com js.driftt.com — Cisco Umbrella Rank: 5492	723 KB
57	abnormalsecurity.com abnormalsecurity.com — Cisco Umbrella Rank: 578024	1 MB
10	6sc.co j.6sc.co — Cisco Umbrella Rank: 7170 c.6sc.co — Cisco Umbrella Rank: 10598 ipv6.6sc.co — Cisco Umbrella Rank: 7405 b.6sc.co — Cisco Umbrella Rank: 4734	16 KB
6	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 5864 bootstrap.api.drift.com — Cisco Umbrella Rank: 6095	455 B
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 579 c.clarity.ms — Cisco Umbrella Rank: 1113 b.clarity.ms — Cisco Umbrella Rank: 5183	26 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 362 c.bing.com — Cisco Umbrella Rank: 182	13 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 627 script.hotjar.com — Cisco Umbrella Rank: 904 vars.hotjar.com — Cisco Umbrella Rank: 917 in.hotjar.com — Cisco Umbrella Rank: 1509	67 KB
4	sentry.io o212762.ingest.sentry.io	418 B
3	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5102 api.omappapi.com — Cisco Umbrella Rank: 5311	57 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	314 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	110 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3505	6 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10642	422 B
2	vercel-insights.com vitals.vercel-insights.com — Cisco Umbrella Rank: 13897	266 B
1	mktoresp.com 231-idp-139.mktoresp.com	318 B
1	digitaloceanspaces.com metadata-static-files.sfo2.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 31966	6 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 408	710 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120	548 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	73 KB
1	osano.com cmp.osano.com — Cisco Umbrella Rank: 7886	65 KB
1	rs6.net 1 redirects r20.rs6.net — Cisco Umbrella Rank: 6207	442 B
177	25

	Domain	Requested by
62	js.driftt.com	abnormalsecurity.com js.driftt.com
57	abnormalsecurity.com	abnormalsecurity.com
7	b.6sc.co
4	metrics.api.drift.com	js.driftt.com
4	o212762.ingest.sentry.io	abnormalsecurity.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	www.google-analytics.com	www.googletagmanager.com
2	www.facebook.com
2	connect.facebook.net	abnormalsecurity.com connect.facebook.net
2	b.clarity.ms	abnormalsecurity.com
2	bootstrap.api.drift.com	js.driftt.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	munchkin.marketo.net	abnormalsecurity.com munchkin.marketo.net
2	epsilon.6sense.com	abnormalsecurity.com
2	px.ads.linkedin.com	2 redirects
2	a.omappapi.com	www.googletagmanager.com a.omappapi.com
2	vitals.vercel-insights.com	abnormalsecurity.com
1	c.bing.com	1 redirects
1	231-idp-139.mktoresp.com	munchkin.marketo.net
1	in.hotjar.com	abnormalsecurity.com
1	metadata-static-files.sfo2.cdn.digitaloceanspaces.com	abnormalsecurity.com
1	api.omappapi.com	abnormalsecurity.com
1	vars.hotjar.com	static.hotjar.com
1	ipv6.6sc.co	abnormalsecurity.com
1	c.6sc.co	abnormalsecurity.com
1	secure.adnxs.com	abnormalsecurity.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	snap.licdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	j.6sc.co	abnormalsecurity.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	www.googletagmanager.com	abnormalsecurity.com
1	cmp.osano.com	abnormalsecurity.com
1	r20.rs6.net	1 redirects
177	38

This site contains links to these domains. Also see Links.

Domain
careers.abnormalsecurity.com
abnormalsupport.force.com
www.abnormalbusinessschool.com
abnormalsecurity.statuspage.io

Subject Issuer	Validity	Valid
abnormalsecurity.com R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.ingest.sentry.io R3	`2022-06-21` - `2022-09-19`	3 months	crt.sh
vercel-insights.com Amazon	`2021-10-24` - `2022-11-21`	a year	crt.sh
cmp.osano.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
a.omappapi.com R3	`2022-06-25` - `2022-09-23`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.6sense.com Amazon	`2022-05-31` - `2023-06-29`	a year	crt.sh
api.opmnstr.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.sfo2.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-05-03`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-08` - `2022-07-07`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
Frame ID: C286952D7A117F6BEAEE3C67E98598F4
Requests: 108 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 91B483002DD2215FC0D7CFE41CE7E75A
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: 69D446EE62C372EC69E262249EE37480
Requests: 32 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
Frame ID: B7B629AE7710E04DED0375D2CDA987C6
Requests: 32 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6C49D1886E763400E01F83127C136C2F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Shift to Financial Supply Chain Compromise | Abnormal

Page URL History Show full URLs

https://r20.rs6.net/tn.jsp?f=001gF4d7ZfJdIgeBCB1aN-bMEQemZq2kkEW2cmd-M6t4WFVLW0nC5Ybm4DFQYMsogQ7... HTTP 302
https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medi... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Page Statistics

177
Requests

98 %
HTTPS

32 %
IPv6

25
Domains

38
Subdomains

33
IPs

4
Countries

2255 kB
Transfer

6522 kB
Size

35
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://careers.abnormalsecurity.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://abnormalsupport.force.com/knowledgebase/s/
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://www.abnormalbusinessschool.com/
Title: Abnormal Business School

Search URL Search Domain Scan URL

URL: https://abnormalsecurity.statuspage.io/
Title: Status

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r20.rs6.net/tn.jsp?f=001gF4d7ZfJdIgeBCB1aN-bMEQemZq2kkEW2cmd-M6t4WFVLW0nC5Ybm4DFQYMsogQ7LNLxNkKx38bAKaYKnD66T87MNVWCvD0sW0jjVlWbv60zipB_3MRlcyj6oCyEPqyPq7kcqLV_7d7BYazbwm3WaGY90usWrG36pV12kX14pMY9UqNxzbNeW1U6OiDZr0x05IQq9NNYVquvwGGXrd-bCorK9T-JTGV3-XVGPCfA3kuMFVU-ktPm5UHLrlF-KMH3eFVw0zs6pc-mhKgqEWyRnpzA9QrDc56XwK-dzqhxEt4=&c=zM_UMxUT1FHImUnr5HKgOpMDePGE8Ab_m8RdfmmeB4WhQBuZmAaMOA==&ch=g4VC4kzOMKdMIDuUxkfBGL0scc8Q_dL7K9X7BKU__JZqV0vCXkKcWg== HTTP 302
https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2775268&time=1656615034072&url=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_medium%3Demail%2520campaign%26utm_source%3Dsecurityweek HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2775268%26time%3D1656615034072%26url%3Dhttps%253A%252F%252Fabnormalsecurity.com%252Fresources%252Ffinancial-supply-chain-compromise%253Futm_medium%253Demail%252520campaign%2526utm_source%253Dsecurityweek%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2775268&time=1656615034072&url=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_medium%3Demail%2520campaign%26utm_source%3Dsecurityweek&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2775268&time=1656615034072&url=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_medium%3Demail%2520campaign%26utm_source%3Dsecurityweek&liSync=true&e_ipv6=AQJ-839nLs5p4QAAAYG1814rUebzrr3wYwwEXw0U0J23XDIFAf7qSOl2OWe-rtKFRAUGeMQy

Request Chain 152

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=9AFB7BDAADD047F185B335F17BBBF793&RedC=c.clarity.ms&MXFR=10FCB9E6E0076E5F3A77A835E4076055 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=9AFB7BDAADD047F185B335F17BBBF793&MUID=22C95EB5F33A65C03E0B4F66F25164BF

177 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request financial-supply-chain-compromise Show response
abnormalsecurity.com/resources/
Redirect Chain

https://r20.rs6.net/tn.jsp?f=001gF4d7ZfJdIgeBCB1aN-bMEQemZq2kkEW2cmd-M6t4WFVLW0nC5Ybm4DFQYMsogQ7LNLxNkKx38bAKaYKnD66T87MNVWCvD0sW0jjVlWbv60zipB_3MRlcyj6oCyEPqyPq7kcqLV_7d7BYazbwm3WaGY90usWrG36pV12k...
https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

246 KB
34 KB

79ms
15ms

Document
text/html

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

71c4b79d95ddbabc1f86358b591d5fae10b33a24b1d1a9e48d7678071638d369

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 171167
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate
content-encoding: br
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Tue, 28 Jun 2022 19:17:45 GMT
etag: W/"3d7ea-xmB7b1apODqzTo7ULFewECjgfTs"
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
referrer-policy: same-origin
server: Vercel
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-matched-path: /resources/[...slug]
x-nextjs-cache: MISS
x-powered-by: Next.js
x-vercel-cache: HIT
x-vercel-id: fra1::iad1::zln4v-1656615033301-3287f452d189
x-xss-protection: 1

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection: close
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 30 Jun 2022 18:50:33 GMT
Location: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 5e98cf6847ba4d02.css
abnormalsecurity.com/_next/static/css/ 74 KB
17 KB 106ms
105ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/css/5e98cf6847ba4d02.css

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5db0bd7b86f74ab10270a1fa40c2b9f62921f47940f5ad504942e93dced4c33f

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170914
content-disposition: inline; filename="5e98cf6847ba4d02.css"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/css/5e98cf6847ba4d02.css
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"ee8e2d8f468c73a8b6444cf23505774f"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033337-8f325674a1a6

GET
H2 200 8670-fd0b4549bfd3f963.js Show response
abnormalsecurity.com/_next/static/chunks/ 42 KB
17 KB 123ms
123ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/8670-fd0b4549bfd3f963.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4bc76898ef2eb624e7ffcff4023d117f1b9a28a5158ee045e68a91a47d249dcc

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="8670-fd0b4549bfd3f963.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/8670-fd0b4549bfd3f963.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"c608fb8ca42d6739409519525f8958b3"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033341-9a0002d4f3c3

GET
H2 200 9676-54b5d2a351379896.js Show response
abnormalsecurity.com/_next/static/chunks/ 13 KB
5 KB 114ms
110ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/9676-54b5d2a351379896.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

988af3565864232eb941fe48cedd01dd3ed263fbe108048bb6335e9d74fc3b34

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="9676-54b5d2a351379896.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/9676-54b5d2a351379896.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"b16fc2c3a38dcef3ee84c6d6e1163e2a"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033345-0572202d88ba

GET
H2 200 8957.afb73354907983a6.js Show response
abnormalsecurity.com/_next/static/chunks/ 608 B
1 KB 114ms
110ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/8957.afb73354907983a6.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

cf2d05660696300021ae6fe0f67f105719afd06cd3dc0088aec54c1ad5de1d91

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-content-type-options: nosniff
age: 170914
date: Thu, 30 Jun 2022 18:50:33 GMT
content-disposition: inline; filename="8957.afb73354907983a6.js"
content-length: 608
etag: "217ae24163280d385054abee9c96e069"
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/8957.afb73354907983a6.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
x-vercel-id: fra1:fra1::zln4v-1656615033348-adb929cda669
accept-ranges: bytes

GET
H2 200 6911.4992accbe8621b62.js Show response
abnormalsecurity.com/_next/static/chunks/ 1 KB
2 KB 115ms
110ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/6911.4992accbe8621b62.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b50c98e95ab8f9e2cc7950d5c0dabb9c30eec7eaa7217cf0dded15d3f1f3c1de

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="6911.4992accbe8621b62.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/6911.4992accbe8621b62.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"f6999f1faa010a0f885906446563179b"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033353-18b0bf969194

GET
H2 200 webpack-3c837d4896b06cf2.js Show response
abnormalsecurity.com/_next/static/chunks/ 6 KB
4 KB 115ms
111ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/webpack-3c837d4896b06cf2.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9ed187bcd553ebaa7c8845d0291bc09563366ca4db6a464678bef7d9451b8e13

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="webpack-3c837d4896b06cf2.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/webpack-3c837d4896b06cf2.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"b4d06b64ae3aa8f4b76f81e154229c96"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033356-72e35a32ff06

GET
H2 200 framework-73d28932f83e5ff1.js Show response
abnormalsecurity.com/_next/static/chunks/ 137 KB
47 KB 128ms
124ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/framework-73d28932f83e5ff1.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

eb0f5b5a018002413a0a6f0a922f281e1cf8ffb568cf95ca6944058c66562ab1

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="framework-73d28932f83e5ff1.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/framework-73d28932f83e5ff1.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"ffed632c819ef8d6c51c6ccb8c0bc88e"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033359-ab9509e51ec3

GET
H2 200 main-3a7fda94ba571e93.js Show response
abnormalsecurity.com/_next/static/chunks/ 116 KB
34 KB 115ms
112ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

015b188b0562cd7d69c417d26cd4d7a6386ac8016a2c4a28d2597115db93ada3

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170914
content-disposition: inline; filename="main-3a7fda94ba571e93.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/main-3a7fda94ba571e93.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"7c5a39146f333c1c9f0c0b586e580de6"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033362-a8181e533098

GET
H2 200 _app-e00625d5dd194c03.js Show response
abnormalsecurity.com/_next/static/chunks/pages/ 478 KB
140 KB 158ms
154ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a201decd38e5193f3bb3c2c1429a4cc7122dc34f7c7be00aa246708df848dfb0

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="_app-e00625d5dd194c03.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/pages/_app-e00625d5dd194c03.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"a11b273093a66475f46950336b0dd6f6"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033365-47bb2e9a25f6

GET
H2 200 5006-23a817c83e75e76f.js Show response
abnormalsecurity.com/_next/static/chunks/ 6 KB
3 KB 149ms
145ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/5006-23a817c83e75e76f.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7578f49bbb90df02f8430651b30df218da50dd1ff7bdac11fbdba6dd2435bbd6

