metallic.io Open in urlscan Pro
2a04:fa87:fffd::c000:4280 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Effective URL:
https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&...
Submission Tags: falconsandbox
Submission: On March 01 via api (March 1st 2022, 8:07:28 pm UTC) from US — Scanned from DE

Summary HTTP 234 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 63 IPs in 9 countries across 65 domains to perform 234 HTTP transactions. The main IP is 2a04:fa87:fffd::c000:4280, located in Ireland and belongs to AUTOMATTIC, US. The main domain is metallic.io. The Cisco Umbrella rank of the primary domain is 215126.
TLS certificate: Issued by R3 on February 24th 2022. Valid for: 3 months.

This is the only time metallic.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a04:fa87:fff... 2a04:fa87:fffd::c000:4280	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
7	18.66.122.97 18.66.122.97	16509 (AMAZON-02) (AMAZON-02)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
21	52.222.236.115 52.222.236.115	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.81 52.222.236.81	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:11a... 2a02:26f0:11a::6867:4868	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	34.241.131.177 34.241.131.177	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:1bbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.228.137 104.111.228.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:1ec:27::... 2620:1ec:27::cafe:1835	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.193.131 151.101.193.131	54113 (FASTLY) (FASTLY)
64	18.66.112.55 18.66.112.55	16509 (AMAZON-02) (AMAZON-02)
6	192.28.155.3 192.28.155.3	15224 (OMNITURE) (OMNITURE)
1	2606:4700::68... 2606:4700::6812:5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.157.1.118 108.157.1.118	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.92.72.137 104.92.72.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.195.72.147 34.195.72.147	14618 (AMAZON-AES) (AMAZON-AES)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.222.236.90 52.222.236.90	16509 (AMAZON-02) (AMAZON-02)
1	13.224.241.39 13.224.241.39	16509 (AMAZON-02) (AMAZON-02)
1	13.224.241.113 13.224.241.113	16509 (AMAZON-02) (AMAZON-02)
1	206.19.49.24 206.19.49.24	17225 (ATT-CERFN...) (ATT-CERFNET-BLOCK)
4	20.120.65.166 20.120.65.166	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	34.255.166.68 34.255.166.68	16509 (AMAZON-02) (AMAZON-02)
1	52.52.72.28 52.52.72.28	16509 (AMAZON-02) (AMAZON-02)
5 9	52.0.128.82 52.0.128.82	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
25	18.66.248.49 18.66.248.49	16509 (AMAZON-02) (AMAZON-02)
1 3	192.138.218.136 192.138.218.136	14332 (SHOPZILLA) (SHOPZILLA)
1 1	2a00:1450:400... 2a00:1450:400e:80e::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1 1	209.234.224.22 209.234.224.22	395162 (MOD-PTC) (MOD-PTC)
1 1	54.228.243.156 54.228.243.156	16509 (AMAZON-02) (AMAZON-02)
1 1	52.6.122.118 52.6.122.118	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.208.115.171 52.208.115.171	16509 (AMAZON-02) (AMAZON-02)
1 1	52.49.222.19 52.49.222.19	16509 (AMAZON-02) (AMAZON-02)
1 1	52.222.214.106 52.222.214.106	16509 (AMAZON-02) (AMAZON-02)
1 1	170.76.128.226 170.76.128.226	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	74.121.140.207 74.121.140.207	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	34.231.120.176 34.231.120.176	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.36.113.45 104.36.113.45	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
1 1	35.156.243.46 35.156.243.46	16509 (AMAZON-02) (AMAZON-02)
1 1	178.162.133.148 178.162.133.148	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1 1	52.19.97.175 52.19.97.175	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.111.216.226 104.111.216.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.138.17.51 108.138.17.51	16509 (AMAZON-02) (AMAZON-02)
3	64.19.224.207 64.19.224.207	() ()
3	2600:9000:226... 2600:9000:2261:4000:10:8317:ee40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:24:... 2a05:d018:24:b002:5c97:83c8:403c:77a7	16509 (AMAZON-02) (AMAZON-02)
1	64.19.224.210 64.19.224.210	() ()
1	35.71.131.137 35.71.131.137	() ()
4	3.94.218.138 3.94.218.138	() ()
2	54.147.21.139 54.147.21.139	() ()
1	52.222.236.80 52.222.236.80	() ()
234	63

1 104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)

email.metallic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a04:fa87:fffd::c000:4280 (Ireland)

ASN2635 (AUTOMATTIC, US)

metallic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.122.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-97.fra60.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 52.222.236.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-115.fra56.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-81.fra56.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::6867:4868 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.241.131.177 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-131-177.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1bbe (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-137.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1835 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.131 (United States)

ASN54113 (FASTLY, US)

bddbeb1bec394be790c50af5e47b2319.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 18.66.112.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-55.fra56.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.28.155.3 (United States)

ASN15224 (OMNITURE, US)

abrtp2-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abrtp2.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:5c (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.72.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.72.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-72-147.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