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="5006-23a817c83e75e76f.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/5006-23a817c83e75e76f.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"4a2a6e03c48950c750759b4bd6e40d74"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033369-06da47d1a155

GET
H2 200 5152-b9433aee2b9fe365.js Show response
abnormalsecurity.com/_next/static/chunks/ 8 KB
4 KB 150ms
147ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/5152-b9433aee2b9fe365.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

aa1030ccce0ff718824a0327f595cf1fdef47ba05581e90cfce21ff47e8c1d99

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="5152-b9433aee2b9fe365.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/5152-b9433aee2b9fe365.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"a3bb89438e2cc9e39f0f109e7b5d4068"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033373-a33b98115107

GET
H2 200 5534-364ba3faf9906999.js Show response
abnormalsecurity.com/_next/static/chunks/ 5 KB
3 KB 149ms
146ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/5534-364ba3faf9906999.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bb0410330ee8e13a9b85b1e433756d9a3d2831a4872b4c175e36c685d38be23e

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="5534-364ba3faf9906999.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/5534-364ba3faf9906999.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"8c267657ca735f200425f04a0433d86e"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033376-8bfbdd900d79

GET
H2 200 7847-25777cf12310fe15.js Show response
abnormalsecurity.com/_next/static/chunks/ 19 KB
8 KB 119ms
116ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/7847-25777cf12310fe15.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

32b245530334349e9b18238c266fa12ca5c278d3e4cd2ec85cedf42f783b32b0

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="7847-25777cf12310fe15.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/7847-25777cf12310fe15.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"12b291c46f398b34481fd8d21a0d4f22"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033380-be31937993bd

GET
H2 200 5249-926bf34b95ebb0fd.js Show response
abnormalsecurity.com/_next/static/chunks/ 24 KB
9 KB 150ms
147ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/5249-926bf34b95ebb0fd.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d257f802a23538fb3d0eebe3028650f50859a1a32a8ac582084061b1d2aac5b9

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170914
content-disposition: inline; filename="5249-926bf34b95ebb0fd.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/5249-926bf34b95ebb0fd.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"af9867b2d7246599a0e5aeb021edbdba"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033383-1bed8a02660c

GET
H2 200 3819-4264214b8c23e6ef.js Show response
abnormalsecurity.com/_next/static/chunks/ 90 KB
30 KB 163ms
161ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/3819-4264214b8c23e6ef.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d474641b2176aec1c8c19a846ba72940eedb477f91418c36b1780f6928d560de

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170913
content-disposition: inline; filename="3819-4264214b8c23e6ef.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/3819-4264214b8c23e6ef.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"5a78214f5bf95acfaf954942ce448b07"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033386-30f66b97c306

GET
H2 200 8328-dc8cdfac5eaaa53f.js Show response
abnormalsecurity.com/_next/static/chunks/ 35 KB
12 KB 152ms
149ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/8328-dc8cdfac5eaaa53f.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bd37eb7cfacb7e56d771de17a818fd3774b94dcc081708becfb26553df2b952d

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="8328-dc8cdfac5eaaa53f.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/8328-dc8cdfac5eaaa53f.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"5e020de627d0e21bd8978ff3825aaf2e"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033389-dee696625865

GET
H2 200 2601-7dee0dc5d04e5625.js Show response
abnormalsecurity.com/_next/static/chunks/ 13 KB
6 KB 122ms
120ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/2601-7dee0dc5d04e5625.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b2354712fc62b1a9b3cfb682c4f85a1b0cd9f59be140e6b3a861d5bc29720dc7

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170914
content-disposition: inline; filename="2601-7dee0dc5d04e5625.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/2601-7dee0dc5d04e5625.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"d87f5549a3ba69c0ef6a83ab5920c083"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033392-b7cba9b69207

GET
H2 200 20-a9f2683501ed3439.js Show response
abnormalsecurity.com/_next/static/chunks/ 13 KB
4 KB 152ms
150ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/20-a9f2683501ed3439.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3d439fe68baffbb0179103891e35e5798ce660ee7ba5d18b609b03ed2153a66a

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="20-a9f2683501ed3439.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/20-a9f2683501ed3439.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"d41bfb4c122602fb3b14ec08c17457bf"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033395-b338fdabaaf0

GET
H2 200 208-9a342e9e7ee93772.js Show response
abnormalsecurity.com/_next/static/chunks/ 9 KB
5 KB 166ms
163ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/208-9a342e9e7ee93772.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c0c9a7de226b6b02d07080e9df166332fb4a78581988d36eaa6ffc3cb4efd04f

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="208-9a342e9e7ee93772.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/208-9a342e9e7ee93772.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"bd519e677d9cef0f4a1e39e6a420b615"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033398-1e06054af658

GET
H2 200 9967-caa2000f157e614e.js Show response
abnormalsecurity.com/_next/static/chunks/ 8 KB
4 KB 153ms
151ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/9967-caa2000f157e614e.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0fef3801ab7e5ed8d0fb4e3c9adcd74d58474f45b2a1b1f90295bdd3bf7c963a

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170914
content-disposition: inline; filename="9967-caa2000f157e614e.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/9967-caa2000f157e614e.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"d9b29cfc1a252d7dfe063c7f0b60bf6c"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033401-af04fc854c56

GET
H2 200 4283-2cf575c3cc94fe61.js Show response
abnormalsecurity.com/_next/static/chunks/ 15 KB
6 KB 166ms
164ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/4283-2cf575c3cc94fe61.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

eaed525d2b10367a85619d066740ee377f620992b03576da499ef73aeb0ab305

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="4283-2cf575c3cc94fe61.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/4283-2cf575c3cc94fe61.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"9ab8f41cdf85eb292805d7bb448780d6"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033406-13dd39f20c59

GET
H2 200 193-37ee7a2cd4d02919.js Show response
abnormalsecurity.com/_next/static/chunks/ 9 KB
5 KB 167ms
165ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/193-37ee7a2cd4d02919.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

dfd2dc77037839ac377f283e8854fb1cd67a1b6ec44ff24c8e844d89950167e1

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170914
content-disposition: inline; filename="193-37ee7a2cd4d02919.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/193-37ee7a2cd4d02919.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"5bdfbffd40900c9f1d01a75e34c32ce4"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033409-e361653aff04

GET
H2 200 186-3ab93b29a44f91d5.js Show response
abnormalsecurity.com/_next/static/chunks/ 9 KB
4 KB 153ms
151ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/186-3ab93b29a44f91d5.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f5dd46746bf5eb0c6a949b13b9380b5608630cf424cc57939891aa478085a849

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170914
content-disposition: inline; filename="186-3ab93b29a44f91d5.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/186-3ab93b29a44f91d5.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"0233a1a1e571baac3ace33b230225c55"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033416-5589ba681ab7

GET
H2 200 %5B...slug%5D-d953d8671069ae21.js Show response
abnormalsecurity.com/_next/static/chunks/pages/resources/ 11 KB
5 KB 167ms
165ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/resources/%5B...slug%5D-d953d8671069ae21.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

378da4231dc80e3dfe88c92ba74eafc54c50ac6d9978c6cf9c5122fd75f8e947

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170914
content-disposition: inline; filename="[...slug]-d953d8671069ae21.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/pages/resources/%5B...slug%5D-d953d8671069ae21.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"4128fb151c4a59bb09462f8f28e4aec9"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033420-bc9c04c7cec9

GET
H2 200 _buildManifest.js Show response
abnormalsecurity.com/_next/static/bQeTV8_iA52jDbhxIi6-1/ 5 KB
2 KB 154ms
152ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/bQeTV8_iA52jDbhxIi6-1/_buildManifest.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4ff9c1812fd93101515df13b3a47a306e65008f6f8e298575aa381895cd68093

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="_buildManifest.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/bQeTV8_iA52jDbhxIi6-1/_buildManifest.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"0f27e03fc831b5c05715cd558f75c5ad"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033424-270735d6e3d1

GET
H2 200 _ssgManifest.js Show response
abnormalsecurity.com/_next/static/bQeTV8_iA52jDbhxIi6-1/ 1 KB
1 KB 167ms
166ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/bQeTV8_iA52jDbhxIi6-1/_ssgManifest.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c2b55393863f50343aed8ab3a75758625a9e35096c0775af3b9ce58f058ba723

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="_ssgManifest.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/bQeTV8_iA52jDbhxIi6-1/_ssgManifest.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"55446686ae49077c4076e1d0dc74b8ee"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033428-878fbf98cbae

GET
H2 200 _middlewareManifest.js Show response
abnormalsecurity.com/_next/static/bQeTV8_iA52jDbhxIi6-1/ 92 B
1 KB 154ms
153ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/bQeTV8_iA52jDbhxIi6-1/_middlewareManifest.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-content-type-options: nosniff
age: 170915
date: Thu, 30 Jun 2022 18:50:33 GMT
content-disposition: inline; filename="_middlewareManifest.js"
content-length: 92
etag: "7c3f7e060745668041278118c0bb3d6d"
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/bQeTV8_iA52jDbhxIi6-1/_middlewareManifest.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
x-vercel-id: fra1:fra1::zln4v-1656615033431-787ab95de501
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 financial-supply-chain-compromise
abnormalsecurity.com/resources/ 246 KB
246 KB 25ms
25ms Image
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
content-encoding: br
x-content-type-options: nosniff
age: 171167
x-powered-by: Next.js
x-nextjs-cache: MISS
date: Tue, 28 Jun 2022 19:17:45 GMT
x-vercel-cache: HIT
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /resources/[...slug]
etag: W/"3d7ea-xmB7b1apODqzTo7ULFewECjgfTs"
strict-transport-security: max-age=63072000
content-type: text/html; charset=utf-8
x-vercel-id: fra1::iad1::zln4v-1656615033463-19eee09b9db0
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()

GET
H2 200 TWKEverett-Regular-web.woff2
abnormalsecurity.com/fonts/ 53 KB
54 KB 77ms
77ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/fonts/TWKEverett-Regular-web.woff2

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/5e98cf6847ba4d02.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

94de5c66331cd244e69ce3df84813f93c2213d748c7eefdbb20ac6e461faac0e

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://abnormalsecurity.com/_next/static/css/5e98cf6847ba4d02.css
Origin: https://abnormalsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-content-type-options: nosniff
age: 170914
date: Thu, 30 Jun 2022 18:50:33 GMT
content-disposition: inline; filename="TWKEverett-Regular-web.woff2"
content-length: 54524
etag: "f9a6c0ce187482f10a21a2d865025278"
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /fonts/TWKEverett-Regular-web.woff2
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: font/woff2
access-control-allow-origin: *
x-xss-protection: 1
cache-control: public, max-age=315360000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
x-vercel-id: fra1:fra1::zln4v-1656615033469-5177f566ad1a
accept-ranges: bytes

GET
H2 200 TWKEverett-Bold-web.woff2
abnormalsecurity.com/fonts/ 60 KB
61 KB 58ms
57ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/fonts/TWKEverett-Bold-web.woff2

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/5e98cf6847ba4d02.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4a6588416e2d67985b8e7595c5ae89d32b3176197566f8e256a1bc8d75e26b32

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://abnormalsecurity.com/_next/static/css/5e98cf6847ba4d02.css
Origin: https://abnormalsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-content-type-options: nosniff
age: 170914
date: Thu, 30 Jun 2022 18:50:33 GMT
content-disposition: inline; filename="TWKEverett-Bold-web.woff2"
content-length: 61376
etag: "5c80ceb188e4930bccf3be1166b8f115"
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /fonts/TWKEverett-Bold-web.woff2
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: font/woff2
access-control-allow-origin: *
x-xss-protection: 1
cache-control: public, max-age=315360000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
x-vercel-id: fra1:fra1::zln4v-1656615033474-c564544bed99
accept-ranges: bytes

GET
H2 200 TWKEverett-RegularItalic-web.woff2
abnormalsecurity.com/fonts/ 55 KB
56 KB 63ms
62ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/fonts/TWKEverett-RegularItalic-web.woff2

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/5e98cf6847ba4d02.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c642fb6f2230d36e74e53ca1e6e432da853f8ac7e9a1cb04f94dd6c31b50a4d3

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://abnormalsecurity.com/_next/static/css/5e98cf6847ba4d02.css
Origin: https://abnormalsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-content-type-options: nosniff
age: 153793
date: Thu, 30 Jun 2022 18:50:33 GMT
content-disposition: inline; filename="TWKEverett-RegularItalic-web.woff2"
content-length: 56704
etag: "1e8e3568add262c0f802778b4b5dafce"
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /fonts/TWKEverett-RegularItalic-web.woff2
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: font/woff2
access-control-allow-origin: *
x-xss-protection: 1
cache-control: public, max-age=315360000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
x-vercel-id: fra1:fra1::zln4v-1656615033478-6cdee319e617
accept-ranges: bytes

POST
H2 200 / Show response
o212762.ingest.sentry.io/api/6251112/envelope/ 2 B
280 B 124ms
35ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o212762.ingest.sentry.io/api/6251112/envelope/?sentry_key=fc7702bf93b54791b3db39afff8f6020&sentry_version=7

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://abnormalsecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://abnormalsecurity.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
133 B 90ms
27ms Ping
text/plain 54.229.115.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.115.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-115-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
x-ratelimit-reset: 12
x-ratelimit-limit: 1000
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
133 B 47ms
27ms Ping
text/plain 54.229.115.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.115.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-115-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
x-ratelimit-reset: 6
x-ratelimit-limit: 1000
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