369-hbc-165.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-90.fra56.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.241.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-241-39.lhr62.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.241.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-241-113.lhr62.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.24 (United States)

ASN17225 (ATT-CERFNET-BLOCK, US)

apt.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.120.65.166 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

l.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.166.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-166-68.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.72.28 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-72-28.us-west-1.compute.amazonaws.com

tracking.intentsify.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.0.128.82 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-128-82.compute-1.amazonaws.com

ad.amgdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 18.66.248.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-49.dus51.r.cloudfront.net

preferences-mgr.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.138.218.136 (United States) 1 redirects

ASN14332 (SHOPZILLA, US)
PTR: shopzilla.com

www.shopzilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80e::200e (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

adssettings.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adssettings.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.234.224.22 (United States) 1 redirects

ASN395162 (MOD-PTC, US)

ad.wsod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.243.156 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-243-156.eu-west-1.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.122.118 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-122-118.compute-1.amazonaws.com

my.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.115.171 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-115-171.eu-west-1.compute.amazonaws.com

www.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.222.19 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-222-19.eu-west-1.compute.amazonaws.com

optout.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.106 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-106.fra56.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 170.76.128.226 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.207 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)

www.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.120.176 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-120-176.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.53 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.45 (United States)

ASN62713 (AS-PUBMATIC, US)

apps.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:3175:5196:e3fd:8c1d (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.243.46 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-243-46.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.148 (Rijswijk, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1.go.sonobi.com

go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.246.49 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

privacy.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.97.175 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-97-175.eu-west-1.compute.amazonaws.com

optout.bigsea.weborama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.216.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-226.deploy.static.akamaitechnologies.com

rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

cdn.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-51.fra56.r.cloudfront.net

s1.cnnx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.19.224.207 (None, )

ASN- ()

connexity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2261:4000:10:8317:ee40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.amgdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:24:b002:5c97:83c8:403c:77a7 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

ingest.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.19.224.210 (None, )

ASN- ()

t.e1e.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (None, )

ASN- ()

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.94.218.138 (None, )

ASN- ()

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.21.139 (None, )

ASN- ()

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.80 (None, )

ASN- ()

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 4748	752 KB
29	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 2894 consent-pref.trustarc.com — Cisco Umbrella Rank: 17330 consent-st.trustarc.com — Cisco Umbrella Rank: 25880	335 KB
25	truste.com preferences-mgr.truste.com — Cisco Umbrella Rank: 71826	19 KB
15	metallic.io email.metallic.io metallic.io — Cisco Umbrella Rank: 215126	3 MB
12	amgdgt.com 5 redirects ad.amgdgt.com — Cisco Umbrella Rank: 132062 cdn.amgdgt.com — Cisco Umbrella Rank: 509197	124 KB
10	marketo.com abrtp2-cdn.marketo.com — Cisco Umbrella Rank: 60979 rtp-static.marketo.com — Cisco Umbrella Rank: 14488 abrtp2.marketo.com — Cisco Umbrella Rank: 62743	123 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1248 l.clarity.ms c.clarity.ms — Cisco Umbrella Rank: 693	24 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1701 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 2981 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 2973 tracking.crazyegg.com — Cisco Umbrella Rank: 2994	30 KB
6	drift.com metrics.api.drift.com bootstrap.api.drift.com	434 B
4	google.de 1 redirects www.google.de — Cisco Umbrella Rank: 6342 adssettings.google.de	2 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adssettings.google.com — Cisco Umbrella Rank: 22619	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	4 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67	4 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 331 c.bing.com — Cisco Umbrella Rank: 212	12 KB
3	connexity.net connexity.net	6 KB
3	shopzilla.com 1 redirects www.shopzilla.com — Cisco Umbrella Rank: 137411	2 KB
3	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1357	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	56 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 598	663 B
2	pubmatic.com apps.pubmatic.com — Cisco Umbrella Rank: 252386 cdn.pubmatic.com — Cisco Umbrella Rank: 290014	5 KB
2	mathtag.com 1 redirects www.mathtag.com — Cisco Umbrella Rank: 547139 pixel.mathtag.com — Cisco Umbrella Rank: 1050	1 KB
2	turn.com 2 redirects r.turn.com — Cisco Umbrella Rank: 2694	599 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	313 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1475 insight.adsrvr.org	3 KB
2	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 11480 apt.techtarget.com — Cisco Umbrella Rank: 16434	2 KB
2	ubembed.com bddbeb1bec394be790c50af5e47b2319.js.ubembed.com — Cisco Umbrella Rank: 692247 assets.ubembed.com — Cisco Umbrella Rank: 9272	49 KB
2	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8295	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	114 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 2821	6 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	3 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2460 pixel.wp.com — Cisco Umbrella Rank: 2394	3 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2498 p1.parsely.com — Cisco Umbrella Rank: 1996	18 KB
1	driftcdn.com embeds.driftcdn.com	7 KB
1	e1e.io t.e1e.io	8 KB
1	tidaltv.com 1 redirects ingest.tidaltv.com — Cisco Umbrella Rank: 485261	228 B
1	cnnx.io s1.cnnx.io — Cisco Umbrella Rank: 253699	73 KB
1	weborama.com 1 redirects optout.bigsea.weborama.com — Cisco Umbrella Rank: 421786	204 B
1	tapad.com 1 redirects privacy.tapad.com — Cisco Umbrella Rank: 343548	142 B
1	sonobi.com 1 redirects go.sonobi.com — Cisco Umbrella Rank: 661	558 B
1	w55c.net 1 redirects i.w55c.net — Cisco Umbrella Rank: 1395	495 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 374	223 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 516	289 B
1	owneriq.net 1 redirects px.owneriq.net — Cisco Umbrella Rank: 789	475 B
1	openx.net 1 redirects u.openx.net — Cisco Umbrella Rank: 636	182 B
1	postrelease.com 1 redirects jadserve.postrelease.com — Cisco Umbrella Rank: 900	396 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 288	437 B
1	casalemedia.com 1 redirects casalemedia.com — Cisco Umbrella Rank: 215	187 B
1	company-target.com 1 redirects segments.company-target.com — Cisco Umbrella Rank: 1087	402 B
1	bidr.io 1 redirects optout.prod.bidr.io — Cisco Umbrella Rank: 353665	369 B
1	demdex.net 1 redirects www.demdex.net — Cisco Umbrella Rank: 399774	543 B
1	ipredictive.com 1 redirects my.ipredictive.com — Cisco Umbrella Rank: 416762	124 B
1	thebrighttag.com 1 redirects s.thebrighttag.com — Cisco Umbrella Rank: 1309	390 B
1	wsod.com 1 redirects ad.wsod.com — Cisco Umbrella Rank: 7112	383 B
1	intentsify.io tracking.intentsify.io — Cisco Umbrella Rank: 49209	213 B
1	mktoresp.com 369-hbc-165.mktoresp.com	311 B
1	truste-svc.net prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 27410	2 KB
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 447	338 B
1	t.co t.co — Cisco Umbrella Rank: 456	337 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 468	457 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 3117	16 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 539	6 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	gstatic.com fonts.gstatic.com	38 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	79 KB
234	65

	Domain	Requested by
64	js.driftt.com	email.metallic.io js.driftt.com
25	preferences-mgr.truste.com	email.metallic.io www.mathtag.com cdn.pubmatic.com ad.amgdgt.com s1.cnnx.io
21	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com metallic.io email.metallic.io prefmgr-cookie.truste-svc.net
14	metallic.io	email.metallic.io metallic.io
9	ad.amgdgt.com	5 redirects email.metallic.io ad.amgdgt.com
7	consent.trustarc.com	metallic.io consent.trustarc.com
5	abrtp2.marketo.com	abrtp2-cdn.marketo.com rtp-static.marketo.com
4	metrics.api.drift.com	js.driftt.com
4	rtp-static.marketo.com	abrtp2-cdn.marketo.com
4	l.clarity.ms	www.clarity.ms l.clarity.ms
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	cdn.amgdgt.com	ad.amgdgt.com
3	connexity.net	s1.cnnx.io connexity.net
3	www.shopzilla.com	1 redirects email.metallic.io s1.cnnx.io
3	www.google.de	metallic.io
3	www.google.com	metallic.io
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	ml314.com	1 redirects email.metallic.io ml314.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com metallic.io
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	metallic.io
2	bootstrap.api.drift.com	js.driftt.com
2	ap.lijit.com	2 redirects
2	r.turn.com	2 redirects
2	c.clarity.ms	1 redirects metallic.io
2	px.ads.linkedin.com	2 redirects
2	www.facebook.com	metallic.io
2	tracking.g2crowd.com	email.metallic.io
2	connect.facebook.net	email.metallic.io connect.facebook.net
2	munchkin.marketo.net	email.metallic.io munchkin.marketo.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
1	embeds.driftcdn.com	js.driftt.com
1	insight.adsrvr.org	js.adsrvr.org
1	t.e1e.io	connexity.net
1	ingest.tidaltv.com	1 redirects
1	s1.cnnx.io	www.shopzilla.com
1	cdn.pubmatic.com	apps.pubmatic.com
1	pixel.mathtag.com	1 redirects
1	optout.bigsea.weborama.com	1 redirects
1	privacy.tapad.com	1 redirects
1	go.sonobi.com	1 redirects
1	i.w55c.net	1 redirects
1	pixel.quantserve.com	1 redirects
1	bh.contextweb.com	1 redirects
1	apps.pubmatic.com	email.metallic.io
1	px.owneriq.net	1 redirects
1	u.openx.net	1 redirects
1	jadserve.postrelease.com	1 redirects
1	www.mathtag.com	email.metallic.io
1	pixel.rubiconproject.com	1 redirects
1	casalemedia.com	1 redirects
1	segments.company-target.com	1 redirects
1	optout.prod.bidr.io	1 redirects
1	www.demdex.net	1 redirects
1	my.ipredictive.com	1 redirects
1	s.thebrighttag.com	1 redirects
1	ad.wsod.com	1 redirects
1	adssettings.google.de	1 redirects
1	adssettings.google.com	1 redirects
1	tracking.intentsify.io	email.metallic.io
1	tracking.crazyegg.com	script.crazyegg.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	c.bing.com	1 redirects
1	apt.techtarget.com	metallic.io
1	assets.ubembed.com	bddbeb1bec394be790c50af5e47b2319.js.ubembed.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	px4.ads.linkedin.com	metallic.io
1	www.linkedin.com	1 redirects
1	369-hbc-165.mktoresp.com	munchkin.marketo.net
1	prefmgr-cookie.truste-svc.net	email.metallic.io
1	stags.bluekai.com	tags.bkrtx.com
1	t.co	metallic.io
1	analytics.twitter.com	static.ads-twitter.com
1	js.adsrvr.org	www.googletagmanager.com
1	trk.techtarget.com	email.metallic.io
1	abrtp2-cdn.marketo.com	email.metallic.io
1	bddbeb1bec394be790c50af5e47b2319.js.ubembed.com	www.googletagmanager.com
1	www.clarity.ms	email.metallic.io
1	tags.bkrtx.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	pixel.wp.com	metallic.io
1	p1.parsely.com	metallic.io
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	metallic.io
1	stats.wp.com	metallic.io
1	cdn.parsely.com	metallic.io
1	email.metallic.io
234	90