GET
H2 200 image
abnormalsecurity.com/_next/ 6 KB
6 KB 69ms
69ms Image
image/avif 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abnormalsecurity.com/_next/image?url=https%3A%2F%2Foptimise2.assets-servd.host%2Fgifted-zorilla%2Fproduction%2Fimages%2Fabstract%2FAbstract-White-LogoCloseup.png%3Fw%3D2400%26auto%3Dcompress%252Cformat%26fit%3Dcrop%26dm%3D1650644381%26s%3D19066a9dc29745caba4948c63d69cc3c&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0d641333520fa507e083712df78c9ff1833846f689af35f7880ec0a54ade146f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
vary: Accept
age: 1915560
date: Wed, 08 Jun 2022 14:44:33 GMT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="Abstract-White-LogoCloseup.avif"
content-length: 5665
last-modified: Wed, 08 Jun 2022 14:44:33 GMT
server: Vercel
x-matched-path: /_next/image
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2073600
x-vercel-id: fra1::zln4v-1656615033735-31be4c44f19b
x-imgix-features: {"linux_painter":"0","tannhauser_routing":"0","tannhauser_shield":"0"}
accept-ranges: bytes

GET
H2 200 index.json Show response
abnormalsecurity.com/_next/data/bQeTV8_iA52jDbhxIi6-1/ 140 KB
22 KB 75ms
74ms Fetch
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/data/bQeTV8_iA52jDbhxIi6-1/index.json

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f4c16bcae64f12608fd7cb226d3da01c39cd0ffcd024d2127f0be76c0f0ba8f0

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
content-encoding: br
x-content-type-options: nosniff
age: 74616
x-nextjs-cache: REVALIDATED
date: Wed, 29 Jun 2022 22:06:57 GMT
x-vercel-cache: HIT
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/data/bQeTV8_iA52jDbhxIi6-1/index.json
etag: W/"22e2e-ncjhJhbO2B1Y9M5yIDtpmfMG/IA"
strict-transport-security: max-age=63072000
content-type: application/json
x-vercel-id: fra1::iad1::zln4v-1656615033740-5ca2dbcb4938
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()

GET
H2 200 index-ea90b1350711ce7b.js
abnormalsecurity.com/_next/static/chunks/pages/ 0
1 KB 82ms
82ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/index-ea90b1350711ce7b.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="index-ea90b1350711ce7b.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/pages/index-ea90b1350711ce7b.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"2637559983ac00c996302fdf54e78884"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033744-2048bcca4715

GET
H2 200 demo.json Show response
abnormalsecurity.com/_next/data/bQeTV8_iA52jDbhxIi6-1/ 108 KB
18 KB 83ms
83ms Fetch
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/data/bQeTV8_iA52jDbhxIi6-1/demo.json

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

62711f31b94dc65a41e76dd5a25763a23620b8763dc65fe053ad85a2cbe78803

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
content-encoding: br
x-content-type-options: nosniff
age: 74908
x-nextjs-cache: REVALIDATED
date: Wed, 29 Jun 2022 22:02:05 GMT
x-vercel-cache: HIT
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/data/bQeTV8_iA52jDbhxIi6-1/demo.json
etag: W/"1b12b-JHmHDWMVrAEV4f6KMLqiuErOZOw"
strict-transport-security: max-age=63072000
content-type: application/json
x-vercel-id: fra1::iad1::zln4v-1656615033748-e0515bade759
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()

GET
H2 200 3434-d326a71f5e676037.js
abnormalsecurity.com/_next/static/chunks/ 0
6 KB 85ms
84ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/3434-d326a71f5e676037.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170914
content-disposition: inline; filename="3434-d326a71f5e676037.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/3434-d326a71f5e676037.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"5e64eabe97413081eae820519322be44"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033752-a42bf09a5926

GET
H2 200 %5B...slug%5D-19b326e73cc815ac.js
abnormalsecurity.com/_next/static/chunks/pages/ 0
2 KB 85ms
85ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/%5B...slug%5D-19b326e73cc815ac.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170914
content-disposition: inline; filename="[...slug]-19b326e73cc815ac.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/pages/%5B...slug%5D-19b326e73cc815ac.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"75bee17b454b470bd43f29945ab5876a"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033757-bf57652cc076

GET
H2 200 resources.json Show response
abnormalsecurity.com/_next/data/bQeTV8_iA52jDbhxIi6-1/ 198 KB
28 KB 86ms
86ms Fetch
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/data/bQeTV8_iA52jDbhxIi6-1/resources.json

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a8ea1977d737b342f9608cd7db08216bf621b0b582e2749b4ea6da6f580cd301

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
content-encoding: br
x-content-type-options: nosniff
age: 94790
x-nextjs-cache: REVALIDATED
date: Wed, 29 Jun 2022 16:30:43 GMT
x-vercel-cache: HIT
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/data/bQeTV8_iA52jDbhxIi6-1/resources.json
etag: W/"31775-8RYGP4df9VQqvdclK1AFSUXQQ00"
strict-transport-security: max-age=63072000
content-type: application/json
x-vercel-id: fra1::iad1::zln4v-1656615033761-26b8c49fc440
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()

GET
H2 200 3697-57fa5b92149d5244.js
abnormalsecurity.com/_next/static/chunks/ 0
7 KB 90ms
89ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/3697-57fa5b92149d5244.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170891
content-disposition: inline; filename="3697-57fa5b92149d5244.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/3697-57fa5b92149d5244.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"bca913d4f22dd42c26411adbcf42897e"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033765-2d04d772c8af

GET
H2 200 3500-303229ecbb282219.js
abnormalsecurity.com/_next/static/chunks/ 0
7 KB 90ms
90ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/3500-303229ecbb282219.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170891
content-disposition: inline; filename="3500-303229ecbb282219.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/3500-303229ecbb282219.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"b8ec4271e6cb7c715d23ffbb1865cc4c"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033769-87a3861d02d8

GET
H2 200 6525-c21df254460c08ac.js
abnormalsecurity.com/_next/static/chunks/ 0
10 KB 96ms
96ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/6525-c21df254460c08ac.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170892
content-disposition: inline; filename="6525-c21df254460c08ac.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/6525-c21df254460c08ac.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"ead5bf8c9084c2bf6fa629bceca5f362"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033774-d9ea07cd1c40

GET
H2 200 1646-4767274c28f58992.js
abnormalsecurity.com/_next/static/chunks/ 0
7 KB 91ms
91ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/1646-4767274c28f58992.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170891
content-disposition: inline; filename="1646-4767274c28f58992.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/1646-4767274c28f58992.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"d3608f3d339cd506aef1aa8767447270"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033777-c66381568994

GET
H2 200 resources-b75838c1a5259ca1.js
abnormalsecurity.com/_next/static/chunks/pages/ 0
3 KB 97ms
96ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/resources-b75838c1a5259ca1.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170891
content-disposition: inline; filename="resources-b75838c1a5259ca1.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/pages/resources-b75838c1a5259ca1.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"491ad1e32cbb72338891c9cccc6b4dc9"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033780-1600c3425133

GET
H2 200 threat-intelligence-reports.json Show response
abnormalsecurity.com/_next/data/bQeTV8_iA52jDbhxIi6-1/resources/category/ 124 KB
18 KB 102ms
102ms Fetch
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/data/bQeTV8_iA52jDbhxIi6-1/resources/category/threat-intelligence-reports.json

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fd6d64fece890108cecfbbcbaa9f1abfc79b80bfa221ee8b883340e9c6fd453e

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171177
content-disposition: inline
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/data/bQeTV8_iA52jDbhxIi6-1/resources/category/threat-intelligence-reports.json
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"308f75a1c9c3021fd441296fe8244060"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1::zln4v-1656615033783-83ebbf8ff773

GET
H2 200 %5BcategorySlug%5D-a850dd53155251c1.js
abnormalsecurity.com/_next/static/chunks/pages/resources/category/ 0
3 KB 107ms
106ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/resources/category/%5BcategorySlug%5D-a850dd53155251c1.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170892
content-disposition: inline; filename="[categorySlug]-a850dd53155251c1.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/pages/resources/category/%5BcategorySlug%5D-a850dd53155251c1.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"9c825b24ccbe16789990e568cf06ba7f"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033786-6b52d47d7fbe

GET
H2 200 supply-chain-compromise.json Show response
abnormalsecurity.com/_next/data/bQeTV8_iA52jDbhxIi6-1/resources/category/ 131 KB
20 KB 104ms
104ms Fetch
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/data/bQeTV8_iA52jDbhxIi6-1/resources/category/supply-chain-compromise.json

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

217c969ce25302bca16162146bf9f8464e9ac177f692f10448d31db38f36db43

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171146
content-disposition: inline
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/data/bQeTV8_iA52jDbhxIi6-1/resources/category/supply-chain-compromise.json
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"249552a580185e53be81ab31054abf30"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1::zln4v-1656615033789-439b6575ac5b

GET
H2 200 image
abnormalsecurity.com/_next/ 19 KB
20 KB 187ms
186ms Image
image/avif 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abnormalsecurity.com/_next/image?url=https%3A%2F%2Foptimise2.assets-servd.host%2Fgifted-zorilla%2Fproduction%2Fimages%2Fpage-modules%2FDemo-2x-1.png%3Fw%3D1536%26auto%3Dcompress%252Cformat%26fit%3Dcrop%26dm%3D1652154812%26s%3Db88988532254f31bc0a4d2369695d9b5&w=828&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5923b07c336f9884bf60ce3b9c2467af3b1e8b4af7f0a5545b219793168a5154

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
vary: Accept
age: 294245
date: Mon, 27 Jun 2022 09:06:28 GMT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="Demo-2x-1.avif"
content-length: 19897
last-modified: Mon, 27 Jun 2022 09:06:28 GMT
server: Vercel
x-matched-path: /_next/image
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2073600
x-vercel-id: fra1::zln4v-1656615033802-11713ddaa2b6
accept-ranges: bytes

GET
H2 200 osano.js Show response
cmp.osano.com/169lRDSj6676CDt8D/88b78aa1-c424-4eeb-96cb-59809bf84390/ 257 KB
65 KB 31ms
13ms Script
application/javascript 2600:9000:206f:be00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/169lRDSj6676CDt8D/88b78aa1-c424-4eeb-96cb-59809bf84390/osano.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:be00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

8eb7e226165751d93f4179ff617eabfaaea3f23d7c100e9b1074025fc1141988

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 11:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26786
x-cache: Hit from cloudfront
content-length: 66041
x-xss-protection: mode=block
last-modified: Mon, 31 Jan 2022 20:27:04 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "2458399d67ef7e070739e7a1380c6771"
strict-transport-security: max-age=2592000
content-type: application/javascript; charset=utf-8
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: YSETLJ2W5u9-2OJEgjHU0gXqgDHileEf3HctWP8a9qgeO3f0pt8cPg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
73 KB 146ms
58ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a2b6a0ec4455b04f2813efda54d818ef31f21022119d8c5371a31dcf6f50cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74724
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Jun 2022 18:50:33 GMT

GET
H2 200 3697-57fa5b92149d5244.js Show response
abnormalsecurity.com/_next/static/chunks/ 13 KB
6 KB 49ms
48ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/3697-57fa5b92149d5244.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d9a6a2e983cbf5ef2b92d7daea08d34e7516c8ce39842bf4ae3080865a07e1d8

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170892
content-disposition: inline; filename="3697-57fa5b92149d5244.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/3697-57fa5b92149d5244.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"bca913d4f22dd42c26411adbcf42897e"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033804-1734e1b04e68

GET
H2 200 3500-303229ecbb282219.js Show response
abnormalsecurity.com/_next/static/chunks/ 17 KB
6 KB 50ms
49ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/3500-303229ecbb282219.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6be5b8f151ef5d8edd841748a326bbbc648757fe3256fea1fab412ad45d895f0

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170892
content-disposition: inline; filename="3500-303229ecbb282219.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/3500-303229ecbb282219.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"b8ec4271e6cb7c715d23ffbb1865cc4c"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033805-c95023e14485

GET
H2 200 6525-c21df254460c08ac.js Show response
abnormalsecurity.com/_next/static/chunks/ 27 KB
9 KB 53ms
52ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/6525-c21df254460c08ac.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

79545ee1dcbf664470da2e9bbc94a48e7bb2acd03439bf82732f1fbf1ec7fee4

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170892
content-disposition: inline; filename="6525-c21df254460c08ac.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/6525-c21df254460c08ac.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"ead5bf8c9084c2bf6fa629bceca5f362"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033806-9a1f0bee3b12

GET
H2 200 1646-4767274c28f58992.js Show response
abnormalsecurity.com/_next/static/chunks/ 16 KB
7 KB 50ms
50ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/1646-4767274c28f58992.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

64dcdecc081370b1f387683027957abcbac48d2aee28c28c3a6e894bbd066998

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170892
content-disposition: inline; filename="1646-4767274c28f58992.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/1646-4767274c28f58992.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"d3608f3d339cd506aef1aa8767447270"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033807-611023079e97

GET
H2 200 %5BcategorySlug%5D-a850dd53155251c1.js Show response
abnormalsecurity.com/_next/static/chunks/pages/resources/category/ 4 KB
3 KB 51ms
50ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/resources/category/%5BcategorySlug%5D-a850dd53155251c1.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fcd7d850c081e1330e94baac14ba4f6495801ec68c8e4078716d71944373141d

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170892
content-disposition: inline; filename="[categorySlug]-a850dd53155251c1.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/pages/resources/category/%5BcategorySlug%5D-a850dd53155251c1.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"9c825b24ccbe16789990e568cf06ba7f"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033807-8fe27823d50f