This site contains links to these domains. Also see Links.

Domain
careers.commvault.com
docs.metallic.io
login.metallic.io
www.facebook.com
twitter.com
www.linkedin.com
krebsonsecurity.com
safeatlast.co
blogs.gartner.com
backup.metallic.io
www.ibm.com
www.infrascale.com
cybersecurityventures.com
www.youtube.com
www.commvault.com

Subject Issuer	Validity	Valid
email.metallic.io Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
metallic.io R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-09` - `2022-03-09`	3 months	crt.sh
*.ml314.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-30` - `2022-09-28`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.marketo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.truste-svc.net Go Daddy Secure Certificate Authority - G2	`2020-04-25` - `2022-06-23`	2 years	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-13` - `2022-11-12`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.intentsify.io Amazon	`2021-08-22` - `2022-09-20`	a year	crt.sh
*.amgdgt.com Amazon	`2021-10-23` - `2022-11-20`	a year	crt.sh
*.truste.com Amazon	`2022-01-17` - `2023-02-15`	a year	crt.sh
*.shopzilla.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-26` - `2022-08-25`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.cnnx.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-10` - `2022-09-09`	a year	crt.sh
*.connexity.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-17` - `2022-07-17`	a year	crt.sh
*.e1e.io Sectigo RSA Domain Validation Secure Server CA	`2021-04-28` - `2022-05-28`	a year	crt.sh
*.driftcdn.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Frame ID: 8F18472F3781CF192EF7EAF9CA6F3E43
Requests: 97 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Frame ID: FECE5FDB75E391EA7BE7F91118CDB085
Requests: 23 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html
Frame ID: 943146F68DDBF77AACE1B846C1E67079
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/89419?ret=html&phint=__bk_t%3DRansomware%20Attacks%20are%20on%20the%20Rise%E2%80%94and%20so%20is%20Their%20Cost&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Femail.metallic.io%2F&phint=__bk_l%3Dhttps%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&phint=__bk_v%3D3.1.10&limit=1&r=99599784
Frame ID: F13EA9BA45AA367828A7E4095A3D9405
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 8F372B08A56FF51901ED5E6284ACD468
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 18AE2EE7E1AA5A0EC11AF9141FFA365A
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/636/2/18574453568258555374/
Frame ID: EA31DF0A787F5B02C555899A2A29D22E
Requests: 8 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/713/1-2/
Frame ID: C35AEBEAB4B86B968AA1D82ED15DE5C0
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/611/2/820231515190043643/
Frame ID: C7BA22EF40B94FF7D43568AC00C84A6B
Requests: 4 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYh6EAybKSn9OOo-9Lpb-q6EGe3Fm6eSz/
Frame ID: BAB04068F49FDD23E3986E2DCF49F7CF
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
Frame ID: 289170D74A8231063C69420DFD6EBEC2
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/519/1/0
Frame ID: 9204358591AA7F9D2410125A490308EE
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/642/1/adelphic
Frame ID: C6CF0193B18D929935A0124A3BC528C9
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/512/1/1646165243439
Frame ID: 56854C55F899EEE39AE0724B9F6FF325
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/781/1/0b9490d1f38e
Frame ID: 03FC46C328F4BFAAE8D07CCC13EA373A
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
Frame ID: 349C6FF91C1436774D6F6586AC126B14
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/762/1-0/
Frame ID: 6B3E6C8D5D4ABC548C4B1A083A3C1AD9
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/848/1/SOoxP5wG7osJuZgrvSLkvNphp
Frame ID: 5A2B1DCE9DA3B2D2A1E4D3A27F4AAE06
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/366/1-0/84wB7bA0hz
Frame ID: 242628F4491F43B3729ADF53708F7382
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/807/1-1/i79m2ugrp14iddj2r6tn0830a0/
Frame ID: D7D4A9FAA8B20DD8B8BA2C72B9148985
Requests: 2 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/755/3/
Frame ID: F76AA012A3F5326A216BDEF225E65A2A
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/765/1/1646165243/
Frame ID: AAFDD88ED384A91905A88AB916BE1394
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/591/1-1/no-token
Frame ID: E410C45A5E1B64EA844DA6235D920BDB
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/420/1/TpYlrYqu6UF2hBAN1dsl4VMrUlnQBSNFrkh8/
Frame ID: 38F2C18FFB4E4C110A6E13343E698277
Requests: 3 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/422/1/Owgk4wsifBFu
Frame ID: 13B24C7DE8D9CB0A44C388C5A94F047C
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/806/1-0/O010137803831646165243347/
Frame ID: 099D0E4C060F13C549BC08EF260523EA
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/831/1-1/282855468
Frame ID: 027BD574C22DE5103F9DE318E9111307
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/862/1/
Frame ID: 20BA5A858F294F37D33241E5F44C7476
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/742/1/
Frame ID: D8F6F360A92F96DDE73062301D2A5E85
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/428/1/f8b7e5dc-be2f-4171-83df-11d3d5c3307e/
Frame ID: 38B689DC4FDA2DAE11372D1ACF6D044E
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/747/1-0/csrf
Frame ID: 800E261121ACA811886F23D1FBD954DE
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 923CB3666B99F4BA37FB253D9747F660
Requests: 1 HTTP requests in this frame

Frame: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default1031&xdm_p=1
Frame ID: 3B9BB52A22E220DF51FFA063753FD39C
Requests: 4 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
Frame ID: C642D3EB0D199AEBAB9F60188BC5DB3B
Requests: 34 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
Frame ID: 087915FFC861F83B66D02C0B52003DA2
Requests: 33 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=m7wnp3i&ref=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&upid=17xtz0s&upv=1.1.0
Frame ID: 2224DC14FFF91F3CD6354072A6A81427
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ransomware Attacks are on the Rise—and so is Their CostTwitter iconYouTube icon

Page URL History Show full URLs

https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9... Page URL
https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

234
Requests

97 %
HTTPS

28 %
IPv6

65
Domains

90
Subdomains

63
IPs

9
Countries

5198 kB
Transfer

9391 kB
Size

61
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://careers.commvault.com/Metallic/
Title: Careers

Search URL Search Domain Scan URL

URL: http://docs.metallic.io/
Title: Technical Docs

Search URL Search Domain Scan URL

URL: https://login.metallic.io/
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost&t=Ransomware%20Attacks%20are%20on%20the%20Rise%E2%80%94and%20so%20is%20Their%20Cost
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost&text=Ransomware%20Attacks%20are%20on%20the%20Rise%E2%80%94and%20so%20is%20Their%20Cost
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost&title=Ransomware%20Attacks%20are%20on%20the%20Rise%E2%80%94and%20so%20is%20Their%20Cost
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://krebsonsecurity.com/2020/10/ransomware-victims-that-pay-up-could-incur-steep-fines-from-uncle-sam/
Title: incur fines additional fines

Search URL Search Domain Scan URL

URL: https://safeatlast.co/blog/ransomware-statistics/#gref
Title: downtime due to a ransomware attack is 19 days

Search URL Search Domain Scan URL

URL: https://blogs.gartner.com/andrew-lerner/2014/07/16/the-cost-of-downtime/
Title: Gartner downtime estimates

Search URL Search Domain Scan URL

URL: https://backup.metallic.io/three-must-haves-for-ransomware-data-protection-essentials-for-it-professionals/?utm_term=blog-ad&utm_content=ransomware-ebook

Search URL Search Domain Scan URL

URL: https://www.ibm.com/security/data-breach
Title: https://www.ibm.com/security/data-breach

Search URL Search Domain Scan URL

URL: https://www.infrascale.com/press-release/infrascale-survey-reveals-close-to-half-of-smbs-have-been-ransomware-attack-targets/
Title: Infrascale Survey Reveals Close to Half of SMBs Have Been Ransomware Attack Targets.