GET
BLOB 200
OK 6f825dad-40df-4e31-875f-74bcc5d51514
https://abnormalsecurity.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://abnormalsecurity.com/6f825dad-40df-4e31-875f-74bcc5d51514
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe401a3b7c0d6110b370da6b39147a45aea7cd351e077522fe90268ab371173f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 index-ea90b1350711ce7b.js Show response
abnormalsecurity.com/_next/static/chunks/pages/ 1 KB
1 KB 16ms
15ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/index-ea90b1350711ce7b.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

647571372ba8b626fe7b3edfc23775f1ffe24e98effc872109dd67047b348f90

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="index-ea90b1350711ce7b.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/pages/index-ea90b1350711ce7b.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"2637559983ac00c996302fdf54e78884"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033985-9426ebe81939

GET
H2 200 3434-d326a71f5e676037.js Show response
abnormalsecurity.com/_next/static/chunks/ 17 KB
6 KB 16ms
16ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/3434-d326a71f5e676037.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9c0fca5ef47da43987b526cfac3252b5514a494a8b64a2f2891ffaa456dd4317

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170915
content-disposition: inline; filename="3434-d326a71f5e676037.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/3434-d326a71f5e676037.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"5e64eabe97413081eae820519322be44"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033987-be1c44f14fb1

GET
H2 200 %5B...slug%5D-19b326e73cc815ac.js Show response
abnormalsecurity.com/_next/static/chunks/pages/ 3 KB
2 KB 17ms
16ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/%5B...slug%5D-19b326e73cc815ac.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2fcfb40d7414912690873936c9c1543b94b76b146d7e10f993e28f845a63c94b

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170914
content-disposition: inline; filename="[...slug]-19b326e73cc815ac.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/pages/%5B...slug%5D-19b326e73cc815ac.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"75bee17b454b470bd43f29945ab5876a"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033989-b92286926900

GET
H2 200 resources-b75838c1a5259ca1.js Show response
abnormalsecurity.com/_next/static/chunks/pages/ 4 KB
3 KB 21ms
21ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/resources-b75838c1a5259ca1.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-3a7fda94ba571e93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3d29a42636a1e9aab5fe33a902d20f8fdbff50c6807967395d8074fae1af80fb

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170892
content-disposition: inline; filename="resources-b75838c1a5259ca1.js"
x-xss-protection: 1
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
server: Vercel
x-matched-path: /_next/static/chunks/pages/resources-b75838c1a5259ca1.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
etag: W/"491ad1e32cbb72338891c9cccc6b4dc9"
content-security-policy: object-src data:; base-uri 'self'; frame-ancestors 'self';
x-vercel-id: fra1:fra1::zln4v-1656615033990-411968a4c0e3

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
548 B 130ms
45ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=614268716.1656615034&url=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise&gtm=2wg6t05DSW3JC

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 57ms
7ms Script
application/javascript 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 9715
Pragma: no-cache
Last-Modified: Thu, 05 May 2022 03:45:17 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6273484d-7b02"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Thu, 30 Jun 2022 18:50:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 102ms
32ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6345
date: Thu, 30 Jun 2022 17:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Jun 2022 19:04:49 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 145ms
53ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 18:50:34 GMT

GET
H2 200 hotjar-2016430.js Show response
static.hotjar.com/c/ 4 KB
2 KB 29ms
10ms Script
application/javascript 65.9.66.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2016430.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-91.fra56.r.cloudfront.net

Software

Resource Hash

dd54cc9de79b888faf2de0619299318aa52b3f0df5c551ca903a5783a99f7b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=900; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=900; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 47
x-cache: Hit from cloudfront
date: Thu, 30 Jun 2022 18:49:47 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/ddcb2ce78ed6adfab1056fa432c282f4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Io8bzsWTE48amo-6yFu0ASa47a7rvH1f-2gwuACV25gsviJmOLyDrQ==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 37ms
7ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=75650
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 141ms
100ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E480EC1C0C7449AD8B33FE6F40033CF7 Ref B: FRAEDGE1520 Ref C: 2022-06-30T18:50:34Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 30 Jun 2022 18:50:34 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 189 KB
53 KB 69ms
21ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS-879 /
Resource Hash: 865b7850fddb2d6d632dd96795bd95b89bdfa7fb4d85f6060fe933cb944bfc1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:34 GMT
content-encoding: br
cdn-edgestorageid: 549
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 06/29/2022 20:52:48
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AMS-879
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 20:51:07 GMT
cdn-proxyver: 1.02
cdn-fileserver: 379
etag: W/"62bcbb3b-2f34b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: ff8d58387b6fdbae117c7dee28a6e3e8
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 modules.808591b6f22469c04dca.js Show response
script.hotjar.com/ 243 KB
63 KB 38ms
15ms Script
application/javascript 108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.808591b6f22469c04dca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2016430.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-38.dus51.r.cloudfront.net

Software

Resource Hash

5f1e63391856d3352aed3ba6ed5906f1bf38a37330e26da15bd74844a241e80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=900; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 14:49:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14487
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=900; includeSubDomains
content-length: 64129
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 14:48:22 GMT
etag: "bad13d85a356bdf283d8d6c9dac34800"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: xCQqYEAxe01l_G-3R4csaYNvrxgnrV7jF6uK-3xW8xUk_AmbUf5vLg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2775268&time=1656615034072&url=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_medium%3Demail%2520campaig...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2775268%26time%3D1656615034072%26url%3Dhttps%253A%252F%252Fabnormalsecurity.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2775268&time=1656615034072&url=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_medium%3Demail%2520campaig...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2775268&time=1656615034072&url=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_medium%3Demail%2520campai...

0
264 B

221ms
135ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2775268&time=1656615034072&url=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_medium%3Demail%2520campaign%26utm_source%3Dsecurityweek&liSync=true&e_ipv6=AQJ-839nLs5p4QAAAYG1814rUebzrr3wYwwEXw0U0J23XDIFAf7qSOl2OWe-rtKFRAUGeMQy
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:34 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7EED35748E15421A8E2362A981DE1A75 Ref B: VIEEDGE1121 Ref C: 2022-06-30T18:50:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXirr6q0n5X2wkWf61PRQ==
x-li-fabric: prod-lva1

Redirect headers

date: Thu, 30 Jun 2022 18:50:34 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5AF39DEB58C841158E7EA8DB840BEBBE Ref B: FRAEDGE1416 Ref C: 2022-06-30T18:50:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2775268&time=1656615034072&url=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_medium%3Demail%2520campaign%26utm_source%3Dsecurityweek&liSync=true&e_ipv6=AQJ-839nLs5p4QAAAYG1814rUebzrr3wYwwEXw0U0J23XDIFAf7qSOl2OWe-rtKFRAUGeMQy
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXirr6nmn08KkRav927zA==

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
710 B 26ms
6ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 18:50:34 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1026eb78-be13-4fe1-94af-87a76d086fbf
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://abnormalsecurity.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
376 B 31ms
8ms XHR
text/plain 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d7d0bb186088c49e29d448a2195737a6ee0be9283c99119cc0019e946d287a26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:34 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://abnormalsecurity.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
258 B 42ms
7ms XHR
text/html 2a02:26f0:1700:1b1::1c91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1b1::1c91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3d45fdf57e5fd666b1ff640d125a0f6e7a8edfac5055af0885b29ff442d85007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:50:34 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://abnormalsecurity.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a03:1b20:6:f011::2e
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 20
expires: Thu, 30 Jun 2022 18:50:34 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 230ms
192ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=bbf40b2956d4bb7805e99ad643493df0&svisitor=null&session=5bba84f6-bf26-4f20-84fc-3dd56c34e37d&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2030%20Jun%202022%2018%3A50%3A34%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22For%20years%2C%20executives%20were%20the%20go-to%20impersonated%20party%20in%20BEC%20attacks.%20Now%2C%20threat%20actors%20are%20opting%20to%20impersonate%20vendors%20and%20suppliers%20instead.%22%2C%22keywords%22%3A%22go-to%2C%20impersonated%2C%20party%2C%20business%2C%20email%2C%20opting%2C%20impersonate%2C%20vendors%2C%20executives%2C%20compromise%2C%20actors%2C%20suppliers%2C%20years%2C%20attacks%2C%20threat%22%2C%22title%22%3A%22The%20Shift%20to%20Financial%20Supply%20Chain%20Compromise%20%7C%20Abnormal%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_source%3Dsecurityweek%26utm_medium%3Demail%2520campaign&pageViewId=56ccd02a-e848-4228-89a5-3474d83d8e8c&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:34 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame 91B4 2 KB
1 KB 56ms
18ms Document
text/html 18.64.79.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2016430.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-98.txl50.r.cloudfront.net

Software

Resource Hash

f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=900; includeSubDomains

Request headers

Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15647
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 14:29:47 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Thu, 30 Jun 2022 11:47:19 GMT
strict-transport-security: max-age=900; includeSubDomains
vary: Accept-Encoding
via: 1.1 0f55386ae5e307100f1e7694cff2d5d8.cloudfront.net (CloudFront)
x-amz-cf-id: 7GEqXu4lMAr870jFF6LXnbiSpfM53-Lqdrk8ygxjjZHVdnk3_JpX0Q==
x-amz-cf-pop: TXL50-P2
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 431 B
422 B 29ms
12ms XHR
application/json 3.69.2.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.2.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-2-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 43b21a37ead752a35feeeb473aecb119bc2b63800594adc825bcb903b81f23da

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
accept-language: de-DE,de;q=0.9
Authorization: Token fd01a97e4bdb20630a440f57b6e3085b2ff29834
EpsilonCookie: 2d58655f7f1e00007af0bd624d000000e1ba0a00

Response headers

date: Thu, 30 Jun 2022 18:50:34 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://abnormalsecurity.com
access-control-allow-credentials: true
content-length: 234

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 43ms
9ms Preflight 3.69.2.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.2.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-2-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,epsiloncookie
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,epsiloncookie
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://abnormalsecurity.com
access-control-max-age: 1800
date: Thu, 30 Jun 2022 18:50:34 GMT
server: nginx

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 211ms
199ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=bbf40b2956d4bb7805e99ad643493df0&svisitor=2d58655f7f1e00007af0bd624d000000e1ba0a00&session=5bba84f6-bf26-4f20-84fc-3dd56c34e37d&event=ipv6&q=%7B%22address%22%3A%222a03%3A1b20%3A6%3Af011%3A%3A2e%22%7D&isIframe=false&m=%7B%22description%22%3A%22For%20years%2C%20executives%20were%20the%20go-to%20impersonated%20party%20in%20BEC%20attacks.%20Now%2C%20threat%20actors%20are%20opting%20to%20impersonate%20vendors%20and%20suppliers%20instead.%22%2C%22keywords%22%3A%22go-to%2C%20impersonated%2C%20party%2C%20business%2C%20email%2C%20opting%2C%20impersonate%2C%20vendors%2C%20executives%2C%20compromise%2C%20actors%2C%20suppliers%2C%20years%2C%20attacks%2C%20threat%22%2C%22title%22%3A%22The%20Shift%20to%20Financial%20Supply%20Chain%20Compromise%20%7C%20Abnormal%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_source%3Dsecurityweek%26utm_medium%3Demail%2520campaign&pageViewId=56ccd02a-e848-4228-89a5-3474d83d8e8c&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:34 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 18ms
18ms Stylesheet
text/css 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS-879 /
Resource Hash: 4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:34 GMT
content-encoding: br
cdn-edgestorageid: 766
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 06/29/2022 20:51:07
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AMS-879
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 20:51:06 GMT
cdn-proxyver: 1.02
cdn-fileserver: 371
etag: W/"62bcbb3a-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: e58420e44b54223f19a0355160635b3f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 401 124593 Show response
api.omappapi.com/v2/embed/ 165 B
611 B 145ms
99ms XHR
application/json 99.86.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/124593?d=abnormalsecurity.com
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-80.fra6.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-user-agent: standard--
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-cache-config: 0 0
server: Pagely Gateway/1.5.1
x-amz-cf-pop: FRA6-C1
date: Thu, 30 Jun 2022 18:50:34 GMT
vary: Accept-Encoding, User-Agent
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=120, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
content-length: 165
x-amz-cf-id: _TYFuq9EnF7MMZLT3bCLqycCIs0iyP5TVCvZRFi6Ujsjlu_czpxjBg==
expires: Thu, 30 Jun 2022 18:50:42 GMT

GET
H2 200 zgns6xwgg77r.js Show response
js.driftt.com/include/1656615300000/ 210 KB
60 KB 197ms
141ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1656615300000/zgns6xwgg77r.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6fb868b5b6759ad952a1cfe671510bebc1d23ea9e418c53ea9b71655c8295aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:34 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 16:21:57 GMT
server: nginx
etag: W/"cd8b9d02a03b1b80c1ad686c47d58b24"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7b2F_.wOELBl55FpdCjymI4QXLIYzwUl
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 73TI9Kc-fVekmDaJsoOql4KuRWTxyoeGR2c9AMyGsPXiI6UtRU7vtA==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 29ms
6ms Script
application/x-javascript 104.92.72.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.72.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-72-193.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H/1.1 200
OK lp.js Show response
metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/ 6 KB
6 KB 89ms
18ms Script
application/x-javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

da5d487f1fe8c4f5bba93bab0b071aed1249cf770ffdbc0144a86a4c2bae3c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:34 GMT
Connection: Keep-Alive
Last-Modified: Fri, 10 Dec 2021 19:19:18 GMT
x-amz-request-id: tx000000000000127dfdfb2-0062ba3147-2768dd76-sfo2a
etag: "b407e44b8c40c183ae2c50df3bbcf151"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1656615034.dop012.am5.t,1656615034.cds141.am5.shn,1656615034.dop012.am5.t,1656615034.cds122.am5.c
Content-Type: application/x-javascript
Cache-Control: max-age=359245
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 5673