Search URL Search Domain Scan URL

URL: https://www.ibm.com/security/digital-assets/cost-data-breach-report/#/
Title: Cost of Data Breach Report

Search URL Search Domain Scan URL

URL: https://cybersecurityventures.com/top-5-cybersecurity-facts-figures-predictions-and-statistics-for-2019-to-2021/
Title: Cybercrime Magazine March 2020

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/metallic_io/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Metallic.io

Search URL Search Domain Scan URL

URL: https://twitter.com/metallic_io
Title: Twitter icon

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCTumBJg44yS70EYQRf5EQ7g
Title: YouTube icon

Search URL Search Domain Scan URL

URL: https://www.commvault.com/legal-notices
Title: Legal Notices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk= Page URL
https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1483634&time=1646165242369&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1483634%26time%3D1646165242369%26url%3Dhttps%253A%252F%252Fmetallic.io%252Fblog%252Fransomware-attacks-rising-cost%253Futm_source%253Dmarketo%2526utm_medium%253Demail%2526utm_campaign%253Dransomware%2526utm_content%253Dransomware-blog%2526mkt_tok%253DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1483634&time=1646165242369&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1483634&time=1646165242369&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&liSync=true&e_ipv6=AQLyI7ESSGx5EwAAAX9HGDR1coxPedSzXJfHw-bnP5TvosZoZuxhu8SWYKevXMmRcviIYTMc

Request Chain 87

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=64E2D1DCD98B46FCAF21B23F2615B60A&RedC=c.clarity.ms&MXFR=35B6E2F777E468193392F3AD73E4665E HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=64E2D1DCD98B46FCAF21B23F2615B60A&MUID=1ADA9A55BC416CA401C58B0FBD2A6DA6

Request Chain 111

https://ad.amgdgt.com/ads/nai-coop-opt-out?action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023 HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023

Request Chain 112

https://r.turn.com/r/optout?action_id=3&participant_id=713&rd=https://preferences-mgr.truste.com&nocache=0.5673121263858787 HTTP 302
https://preferences-mgr.truste.com/token/713/1-2/

Request Chain 113

https://www.shopzilla.com/opt_out_external?action_id=3&participant_id=611&rd=https://preferences-mgr.truste.com&nocache=0.3941657919865462 HTTP 302
https://www.shopzilla.com/ad_retarget_global_opt_out?isExternalOptOut=true&rd=https://preferences-mgr.truste.com&action_id=3&participant_id=611&token=820231515190043643

Request Chain 114

https://googleads.g.doubleclick.net/ads/preferences/naioptout?action_id=3&participant_id=804&rd=https://preferences-mgr.truste.com&nocache=0.4764697012338057 HTTP 302
https://adssettings.google.com/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYh6EAybKSn9OOo-9Lpb-q6EGe3Fm6eSz&aboutads_sess=ACi0TCigUX9PcdJpCD95zhFo7zmt-gBzJOtfHPpkzyEi70h2GshM0MI3w9ltOozuKmh3Wr-U1bZn&status=1 HTTP 302
https://adssettings.google.de/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYh6EAybKSn9OOo-9Lpb-q6EGe3Fm6eSz&aboutads_sess=ACi0TCigUX9PcdJpCD95zhFo7zmt-gBzJOtfHPpkzyEi70h2GshM0MI3w9ltOozuKmh3Wr-U1bZn&status=1&ipr=y HTTP 302
https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYh6EAybKSn9OOo-9Lpb-q6EGe3Fm6eSz/

Request Chain 115

https://ad.wsod.com/coop_api/?action_id=3&participant_id=407&rd=https://preferences-mgr.truste.com/&nocache=0.923107378768995 HTTP 302
https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/

Request Chain 116

https://s.thebrighttag.com/api/privacy/3fLGmeU/nai?action_id=3&participant_id=519&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.7795347357877396 HTTP 307
https://preferences-mgr.truste.com/token/519/1/0

Request Chain 117

https://my.ipredictive.com/optout/aboutads?action_id=3&participant_id=642&rd=https://preferences-mgr.truste.com&nocache=0.13296950321280954 HTTP 302
https://preferences-mgr.truste.com/token/642/1/adelphic

Request Chain 118

https://www.demdex.net/daa/daa_opt.html?action_id=3&participant_id=512&rd=https://preferences-mgr.truste.com&nocache=0.8169025427872048 HTTP 302
https://preferences-mgr.truste.com/token/512/1/1646165243439

Request Chain 119

https://optout.prod.bidr.io/optout?action_id=3&participant_id=781&rd=https://preferences-mgr.truste.com/&nocache=0.2889624511949809 HTTP 302
https://preferences-mgr.truste.com/token/781/1/0b9490d1f38e

Request Chain 120

https://ml314.com/daaoptout.ashx?action_id=3&participant_id=718&rd=https://preferences-mgr.truste.com&nocache=0.1648693917911288 HTTP 302
https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/

Request Chain 121

https://segments.company-target.com/dnt?action_id=3&participant_id=762&rd=https://preferences-mgr.truste.com&nocache=0.35741975563449224 HTTP 302
https://preferences-mgr.truste.com/token/762/1-0/