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 33ms
32ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1747810190&t=pageview&_s=1&dl=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_source%3Dsecurityweek%26utm_medium%3Demail%2520campaign&ul=en-us&de=UTF-8&dt=The%20Shift%20to%20Financial%20Supply%20Chain%20Compromise%20%7C%20Abnormal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEAAAAAB~&cid=1507971063.1656615034&tid=UA-135379382-1&_gid=1984259712.1656615034&gtm=2wg6t05DSW3JC&gcs=G100&z=1747645686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:29:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1284
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 56361138.js Show response
bat.bing.com/p/action/ 219 B
495 B 401ms
401ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56361138.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

3d1cae665635cd0a77d5764e069c48d48390c0e685ac12522bcc48dd4bd65a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 56DDCABBC4A0407A8E9BE6A2A827CB4E Ref B: FRAEDGE1520 Ref C: 2022-06-30T18:50:34Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Thu, 30 Jun 2022 18:50:34 GMT
content-length: 301

GET
H2 204 0
bat.bing.com/action/ 0
175 B 37ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56361138&tm=gtm002&Ver=2&mid=cdf2781c-acf0-4030-a216-a456f6b7e122&sid=85f0b370f8a511ecbe16557b4bd1926f&vid=85f0ad90f8a511ec96f64d603a652c69&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Shift%20to%20Financial%20Supply%20Chain%20Compromise%20%7C%20Abnormal&kw=go-to,%20impersonated,%20party,%20business,%20email,%20opting,%20impersonate,%20vendors,%20executives,%20compromise,%20actors,%20suppliers,%20years,%20attacks,%20threat&p=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_source%3Dsecurityweek%26utm_medium%3Demail%2520campaign&r=&lt=692&evt=pageLoad&msclkid=N&sv=1&rn=501949

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F5912B6A8F2E4D14A91FD65219B4D574 Ref B: FRAEDGE1520 Ref C: 2022-06-30T18:50:34Z
date: Thu, 30 Jun 2022 18:50:34 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 32ms
32ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1747810190&t=timing&_s=2&dl=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_source%3Dsecurityweek%26utm_medium%3Demail%2520campaign&ul=en-us&de=UTF-8&dt=The%20Shift%20to%20Financial%20Supply%20Chain%20Compromise%20%7C%20Abnormal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=692&pdt=7&dns=40&rrt=348&srt=15&tcp=23&dit=464&clt=690&_gst=1140&_gbt=1302&_cst=905&_cbt=1129&_u=YEAAAAAB~&cid=1507971063.1656615034&tid=UA-135379382-1&_gid=1984259712.1656615034&gtm=2wg6t05DSW3JC&gcs=G100&z=1248264141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:29:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1284
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2016430/ 147 B
323 B 113ms
35ms XHR
application/json 54.74.116.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2016430/visit-data?sv=7
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.116.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-116-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 18:50:34 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 7ms
7ms Script
application/x-javascript 104.92.72.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.72.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-72-193.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Sat, 08 Oct 2022 18:50:34 GMT

POST
H/1.1 200
OK visitWebPage
231-idp-139.mktoresp.com/webevents/ 2 B
318 B 1125ms
166ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://231-idp-139.mktoresp.com/webevents/visitWebPage?_mchNc=1656615034228&_mchCn=&_mchId=231-IDP-139&_mchTk=_mch-abnormalsecurity.com-1656615034228-42699&_mchHo=abnormalsecurity.com&_mchPo=&_mchRu=%2Fresources%2Ffinancial-supply-chain-compromise&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dsecurityweek__-__utm_medium%3Demail%20campaign
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:35 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 96a70227-639a-4a3d-b48d-0bd5d3ffbb22

POST
H3 200 / Show response
o212762.ingest.sentry.io/api/6251112/envelope/ 2 B
20 B 98ms
35ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o212762.ingest.sentry.io/api/6251112/envelope/?sentry_key=fc7702bf93b54791b3db39afff8f6020&sentry_version=7

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://abnormalsecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 18:50:34 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://abnormalsecurity.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H3 200 / Show response
o212762.ingest.sentry.io/api/6251112/store/ 41 B
59 B 92ms
33ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o212762.ingest.sentry.io/api/6251112/store/?sentry_key=fc7702bf93b54791b3db39afff8f6020&sentry_version=7

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

16cdfbc5ce4fe506db571357da5b1cfbaffd667f0818aeaaae0287bd6f25d572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://abnormalsecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 18:50:34 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://abnormalsecurity.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H2 200 core Show response
js.driftt.com/ Frame 69D4 2 KB
1 KB 112ms
111ms Document
text/html 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1656615300000/zgns6xwgg77r.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

aa59daf43fbf4d8c406887d911d65325e16f67fbf73f2232efa6465fa412dd45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 30 Jun 2022 18:50:34 GMT
etag: W/"88ec7b8a9fa9179a9b4372e17f9804ea"
last-modified: Thu, 30 Jun 2022 16:21:39 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-id: YFPvnmE3QVoENdeCi0xIa84YRS8-adbP2mRH_xRqZDGPBscJswKv4A==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: FkvMJ.rlOdf0itBopLcg4MKuCpyJE_NB
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame B7B6 2 KB
1 KB 117ms
117ms Document
text/html 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1656615300000/zgns6xwgg77r.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

aa59daf43fbf4d8c406887d911d65325e16f67fbf73f2232efa6465fa412dd45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 30 Jun 2022 18:50:34 GMT
etag: W/"88ec7b8a9fa9179a9b4372e17f9804ea"
last-modified: Thu, 30 Jun 2022 16:21:39 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-id: Y2GLAltn-IAIrDpzGEuXxqs3NDe3OIRLXF9OJUlF4kJeCxJ9KDvKvQ==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: FkvMJ.rlOdf0itBopLcg4MKuCpyJE_NB
x-cache: RefreshHit from cloudfront

POST
H3 200 / Show response
o212762.ingest.sentry.io/api/6251112/envelope/ 41 B
59 B 40ms
31ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o212762.ingest.sentry.io/api/6251112/envelope/?sentry_key=fc7702bf93b54791b3db39afff8f6020&sentry_version=7

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0ea527d629d70129dfca2d4fe6c7bd18a983270add8e7dce17b17f76c94af838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://abnormalsecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 18:50:34 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://abnormalsecurity.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H2 200 56361138 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 202ms
143ms Script
application/x-javascript 2620:1ec:27::cafe:1761
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56361138
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56361138.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1761 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: dbe1883bcb8e2cba6d0a2db91c4aa2ef8a228bee4272aa7609246c8d8b088679

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:34 GMT
x-powered-by: ASP.NET
x-azure-ref: 0evC9YgAAAADHiPTMJ2hxQoE04F3UK1+xR1ZBMzBFREdFMDIxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
content-length: 1541
expires: -1

GET
H2 200 runtime~main.1c933de8.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 6 KB
3 KB 10ms
8ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5e3cc80123a4954b19620ae442f794954a14f2d40bbdb33d33b37f065df62156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 16:21:39 GMT
content-encoding: gzip
age: 8935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 16:04:28 GMT
server: nginx
etag: W/"4b8335542e8984b857cd3fe4391d01fc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oPG6ovilRxCQYuHiyZnRW4243lybB6W_
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3oM0froxZQyeNrjvbkd-YbHKZF_SHq5cPv-CUob4gHc-vRrSZcRC2A==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 35 KB
13 KB 10ms
9ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5xsYmEFkOBD1NutCM8gkIyopFDos52915hPmUB_NzbBoxD5__CY4_w==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 7 KB
3 KB 11ms
10ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:15 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9qbak4s_fS3U3ItMkJp51dxjDAaDzA89
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LeOE5SMNmE19aZ8QtWJ18Ai_vQ2kzZRfXCm_lhqShT7zxWLJ9XOE0Q==

GET
H2 200 runtime~main.1c933de8.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 6 KB
3 KB 11ms
8ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5e3cc80123a4954b19620ae442f794954a14f2d40bbdb33d33b37f065df62156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 16:21:39 GMT
content-encoding: gzip
age: 8935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 16:04:28 GMT
server: nginx
etag: W/"4b8335542e8984b857cd3fe4391d01fc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oPG6ovilRxCQYuHiyZnRW4243lybB6W_
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bnEobNwXb4U8_Dr3bFbP04x-bsBUBzpyit64wuLwfiEXBJNrp-nGyA==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 35 KB
13 KB 11ms
9ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Hbovj-yHfVAGWULi5habRqIyd862uvqjdgGWf0t4ceBbgmHm723fBQ==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 7 KB
3 KB 11ms
9ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:15 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9qbak4s_fS3U3ItMkJp51dxjDAaDzA89
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CQa14pAfuH4LpiQZ-izRDAp_yyhohWKy5LLzdH-vNQPHen2l8F23Cg==

GET
H2 200 47.f4a0cab7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 47 KB
14 KB 13ms
7ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ghx9KuLEsU65toAWp7tNXfQomgxjyrbm
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: acI46i_vfctYjM6CxZtzJwr7rzFb4JJgiOZwzcPYUIutuBfWT4Zv4g==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 44 KB
13 KB 15ms
9ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B9rIJ_he3NnZfaZwCr7GvLzRmtehknn.
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fhfkPQsR3rPx0hMXkpog8dM6FXcKAlMBXJHtaYUoMguhSU-qxwRQXQ==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 25 KB
8 KB 16ms
10ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1810244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3g.L2n28pTj8AcDJTW_JUnx4I1CqyPA9
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9QyPxXnuZarFybgsHyE0rocjB4xSxoJRy-Y-mnPeNQqclFNEMLzSGg==

GET
H2 200 18.c13b3a33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 16 KB
5 KB 15ms
10ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6bdaEoVaogjxYdNJvlFfyTO_1fTxsp6o
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TqdiLBOlffGS5_gLR3f8SOHYG4VYC0X_TQfRJHjkRuCRZ-3lz_IQ3g==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 74 KB
23 KB 16ms
11ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1ELAD9ixg7yGAHdwaUfSjhft0fqOnq7lumq3l4R8dUSTVpXYFHZP3g==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 59 KB
19 KB 17ms
12ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cyXTxSuCBvZx654ePqR2xs6GalDG76.D
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7W_s0q-yuHtCAEEVai_m96P9hCPJD-Y40zUBYz6tXvnwiMdmEDYchw==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 91 KB
28 KB 18ms
14ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eWIFIo8DxLn4S25aWqEs5lrAyCB0pQZS
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 78ZcdDCc7ZgeC0Nn03Iw_MF0Tj1tO8_H4wjY1k226-rDsSOOJN20YA==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 23 KB
7 KB 19ms
15ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g.TAX9Ljd1CKN2hPKg7rBsCyhJ70wktS
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: viuW8Yz6BjIS346McJvacXrd97MNvQPQ1_fWbordBqrtnJKOmcz8Qw==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 62 KB
20 KB 26ms
23ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1810244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AZatU1G3W6aZgnPi8EiGVtSbHMH8e_3C
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FKxxJUmzMYA4vUu-_Tv6iQyWRiU2axToqmv9Ph7_QK6dHFG6e3iqOQ==

GET
H2 200 45.772158c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 105 KB
34 KB 27ms
23ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Wo_uRM2rzEKAIONIW1ozWH.Ih3Zgd.66
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hqwo9QMkqdARswr5oxmuHnHXV9ttbYqUBaCybhvic4r_nuuWV3zjRQ==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 12 KB
4 KB 27ms
24ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1810244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vfeRyCVEXAgN194Limgbh9jYPHlUCCs_xMZMLoA375Yt4giKWMLCXQ==

GET
H2 200 28.ed383893.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 12 KB
5 KB 27ms
25ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"910117b3f0a0501f693606963bfe4daf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W4iSCS77kEC.SSNCcLhsvI35ESlRZh_5
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HlEJryocaz_3FQeae4KKAg_jJAWi4H0n9TZaEOD1nsT_IGo0gGuZjw==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 17 KB
7 KB 28ms
25ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IYcZXStVL2CjeeCB9Www5YnCHKJfMMCs
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sXg7WI2grzNgIfgu24KPO0DmQ1pAc6kHyRpBAy18n0vJ5UBq7SvuHA==

GET
H2 200 9.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 69D4 11 KB
3 KB 9ms
7ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hokYckg1IjTUPfKmbuCy6NNmRFmQH3VZ
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pGsjw7sY_RJbGXvQe4FUP3Pe5SB5wTxCkuDprds2yLRhOofGH4FBrg==

GET
H2 200 9.61bf5d5e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 70 KB
22 KB 28ms
26ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.61bf5d5e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6774401309d194234d263e20d3b25357dd8e0080d357ba297064b94490e64151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 1134266
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:28 GMT
server: nginx
etag: W/"b0dd42407985a4f00c1012ed8c5c2e3e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6lcA8QuitZUhP8J6Df4tn8YMBMYoSZaq
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4tLdeJMzw4zB6NQ5_kgCLUuHJK_mfAbTsxdiFUNOnHevZUzAX7zqUg==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 69D4 24 B
667 B 9ms
8ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dQco9HMqhetSDTIWmJEMrd5LFJOWRKDNDw5WTmJAB-fbkKUKFsU9eA==

GET
H2 200 17.e10e47ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 78 KB
20 KB 29ms
27ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.e10e47ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

297a37bb6850bec206fd118956ef2978215d1a6cbafd5ab8a0a4d60cfadfb29b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 17:32:21 GMT
content-encoding: gzip
age: 263893
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Jun 2022 15:02:27 GMT
server: nginx
etag: W/"b53dee6a07632de73180d2c32b0acaf5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QpG1CPSLwoveGLm0y5uA7vwhzz67Qs0u
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TQFLwO-yWqIhJh1_yDyzgog18eJEhXymZcw2H4Q40j_OfOC_b1RUQQ==

GET
H2 200 24.db7c2358.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 48 KB
13 KB 30ms
28ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.db7c2358.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0a2fe962802e9ee97b74e2c74da17684d48782f7c07cc60dc92a90d547272376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 17:32:21 GMT
content-encoding: gzip
age: 263893
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Jun 2022 15:02:27 GMT
server: nginx
etag: W/"5e2251946ff054924bcde3804ae639dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LiRDtVkODyWzGmL84YeOBD7DHsFVH0NN
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vxwY1MRAZxRdzp3GWZMeFYAMsKQtoeHdbRCtSd4ofFrM-QOKZP8PEA==

GET
H2 200 15.8cdf7ddb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 40 KB
13 KB 30ms
29ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8cdf7ddb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8bf5bced364954d733c0fe6429262acdcc2a5445281d4c3f5886592273beb014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 16:21:39 GMT
content-encoding: gzip
age: 8935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 16:04:25 GMT
server: nginx
etag: W/"fb105ea35a3829bde69c3938fdda84e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UHMSREdzXnf0B6kPDowjIWiYUmQaLSIM
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sfN5Xpdu-wgxNt_sthqmmA3xDO-EF9MftpUXoLVfeY47wnXO-BdWbg==

GET
H2 200 47.f4a0cab7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 47 KB
14 KB 28ms
26ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ghx9KuLEsU65toAWp7tNXfQomgxjyrbm
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tnT6n3Wm-t41wRBT-EFc_GAunxWFQaOkYDDlBrQiSGGoNXR_vk4iFw==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 44 KB
13 KB 29ms
27ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B9rIJ_he3NnZfaZwCr7GvLzRmtehknn.
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n1DmzV-rdfSizOyA4aHboPeMe4n39pGn8oFgd3GejGV4eLSPXRGS3g==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 25 KB
8 KB 29ms
28ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1810244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3g.L2n28pTj8AcDJTW_JUnx4I1CqyPA9
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5oLO5pvLQ0TxFCTsdYUPx2HjGW_ydHKw_bsBPUkTQy3g6HIBYpM1hQ==

GET
H2 200 18.c13b3a33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 16 KB
5 KB 29ms
28ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6bdaEoVaogjxYdNJvlFfyTO_1fTxsp6o
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0iE_peW4-VgXXOZ1sJiyvTMu0iLVzHeE4nL5x67Ql3NUKO0eiPyIlQ==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 74 KB
23 KB 30ms
28ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1QhqRwbeGWNYiRkrdsvU_ASo7K9LzwW-V30Z4qyFGOntK8u8Mi1Wsw==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 59 KB
19 KB 30ms
29ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cyXTxSuCBvZx654ePqR2xs6GalDG76.D
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GpWvSSdPVOY8yvVaYB_qlzZUE6ZyTC5dMd5YZ8wgSGqusbp7-U8OPQ==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 91 KB
28 KB 31ms
30ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eWIFIo8DxLn4S25aWqEs5lrAyCB0pQZS
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k6nHXZH1OsOvjiaApqA3ddiXKWwnbw1Y9wvYOTXW0QNEYwes1FqpYA==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 23 KB
7 KB 32ms
31ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g.TAX9Ljd1CKN2hPKg7rBsCyhJ70wktS
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ouaaHPXluJMwkWmlmRS3jKeuwDOSuSW0M1lAA5DyFQyCfC033HlHyg==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 62 KB
20 KB 32ms
31ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1810244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AZatU1G3W6aZgnPi8EiGVtSbHMH8e_3C
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HdmlDvI0-8AuhAdlfQRUZEZOQFBBZzAIhuV3-5pKZXxoBgVARG4cJQ==

GET
H2 200 45.772158c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 105 KB
34 KB 33ms
32ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Wo_uRM2rzEKAIONIW1ozWH.Ih3Zgd.66
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 48Yoc5dw8PXvIKmwXifZfiZTKnLFeqBbBHCNZcEb0IqJIBR_32TxSg==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 12 KB
4 KB 34ms
33ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1810244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: S_iJJUKxpSJif09877hGpPbpq1E4HLdde0EyyrT6wbl78i7rWhOoIw==

GET
H2 200 28.ed383893.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 12 KB
5 KB 34ms
33ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"910117b3f0a0501f693606963bfe4daf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W4iSCS77kEC.SSNCcLhsvI35ESlRZh_5
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _0gnBuOLqBTct_YdznhJRl4EPEmx0xBBkQbwrOGcYTnXI3Ukbx1E-g==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 17 KB
7 KB 34ms
34ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IYcZXStVL2CjeeCB9Www5YnCHKJfMMCs
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5Y1D8d4jqLZ0Fj3eK9HVENUJJp0pUdH3FDihS7iwWGxTYKbaeEAMjA==

GET
H2 200 9.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame B7B6 11 KB
3 KB 34ms
34ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hokYckg1IjTUPfKmbuCy6NNmRFmQH3VZ
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sesuFKpGmcnYlbk7lLeHJ7JYxeuvGz5h8vhAnMnwMnH8brB9RB1kOA==

GET
H2 200 9.61bf5d5e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 70 KB
22 KB 35ms
34ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.61bf5d5e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6774401309d194234d263e20d3b25357dd8e0080d357ba297064b94490e64151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 1134266
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:28 GMT
server: nginx
etag: W/"b0dd42407985a4f00c1012ed8c5c2e3e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6lcA8QuitZUhP8J6Df4tn8YMBMYoSZaq
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zuRWoeHrBvj2qoek0MtsshJbKHDf8MwN9jXZvcu6ONm71L8B4x1wjg==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame B7B6 24 B
666 B 35ms
34ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
age: 1810245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QRgxDWM6PSlTzC5z-EYTErebH9g0qT6VhiB5JtgslGTVkgSp36a9vA==

GET
H2 200 17.e10e47ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 78 KB
20 KB 35ms
35ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.e10e47ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

297a37bb6850bec206fd118956ef2978215d1a6cbafd5ab8a0a4d60cfadfb29b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 17:32:21 GMT
content-encoding: gzip
age: 263893
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Jun 2022 15:02:27 GMT
server: nginx
etag: W/"b53dee6a07632de73180d2c32b0acaf5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QpG1CPSLwoveGLm0y5uA7vwhzz67Qs0u
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3vlCFFtYAznpotWbPCLPnvt7ulFuqaacFg3mGY6u_XGPLDtdZ05joA==

GET
H2 200 24.db7c2358.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 48 KB
13 KB 36ms
36ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.db7c2358.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0a2fe962802e9ee97b74e2c74da17684d48782f7c07cc60dc92a90d547272376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 17:32:21 GMT
content-encoding: gzip
age: 263893
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Jun 2022 15:02:27 GMT
server: nginx
etag: W/"5e2251946ff054924bcde3804ae639dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LiRDtVkODyWzGmL84YeOBD7DHsFVH0NN
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fsDXhjL8dfaz0dIcKNjgmwUW-sSEp1ZDYOCwfEv2XihfG46-ybolDw==

GET
H2 200 15.8cdf7ddb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 40 KB
13 KB 37ms
37ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8cdf7ddb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8bf5bced364954d733c0fe6429262acdcc2a5445281d4c3f5886592273beb014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 16:21:39 GMT
content-encoding: gzip
age: 8935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 16:04:25 GMT
server: nginx
etag: W/"fb105ea35a3829bde69c3938fdda84e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UHMSREdzXnf0B6kPDowjIWiYUmQaLSIM
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uALK5fOTkf-vG6lJH3a4KeShtoHboRsCgIitd8qTXfAd0kQzNcOFKQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 9 KB
3 KB 8ms
7ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:20:39 GMT
content-encoding: gzip
age: 905395
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FXhpBdntUhclEQbRyN38j73SJPN5DG6s
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 68SHfwbtRIfoMX0oqEoB3Y2htTON0gUaCRdx8tN7TdcSRsejhx9WBA==

GET
H2 200 26.a5fa75d7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 33 KB
10 KB 10ms
9ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.a5fa75d7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

72d52dcf32b1f0357fdb9688cb7d59dd429ed01f5bf3098825191ba7e244927c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1810244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"07c533e32590bc52ac1b137167ac3d81"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Om6KhJpoRUYTr7Om8uqiUaVuwIdIX9mR
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DAjtY1cQmx5IEVK_ViwlqrvgH4PIGyg2aiSONPYvHoLY074oyYCAlw==

GET
H2 200 27.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame 69D4 8 KB
2 KB 9ms
8ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1810244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xlq0zBG2KT_EHoSQ.8VBH19dO.kmmlfU
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: F7SFUsvniP4fleSJ-XA056spOguYXNV0EIxy9Ce7mA6BKeGgd1FbAA==

GET
H2 200 27.cae93f43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 12 KB
5 KB 10ms
9ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.cae93f43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

cbd1fd9e5454ee302f349f7a91241a8e37f4daf59dfbbfb26d8c76d4ec49fac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 1134266
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"5277c592e20a97f12101fb9221e1083d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RRKwz_zWe9zBFE0ke3ga_KW8r9kULuha
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IN-4L1bWTDPvbcbrTd_mciyRY93WWCZErxOVqjL4R4vr1K7GH5shhg==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 69D4 365 B
1007 B 10ms
10ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 08:38:41 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
age: 1937513
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Fri, 22 Apr 2022 20:24:53 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: L3VGtilyy25ajd6juXICRdarj04czsmC
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: H45mKFc9xdLl2Kikz9cj7Imzbb8amUlN8Z3AERCbWA2waMo37zZNyw==

GET
H2 200 19.f3b29826.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 69D4 87 KB
24 KB 10ms
10ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.f3b29826.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

011f20e779f2ae9697f05a59f0a55ccb148b285e1bc8e055e92e36404231b2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zgns6xwgg77r&region=US&forceShow=false&skipCampaigns=false&sessionId=d982863d-75bb-49a7-990e-0489191529cf&sessionStarted=1656615034.515&campaignRefreshToken=af682172-d303-4768-b08f-7d334d63a567&hideController=false&pageLoadStartTime=1656615033320&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 17:32:22 GMT
content-encoding: gzip
age: 263892
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Jun 2022 15:02:27 GMT
server: nginx
etag: W/"37162f52cab14f34ecaa96ca3e60a683"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7AF00FKDctBK7LiRfSMLCrCCuJShFhML
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DxzMOT2e4vuG_QQl5DAGx0UOYBzZKUvBGAJUH_tcOBDHqKGSBStcxw==

GET
H2 200 34.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame B7B6 3 KB
1 KB 8ms
7ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1810244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pDgWOASMN9_NDbkmryYYC4K2HoZ50omL
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Br7OkdLjN-5gmlHSpuLXzItpH722CIE8N9NuIFmRa2y5nGqhMBhawA==

GET
H2 200 34.07340d2f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 3 KB
2 KB 8ms
8ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.07340d2f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 14:14:39 GMT
content-encoding: gzip
age: 1139755
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 13:01:30 GMT
server: nginx
etag: W/"f732dfb3db72f996e1f4bc0225629a20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HvgZCV9LNyT7x7vVdSj885BtX9dyNytM
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uPXpdPXGa2Bvfa0xlXtewBvo9leYkQpkbuC3oMinAnOs9346j_K3Ig==

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.34/ 53 KB
23 KB 115ms
114ms Script
application/javascript 2620:1ec:27::cafe:1761
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56361138
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1761 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:34 GMT
content-encoding: br
etag: "1d88bc3d8d26054"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0evC9YgAAAADAGhHvy5WyTZ+v3K0rifaKR1ZBMzBFREdFMDIxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=9AFB7BDAADD047F185B335F17BBBF793&RedC=c.clarity.ms&MXFR=10FCB9E6E0076E5F3A77A835E4076055
https://c.clarity.ms/c.gif?CtsSyncId=9AFB7BDAADD047F185B335F17BBBF793&MUID=22C95EB5F33A65C03E0B4F66F25164BF

42 B
368 B

29ms
28ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=9AFB7BDAADD047F185B335F17BBBF793&MUID=22C95EB5F33A65C03E0B4F66F25164BF
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:50:34 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:50:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D95FAE10085047D88B29D301FD40C74A Ref B: FRAEDGE1520 Ref C: 2022-06-30T18:50:34Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=9AFB7BDAADD047F185B335F17BBBF793&MUID=22C95EB5F33A65C03E0B4F66F25164BF
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 9 KB
3 KB 10ms
9ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:20:39 GMT
content-encoding: gzip
age: 905395
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FXhpBdntUhclEQbRyN38j73SJPN5DG6s
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pP_qcFds2tKvyoM-EJGKZUIjeBogxfXUe8gaMl1fGuwxeK7Ossi7nQ==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame B7B6 7 KB
2 KB 11ms
9ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1810244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qCJlHTNUr2HFRH6Ajng7Ce3aN.cZgspN
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6DkmeocPDWzI_DLL_3gb4nKRsS196Ak1WOJzPeuxYovgZFy2U2gP3g==

GET
H2 200 3.00aa1009.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 54 KB
16 KB 12ms
11ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.00aa1009.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b8eef39219651c2e824894e8f8d35742e86021c1a556136fb6ffc5e1169bccbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1810244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"b6e857285e106c4d697971a13a9e5f01"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5X0O2ApU5vgBeUnxDu8Cb4hnMjQt6Q5W
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U2LVhGml1Wp2Ui-IRyjbdOQfvrddrkqh1bW2NxkLyDx6VOWbdZTFIA==

GET
H2 200 1.2a811815.chunk.css
js.driftt.com/core/assets/css/ Frame B7B6 43 KB
7 KB 11ms
10ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.2a811815.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5c09e8bec292a5b43b6a5be55beb50de7bf16c101bf236faa43e49ce70f8c229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 14:14:39 GMT
content-encoding: gzip
age: 1139755
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 13:01:27 GMT
server: nginx
etag: W/"cffa309af51f35e8b5792ddf3e06a80b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VUaHAxuPIr8zCHoCffr5ySO3Had_qiEc
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QyOD7D8UvRjWqtgopDCGLlemC8LNhOZXnANHwScRnB4h5TmsAgrKAA==

GET
H2 200 1.d9e4afce.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 73 KB
25 KB 12ms
11ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.d9e4afce.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5cc7316907fb9960364ce076f9df390543397388bbabd5b1da1a8dd959f72470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 20:55:32 GMT
content-encoding: gzip
age: 78902
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 20:43:11 GMT
server: nginx
etag: W/"911ca7b2f956c82f4221b7a180f305f5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bFEXKvyLGjy8CnNywMz2FPgNyerapj8g
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s9s2Zdy4EzqIPlT7y9_M06iy1cj8RmCm0b-u-zSJ3THrYJq0j-HC5g==

GET
H2 200 32.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame B7B6 12 KB
3 KB 11ms
10ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1810244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: D63PtXL5bP.wpWr.uBaG9A4P_yKmwfSx
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SihHVQlAkkWNZiocK8S3Sdl8GDaHKLxd8dRa6LjlgV6oL51-y5K82w==

GET
H2 200 32.08d8dedf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B7B6 11 KB
5 KB 13ms
12ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.08d8dedf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1c933de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

88d623d347bc1d092c1d546f62ac989acddceb46ca869c4b48adb62e229daee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1656615033320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 1134266
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"566a10802a29d81a470d77eb56b23265"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: q1XXFzMgigoPtwIuvu5JzvITbp4A1Agn
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Qwyw3xv_4MpmQC5SPY7D8uDmCXZIumygISAbOwiHPSKrEI0Lk_HXdA==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 69D4 25 B
122 B 117ms
116ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Jun 2022 18:50:35 GMT
server: istio-envoy
requestid: 6f3a12a8a056ca45
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 357ms
106ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 30 Jun 2022 18:50:35 GMT
requestid: driftcb9a6714d0cb79075bd4f707dbd
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 69D4 147 B
244 B 105ms
104ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

ac5cbc0ef2e0832969c9edffb97836ce658bad0ac680e6902a117f7090fbf006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Jun 2022 18:50:35 GMT
server: istio-envoy
requestid: 2a48625e261da711
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 348ms
105ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 30 Jun 2022 18:50:35 GMT
requestid: drift34be81d473bb8ec1a988060c00b
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 204 collect Show response
b.clarity.ms/ 0
178 B 391ms
190ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://abnormalsecurity.com
date: Thu, 30 Jun 2022 18:50:35 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 201ms
200ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=bbf40b2956d4bb7805e99ad643493df0&svisitor=2d58655f7f1e00007af0bd624d000000e1ba0a00&session=5bba84f6-bf26-4f20-84fc-3dd56c34e37d&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20Jun%202022%2018%3A50%3A35%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20Jun%202022%2018%3A50%3A34%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22For%20years%2C%20executives%20were%20the%20go-to%20impersonated%20party%20in%20BEC%20attacks.%20Now%2C%20threat%20actors%20are%20opting%20to%20impersonate%20vendors%20and%20suppliers%20instead.%22%2C%22keywords%22%3A%22go-to%2C%20impersonated%2C%20party%2C%20business%2C%20email%2C%20opting%2C%20impersonate%2C%20vendors%2C%20executives%2C%20compromise%2C%20actors%2C%20suppliers%2C%20years%2C%20attacks%2C%20threat%22%2C%22title%22%3A%22The%20Shift%20to%20Financial%20Supply%20Chain%20Compromise%20%7C%20Abnormal%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_source%3Dsecurityweek%26utm_medium%3Demail%2520campaign&pageViewId=56ccd02a-e848-4228-89a5-3474d83d8e8c&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:35 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 193ms
192ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=bbf40b2956d4bb7805e99ad643493df0&svisitor=2d58655f7f1e00007af0bd624d000000e1ba0a00&session=5bba84f6-bf26-4f20-84fc-3dd56c34e37d&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20Jun%202022%2018%3A50%3A36%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20Jun%202022%2018%3A50%3A35%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%222006%22%7D&isIframe=false&m=%7B%22description%22%3A%22For%20years%2C%20executives%20were%20the%20go-to%20impersonated%20party%20in%20BEC%20attacks.%20Now%2C%20threat%20actors%20are%20opting%20to%20impersonate%20vendors%20and%20suppliers%20instead.%22%2C%22keywords%22%3A%22go-to%2C%20impersonated%2C%20party%2C%20business%2C%20email%2C%20opting%2C%20impersonate%2C%20vendors%2C%20executives%2C%20compromise%2C%20actors%2C%20suppliers%2C%20years%2C%20attacks%2C%20threat%22%2C%22title%22%3A%22The%20Shift%20to%20Financial%20Supply%20Chain%20Compromise%20%7C%20Abnormal%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_source%3Dsecurityweek%26utm_medium%3Demail%2520campaign&pageViewId=56ccd02a-e848-4228-89a5-3474d83d8e8c&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:36 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
25 B 94ms
94ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-e00625d5dd194c03.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://abnormalsecurity.com
date: Thu, 30 Jun 2022 18:50:35 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 38ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: TVp+FuGu379Zh/lR8HPQLVg2yUVMXdNwjIrvHymCqICPnt95mPUsXibkIdgTBjeMf+m2Wx9oru1JPmm/mMnLpA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 30 Jun 2022 18:50:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 864960911028583 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 77ms
66ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/864960911028583?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a9315aa3fd4eeea755b06e21b0d2a1a250ae2280af0e1ee7644a545fa4e0400

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: rjDi3Re7nFtXAfvEoHQpoTYnuLtIy+IDNkAe0xj6AI9YTeYJDi1k1lVqKZSbAxHzQ7q0JpkmVSRk8q/awYQ7Pw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 30 Jun 2022 18:50:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656615037164
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 194ms
194ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=bbf40b2956d4bb7805e99ad643493df0&svisitor=2d58655f7f1e00007af0bd624d000000e1ba0a00&session=5bba84f6-bf26-4f20-84fc-3dd56c34e37d&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20Jun%202022%2018%3A50%3A37%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20Jun%202022%2018%3A50%3A36%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%223010%22%7D&isIframe=false&m=%7B%22description%22%3A%22For%20years%2C%20executives%20were%20the%20go-to%20impersonated%20party%20in%20BEC%20attacks.%20Now%2C%20threat%20actors%20are%20opting%20to%20impersonate%20vendors%20and%20suppliers%20instead.%22%2C%22keywords%22%3A%22go-to%2C%20impersonated%2C%20party%2C%20business%2C%20email%2C%20opting%2C%20impersonate%2C%20vendors%2C%20executives%2C%20compromise%2C%20actors%2C%20suppliers%2C%20years%2C%20attacks%2C%20threat%22%2C%22title%22%3A%22The%20Shift%20to%20Financial%20Supply%20Chain%20Compromise%20%7C%20Abnormal%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_source%3Dsecurityweek%26utm_medium%3Demail%2520campaign&pageViewId=56ccd02a-e848-4228-89a5-3474d83d8e8c&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:37 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 23ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=864960911028583&ev=PageView&dl=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_source%3Dsecurityweek%26utm_medium%3Demail%2520campaign&rl=&if=false&ts=1656615037232&sw=1600&sh=1200&v=2.9.64&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1656615037231.1775002229&it=1656615037091&coo=false&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:50:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 30 Jun 2022 18:50:37 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 69D4 25 B
89 B 119ms
118ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Jun 2022 18:50:37 GMT
server: istio-envoy
requestid: a70b49a60cb336fb
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 103ms
102ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 30 Jun 2022 18:50:37 GMT
requestid: drift6bc083b437ca3fcbda2b63acd02
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6C49 0
17 B 16ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://abnormalsecurity.com
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://abnormalsecurity.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 18:50:37 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 194ms
193ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=bbf40b2956d4bb7805e99ad643493df0&svisitor=2d58655f7f1e00007af0bd624d000000e1ba0a00&session=5bba84f6-bf26-4f20-84fc-3dd56c34e37d&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20Jun%202022%2018%3A50%3A38%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20Jun%202022%2018%3A50%3A37%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224011%22%7D&isIframe=false&m=%7B%22description%22%3A%22For%20years%2C%20executives%20were%20the%20go-to%20impersonated%20party%20in%20BEC%20attacks.%20Now%2C%20threat%20actors%20are%20opting%20to%20impersonate%20vendors%20and%20suppliers%20instead.%22%2C%22keywords%22%3A%22go-to%2C%20impersonated%2C%20party%2C%20business%2C%20email%2C%20opting%2C%20impersonate%2C%20vendors%2C%20executives%2C%20compromise%2C%20actors%2C%20suppliers%2C%20years%2C%20attacks%2C%20threat%22%2C%22title%22%3A%22The%20Shift%20to%20Financial%20Supply%20Chain%20Compromise%20%7C%20Abnormal%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_source%3Dsecurityweek%26utm_medium%3Demail%2520campaign&pageViewId=56ccd02a-e848-4228-89a5-3474d83d8e8c&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:38 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 192ms
192ms Image
image/gif 104.92.74.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=bbf40b2956d4bb7805e99ad643493df0&svisitor=2d58655f7f1e00007af0bd624d000000e1ba0a00&session=5bba84f6-bf26-4f20-84fc-3dd56c34e37d&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20Jun%202022%2018%3A50%3A39%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20Jun%202022%2018%3A50%3A38%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%225015%22%7D&isIframe=false&m=%7B%22description%22%3A%22For%20years%2C%20executives%20were%20the%20go-to%20impersonated%20party%20in%20BEC%20attacks.%20Now%2C%20threat%20actors%20are%20opting%20to%20impersonate%20vendors%20and%20suppliers%20instead.%22%2C%22keywords%22%3A%22go-to%2C%20impersonated%2C%20party%2C%20business%2C%20email%2C%20opting%2C%20impersonate%2C%20vendors%2C%20executives%2C%20compromise%2C%20actors%2C%20suppliers%2C%20years%2C%20attacks%2C%20threat%22%2C%22title%22%3A%22The%20Shift%20to%20Financial%20Supply%20Chain%20Compromise%20%7C%20Abnormal%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fabnormalsecurity.com%2Fresources%2Ffinancial-supply-chain-compromise%3Futm_source%3Dsecurityweek%26utm_medium%3Demail%2520campaign&pageViewId=56ccd02a-e848-4228-89a5-3474d83d8e8c&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-74-202.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/resources/financial-supply-chain-compromise?utm_source=securityweek&utm_medium=email%20campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:50:39 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
abnormalsecurity.com/resources	1970-01-20 04:10:33	Name: urlParams Value: %7B%22utm_source%22%3A%22securityweek%22%2C%22utm_medium%22%3A%22email%20campaign%22%7D
.6sc.co/	1970-01-20 21:41:27	Name: 6suuid Value: 2d58655f7f1e00007af0bd624d000000e1ba0a00
abnormalsecurity.com/	1970-01-20 04:20:19	Name: _an_uid Value: 0
abnormalsecurity.com/	1970-01-20 21:41:27	Name: _gd_visitor Value: ea9b733c-abaf-4219-8ed6-59841af54c72
abnormalsecurity.com/	1970-01-20 04:10:29	Name: _gd_session Value: 5bba84f6-bf26-4f20-84fc-3dd56c34e37d
abnormalsecurity.com/	1970-01-20 21:41:27	Name: _gd_svisitor Value: 2d58655f7f1e00007af0bd624d000000e1ba0a00
.bing.com/	1970-01-20 13:31:51	Name: MUID Value: 22C95EB5F33A65C03E0B4F66F25164BF
abnormalsecurity.com/	1970-01-24 04:08:48	Name: _omappvp Value: pIgjfEBpGKnUMmtMjYxdNpm3hSPVTUtqhv0YfuC6R2JG39sU28V7u9235wndAxFVFAkUoY8xT49htQFOGsHH5fempMHZoNCK
abnormalsecurity.com/	1970-01-20 04:10:16	Name: _omappvs Value: 1656615034178
.abnormalsecurity.com/	1970-01-20 04:11:41	Name: _uetsid Value: 85f0b370f8a511ecbe16557b4bd1926f
.abnormalsecurity.com/	1970-01-20 13:31:51	Name: _uetvid Value: 85f0ad90f8a511ec96f64d603a652c69
.abnormalsecurity.com/	1970-01-20 12:55:51	Name: _hjSessionUser_2016430 Value: eyJpZCI6ImJmNmMwODBhLWMzNTQtNTE4ZS1iNjM2LTU4ZDMyMTUzY2Q3NSIsImNyZWF0ZWQiOjE2NTY2MTUwMzQxNDUsImV4aXN0aW5nIjpmYWxzZX0=
.abnormalsecurity.com/	1970-01-20 04:10:16	Name: _hjFirstSeen Value: 1
abnormalsecurity.com/	1970-01-20 04:10:15	Name: _hjIncludedInSessionSample Value: 0
.abnormalsecurity.com/	1970-01-20 04:10:16	Name: _hjSession_2016430 Value: eyJpZCI6ImFmM2M4N2VkLTYwMzgtNDgzMS05ZTg0LWJkODQ1NTZkNzE2YSIsImNyZWF0ZWQiOjE2NTY2MTUwMzQyMTIsImluU2FtcGxlIjpmYWxzZX0=
abnormalsecurity.com/	1970-01-20 04:10:15	Name: _hjIncludedInPageviewSample Value: 1
.linkedin.com/	1970-01-20 04:53:27	Name: UserMatchHistory Value: AQKgTVw7sf7aFAAAAYG1810zVIyzOdsQ7QyjNW8rsCqU1Otz7lDatvhqJ6G4H7AKcOVxBqZD605vAA
.linkedin.com/	1970-01-20 04:53:27	Name: AnalyticsSyncHistory Value: AQKX33QpXNq2DgAAAYG1810z-018WxpZ4QKx8vPRl7IwJigmAF5YltVtriuxNoU33gQ-6ZED2qm_FLEK9JrR9A
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:42:08	Name: bcookie Value: "v=2&2329a989-0928-45f9-8160-6f2eb7f6e9bf"
.linkedin.com/	1970-01-20 04:11:41	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2648:u=1:x=1:i=1656615034:t=1656701434:v=2:sig=AQHIay3U5Zbp0MKJQMSem_Kjy-jgJQLT"
.abnormalsecurity.com/	1970-01-20 04:10:16	Name: _hjAbsoluteSessionInProgress Value: 0
.abnormalsecurity.com/	1970-01-20 21:41:27	Name: _mkto_trk Value: id:231-IDP-139&token:_mch-abnormalsecurity.com-1656615034228-42699
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:42:08	Name: bscookie Value: "v=1&20220630185034b7d606a4-29fb-4eac-87af-b1be368cf2b1AQHZ22pPA1P7mA8MrxfK5WHO8CGM6ezn"
.linkedin.com/	1970-01-20 21:41:04	Name: li_gc Value: MTswOzE2NTY2MTUwMzQ7MjswMjGzoo8jbL4lGdCVH8w6SgLIXxigFrj02d+7uu8jh4aHUQ==
abnormalsecurity.com/	1970-01-20 04:10:16	Name: drift_campaign_refresh Value: af682172-d303-4768-b08f-7d334d63a567
www.clarity.ms/	1970-01-20 12:55:51	Name: CLID Value: d059eb8a3c6e458e883bbe5d9ffbf685.20220630.20230630
.abnormalsecurity.com/	1970-01-20 12:55:51	Name: _clck Value: 93fa4d\|1\|f2r\|0
.c.bing.com/	1970-01-20 13:31:51	Name: SRM_B Value: 22C95EB5F33A65C03E0B4F66F25164BF
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:31:51	Name: MUID Value: 22C95EB5F33A65C03E0B4F66F25164BF
.c.clarity.ms/	1970-01-20 04:10:15	Name: ANONCHK Value: 0
.abnormalsecurity.com/	1970-01-20 04:11:41	Name: _clsk Value: 1gxq988\|1656615035463\|1\|1\|b.clarity.ms/collect
.abnormalsecurity.com/	1970-01-20 06:19:51	Name: _fbp Value: fb.1.1656615037231.1775002229

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'conversion-measurement'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'focus-without-user-activation'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'sync-script'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'trust-token-redemption'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vertical-scroll'.
network	error	URL: https://api.omappapi.com/v2/embed/124593?d=abnormalsecurity.com Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	object-src data:; base-uri 'self'; frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

231-idp-139.mktoresp.com
a.omappapi.com
abnormalsecurity.com
api.omappapi.com
b.6sc.co
b.clarity.ms
bat.bing.com
bootstrap.api.drift.com
c.6sc.co
c.bing.com
c.clarity.ms
cmp.osano.com
connect.facebook.net
epsilon.6sense.com
in.hotjar.com
ipv6.6sc.co
j.6sc.co
js.driftt.com
metadata-static-files.sfo2.cdn.digitaloceanspaces.com
metrics.api.drift.com
munchkin.marketo.net
o212762.ingest.sentry.io
pagead2.googlesyndication.com
px.ads.linkedin.com
px4.ads.linkedin.com
r20.rs6.net
script.hotjar.com
secure.adnxs.com
snap.licdn.com
static.hotjar.com
vars.hotjar.com
vitals.vercel-insights.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.92.72.193
104.92.74.202
108.157.4.38
13.107.43.14
143.204.215.107
18.64.79.98
192.28.147.68
20.234.93.27
20.75.32.255
2001:4860:4802:34::178
205.185.216.10
208.75.122.11
216.58.212.130
2600:9000:206f:be00:3:b7e:8940:93a1
2620:1ec:21::14
2620:1ec:27::cafe:1761
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:829::2002
2a02:26f0:1700:1b1::1c91
2a02:26f0:3500:16::215:14a0
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.69.2.47
3.94.218.138
34.120.195.249
37.252.173.38
50.16.7.188
54.229.115.12
54.74.116.255
65.9.66.91
76.76.21.21
84.17.46.53
99.86.4.80
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
011f20e779f2ae9697f05a59f0a55ccb148b285e1bc8e055e92e36404231b2f5
015b188b0562cd7d69c417d26cd4d7a6386ac8016a2c4a28d2597115db93ada3
02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5
0a2fe962802e9ee97b74e2c74da17684d48782f7c07cc60dc92a90d547272376
0d641333520fa507e083712df78c9ff1833846f689af35f7880ec0a54ade146f
0ea527d629d70129dfca2d4fe6c7bd18a983270add8e7dce17b17f76c94af838
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
0fef3801ab7e5ed8d0fb4e3c9adcd74d58474f45b2a1b1f90295bdd3bf7c963a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
16cdfbc5ce4fe506db571357da5b1cfbaffd667f0818aeaaae0287bd6f25d572
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
217c969ce25302bca16162146bf9f8464e9ac177f692f10448d31db38f36db43
297a37bb6850bec206fd118956ef2978215d1a6cbafd5ab8a0a4d60cfadfb29b
2a9315aa3fd4eeea755b06e21b0d2a1a250ae2280af0e1ee7644a545fa4e0400
2fcfb40d7414912690873936c9c1543b94b76b146d7e10f993e28f845a63c94b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32b245530334349e9b18238c266fa12ca5c278d3e4cd2ec85cedf42f783b32b0
378da4231dc80e3dfe88c92ba74eafc54c50ac6d9978c6cf9c5122fd75f8e947
3a2b6a0ec4455b04f2813efda54d818ef31f21022119d8c5371a31dcf6f50cc9
3d1cae665635cd0a77d5764e069c48d48390c0e685ac12522bcc48dd4bd65a18
3d29a42636a1e9aab5fe33a902d20f8fdbff50c6807967395d8074fae1af80fb
3d439fe68baffbb0179103891e35e5798ce660ee7ba5d18b609b03ed2153a66a
3d45fdf57e5fd666b1ff640d125a0f6e7a8edfac5055af0885b29ff442d85007
43b21a37ead752a35feeeb473aecb119bc2b63800594adc825bcb903b81f23da
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7
4a6588416e2d67985b8e7595c5ae89d32b3176197566f8e256a1bc8d75e26b32
4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250
4bc76898ef2eb624e7ffcff4023d117f1b9a28a5158ee045e68a91a47d249dcc
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4ff9c1812fd93101515df13b3a47a306e65008f6f8e298575aa381895cd68093
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5923b07c336f9884bf60ce3b9c2467af3b1e8b4af7f0a5545b219793168a5154
5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a
5c09e8bec292a5b43b6a5be55beb50de7bf16c101bf236faa43e49ce70f8c229
5cc7316907fb9960364ce076f9df390543397388bbabd5b1da1a8dd959f72470
5db0bd7b86f74ab10270a1fa40c2b9f62921f47940f5ad504942e93dced4c33f
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e3cc80123a4954b19620ae442f794954a14f2d40bbdb33d33b37f065df62156
5f1e63391856d3352aed3ba6ed5906f1bf38a37330e26da15bd74844a241e80d
62711f31b94dc65a41e76dd5a25763a23620b8763dc65fe053ad85a2cbe78803
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
647571372ba8b626fe7b3edfc23775f1ffe24e98effc872109dd67047b348f90
64dcdecc081370b1f387683027957abcbac48d2aee28c28c3a6e894bbd066998
6774401309d194234d263e20d3b25357dd8e0080d357ba297064b94490e64151
6be5b8f151ef5d8edd841748a326bbbc648757fe3256fea1fab412ad45d895f0
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
6fb868b5b6759ad952a1cfe671510bebc1d23ea9e418c53ea9b71655c8295aed
71c4b79d95ddbabc1f86358b591d5fae10b33a24b1d1a9e48d7678071638d369
72d52dcf32b1f0357fdb9688cb7d59dd429ed01f5bf3098825191ba7e244927c
7578f49bbb90df02f8430651b30df218da50dd1ff7bdac11fbdba6dd2435bbd6
78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d
79545ee1dcbf664470da2e9bbc94a48e7bb2acd03439bf82732f1fbf1ec7fee4
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
865b7850fddb2d6d632dd96795bd95b89bdfa7fb4d85f6060fe933cb944bfc1c
8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d
88d623d347bc1d092c1d546f62ac989acddceb46ca869c4b48adb62e229daee5
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8bf5bced364954d733c0fe6429262acdcc2a5445281d4c3f5886592273beb014
8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278
8eb7e226165751d93f4179ff617eabfaaea3f23d7c100e9b1074025fc1141988
91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2
94de5c66331cd244e69ce3df84813f93c2213d748c7eefdbb20ac6e461faac0e
988af3565864232eb941fe48cedd01dd3ed263fbe108048bb6335e9d74fc3b34
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c0fca5ef47da43987b526cfac3252b5514a494a8b64a2f2891ffaa456dd4317
9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0
9ed187bcd553ebaa7c8845d0291bc09563366ca4db6a464678bef7d9451b8e13
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a201decd38e5193f3bb3c2c1429a4cc7122dc34f7c7be00aa246708df848dfb0
a8ea1977d737b342f9608cd7db08216bf621b0b582e2749b4ea6da6f580cd301
aa1030ccce0ff718824a0327f595cf1fdef47ba05581e90cfce21ff47e8c1d99
aa59daf43fbf4d8c406887d911d65325e16f67fbf73f2232efa6465fa412dd45
ac5cbc0ef2e0832969c9edffb97836ce658bad0ac680e6902a117f7090fbf006
af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0
b2354712fc62b1a9b3cfb682c4f85a1b0cd9f59be140e6b3a861d5bc29720dc7
b50c98e95ab8f9e2cc7950d5c0dabb9c30eec7eaa7217cf0dded15d3f1f3c1de
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b8eef39219651c2e824894e8f8d35742e86021c1a556136fb6ffc5e1169bccbd
b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe
bb0410330ee8e13a9b85b1e433756d9a3d2831a4872b4c175e36c685d38be23e
bd37eb7cfacb7e56d771de17a818fd3774b94dcc081708becfb26553df2b952d
c0c9a7de226b6b02d07080e9df166332fb4a78581988d36eaa6ffc3cb4efd04f
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c2b55393863f50343aed8ab3a75758625a9e35096c0775af3b9ce58f058ba723
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c642fb6f2230d36e74e53ca1e6e432da853f8ac7e9a1cb04f94dd6c31b50a4d3
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cbd1fd9e5454ee302f349f7a91241a8e37f4daf59dfbbfb26d8c76d4ec49fac9
cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de
cf2d05660696300021ae6fe0f67f105719afd06cd3dc0088aec54c1ad5de1d91
d257f802a23538fb3d0eebe3028650f50859a1a32a8ac582084061b1d2aac5b9
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
d474641b2176aec1c8c19a846ba72940eedb477f91418c36b1780f6928d560de
d7d0bb186088c49e29d448a2195737a6ee0be9283c99119cc0019e946d287a26
d9a6a2e983cbf5ef2b92d7daea08d34e7516c8ce39842bf4ae3080865a07e1d8
da5d487f1fe8c4f5bba93bab0b071aed1249cf770ffdbc0144a86a4c2bae3c2c
dbe1883bcb8e2cba6d0a2db91c4aa2ef8a228bee4272aa7609246c8d8b088679
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd54cc9de79b888faf2de0619299318aa52b3f0df5c551ca903a5783a99f7b6e
dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
dfd2dc77037839ac377f283e8854fb1cd67a1b6ec44ff24c8e844d89950167e1
e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
eaed525d2b10367a85619d066740ee377f620992b03576da499ef73aeb0ab305
eb0f5b5a018002413a0a6f0a922f281e1cf8ffb568cf95ca6944058c66562ab1
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f4c16bcae64f12608fd7cb226d3da01c39cd0ffcd024d2127f0be76c0f0ba8f0
f5dd46746bf5eb0c6a949b13b9380b5608630cf424cc57939891aa478085a849
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fcd7d850c081e1330e94baac14ba4f6495801ec68c8e4078716d71944373141d
fd6d64fece890108cecfbbcbaa9f1abfc79b80bfa221ee8b883340e9c6fd453e
fe401a3b7c0d6110b370da6b39147a45aea7cd351e077522fe90268ab371173f

abnormalsecurity.com Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

177 Requests

98 %HTTPS

32 %IPv6

25 Domains

38 Subdomains

33 IPs

4 Countries

2255 kBTransfer

6522 kBSize

35 Cookies

4 Outgoing links

Page URL History

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

abnormalsecurity.com Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

98 %
HTTPS

32 %
IPv6

25
Domains

38
Subdomains

33
IPs

4
Countries

2255 kB
Transfer

6522 kB
Size

35
Cookies

177 HTTP transactions
1 data transactions