Request Chain 122

https://casalemedia.com/privacy/optout?action_id=3&participant_id=848&rd=https://preferences-mgr.truste.com&nocache=0.36196806183390584 HTTP 302
https://preferences-mgr.truste.com/token/848/1/SOoxP5wG7osJuZgrvSLkvNphp

Request Chain 123

https://pixel.rubiconproject.com/oba/optout/?action_id=3&participant_id=366&rd=https://preferences-mgr.truste.com/&nocache=0.007899048657263874 HTTP 302
https://preferences-mgr.truste.com//token/366/1-0/84wB7bA0hz

Request Chain 125

https://jadserve.postrelease.com/naioptout?action_id=3&participant_id=755&rd=https://preferences-mgr.truste.com&nocache=0.3245437776890474 HTTP 302
https://preferences-mgr.truste.com/token/755/3/

Request Chain 126

https://u.openx.net/privacy/daa?action_id=3&participant_id=765&rd=https://preferences-mgr.truste.com&nocache=0.4806648486644969 HTTP 302
https://preferences-mgr.truste.com/token/765/1/1646165243/

Request Chain 127

https://px.owneriq.net/nai/optout?action_id=3&participant_id=591&rd=https://preferences-mgr.truste.com&nocache=0.4141005585479318 HTTP 302
https://preferences-mgr.truste.com/token/591/1-1/no-token

Request Chain 129

https://bh.contextweb.com/bh/oba/aboutads/?action_id=3&participant_id=422&rd=https://preferences-mgr.truste.com/&nocache=0.08230272041532749 HTTP 302
https://preferences-mgr.truste.com//token/422/1/Owgk4wsifBFu

Request Chain 130

https://pixel.quantserve.com/optout?action_id=3&participant_id=806&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6556306553870277 HTTP 302
https://preferences-mgr.truste.com/token/806/1-0/O010137803831646165243347/

Request Chain 131

https://i.w55c.net/optout/nai?action_id=3&participant_id=831&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.38906929705434434 HTTP 302
https://preferences-mgr.truste.com/token/831/1-1/282855468

Request Chain 132

https://go.sonobi.com/optout?action_id=3&participant_id=862&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.04403541192169125 HTTP 302
https://preferences-mgr.truste.com/token/862/1/

Request Chain 133

https://ap.lijit.com/cookie_opt_out?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com&nocache=0.23588792455301877 HTTP 302
https://ap.lijit.com/check_optout_cookie?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com HTTP 302
https://preferences-mgr.truste.com/token/742/1/

Request Chain 134

https://privacy.tapad.com/daa-coop?action_id=3&participant_id=428&rd=https://preferences-mgr.truste.com&nocache=0.5977981901662015 HTTP 303
https://preferences-mgr.truste.com/token/428/1/f8b7e5dc-be2f-4171-83df-11d3d5c3307e/

Request Chain 135

https://optout.bigsea.weborama.com/optout?action_id=3&participant_id=747&rd=https://preferences-mgr.truste.com&nocache=0.5439853883155565 HTTP 302
https://preferences-mgr.truste.com/token/747/1-0/csrf

Request Chain 138

https://pixel.mathtag.com/event/img?mt_id=888&mt_nsync&mm_bnc&redir=https%3A%2F%2Fpreferences-mgr.truste.com%2F%2Ftoken%2F807%2F%5BNAI_OPTOUT%5D-1%2Fi79m2ugrp14iddj2r6tn0830a0%2F HTTP 302
https://preferences-mgr.truste.com//token/807/1-1/i79m2ugrp14iddj2r6tn0830a0/

Request Chain 153

https://ad.amgdgt.com/ads/opt-out?op=check&src=MST&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D7918982912802816%26pf%3Damg%26st%3D HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=7918982912802816&pf=amg&st=nt HTTP 302
https://cdn.amgdgt.com/base/pixels/transparent.gif

Request Chain 154

https://r.turn.com/r/optout?src=amobee&type=status&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D2410551700550057984%26pf%3Dturn%26st%3D HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=2410551700550057984&pf=turn&st=t HTTP 302
https://cdn.amgdgt.com/base/pixels/transparent.gif

Request Chain 155

https://ingest.tidaltv.com/opt-out?op=givethestatus&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D-3121838966697885696%26pf%3Dvid%26st%3D HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=-3121838966697885696&pf=vid&st=nt HTTP 302
https://cdn.amgdgt.com/base/pixels/transparent.gif

234 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk= Show response
email.metallic.io/ 582 B
1008 B 1054ms
409ms Document
text/html 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6f2c33d85808631654396754b400d30704503bbbea66d719fb624f222798ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 01 Mar 2022 20:07:20 GMT
content-type: text/html
cache-control: private, no-cache, no-store, max-age=0
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e5484b1486d6925-FRA
content-encoding: gzip

GET
H2 200 Primary Request ransomware-attacks-rising-cost Show response
metallic.io/blog/ 74 KB
17 KB 550ms
525ms Document
text/html 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA

Requested by

Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

d8acea20201f88e86ac080f7fcb7f2badecd9e20a16c507b9fe7e83733e6b055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://email.metallic.io/

Response headers

server: nginx
date: Tue, 01 Mar 2022 20:07:21 GMT
content-type: text/html; charset=UTF-8
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-pingback: https://metallic.io/xmlrpc.php
link: <https://metallic.io/wp-json/>; rel="https://api.w.org/" <https://metallic.io/wp-json/wp/v2/posts/4399>; rel="alternate"; type="application/json" <https://metallic.io/?p=4399>; rel=shortlink
x-elasticpress-query: true
x-rq: hhn2 0 2 9980
cache-control: max-age=300, must-revalidate
content-encoding: gzip
age: 0
x-cache: miss
vary: Accept-Encoding
accept-ranges: bytes

GET
H2 200 /
metallic.io/_static/ 15 KB
3 KB 8ms
6ms Stylesheet
text/css 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://metallic.io/_static/??-eJx9y0EOgkAMheELMRQDmbgxnqV2Gql2ZgitIdweWJjIxuXL/z5YpiCF9JPY4GWQOQmycubipzEprjwH5SfS2mYpLZk18I/v7XefENXix8fHvR3OUVVIKiQxh4dWeluwEWdOX3jPt0scYtd3cbhukVxEbw==

Requested by

Host: metallic.io
URL: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
x-rq: hhn2 0 2 9980
last-modified: Mon, 28 Feb 2022 06:44:08 GMT
server: nginx
age: 100994
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 3431

GET
H2 200 /
metallic.io/_static/ 4 KB
1 KB 8ms
7ms Stylesheet
text/css 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://metallic.io/_static/??-eJx1jMEOgyAQRH9IXI2G9NL0WygSsskuEHax8e/F9mpvk5k3Dz7F+Jw0JIVCLWIS8Jl5d420LzXAhqLgRUD0oDD2NMDNi4M6IvSmZFHDGKtTzAlKe/f2K/iDmB9ymV/8nO1qp2Wy6+MEXEI6Gg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4304d53980a45418be2c4d7806b889b1d17e8d18410e631a2817e71175a75187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
x-rq: hhn2 0 2 9980
last-modified: Mon, 28 Feb 2022 06:44:08 GMT
server: nginx
age: 100994
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 1108

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 148ms
52ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Overpass%3Awght%40300%3B400&display=swap&ver=1.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e466990af9258cc57867c013d198f0b23b8c351c804e9bb83b997221ad80ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 20:07:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Mar 2022 20:07:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Mar 2022 20:07:21 GMT

GET
H2 200 frontend.min.css
metallic.io/wp-content/themes/metallicio/dist/ 350 KB
48 KB 8ms
7ms Stylesheet
text/css 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://metallic.io/wp-content/themes/metallicio/dist/frontend.min.css?m=1646031168g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8b88a848cf931c68500df112efc770e08ead3fdaf4d3ee96afdba0fcf5561f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
x-rq: hhn2 0 2 9980
last-modified: Mon, 28 Feb 2022 06:52:48 GMT
server: nginx
age: 100884
etag: W/"621c7140-5781a"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 48651
expires: Wed, 01 Mar 2023 20:07:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
755 B 149ms
53ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Overpass%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C600%3B1%2C700&display=swap&ver=0.1.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17f48a4197f2c7e1e809378704ccc4e736a4cc079db4aba670c4eb7f800fd4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 20:07:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Mar 2022 20:07:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Mar 2022 20:07:21 GMT

GET
H2 400 css2
fonts.googleapis.com/ 0
0 148ms
52ms Stylesheet
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=Work+Sans%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3A0%2C700%3B1%2C400%3B1%2C500%3B1%2C600%3A1%2C700&display=swap&ver=0.1.4
Requested by: Host: metallic.io
URL: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 notice Show response
consent.trustarc.com/ 9 KB
4 KB 83ms
37ms Script
text/javascript 18.66.122.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=commvault.com&c=teconsent&text=true&js=bb&noticeType=bb&ver=0.1.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-97.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

aadb42a6b797ccc99cc7c5fd3bdba909ded7f91efced3d3310371b3607aeb479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
vary: Accept-Encoding, Origin
content-length: 3675
x-xss-protection: 1; mode=block
timing-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
cache-control: max-age=3600
cloudfront-viewer-country-region: HE
x-amz-cf-id: SYUDGRlIxRJIXSCxsbMUrn1H3be6wkbTuEpX1nY9f_m_hpCeOGFtKQ==
expires: Tue, 01 Mar 2022 21:07:21 GMT

GET
H2 200 Metallic-Logo-RGB-Tagline-horizontal-updated.svg
metallic.io/wp-content/uploads/2022/01/ 8 KB
3 KB 11ms
10ms Image
image/svg+xml 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metallic.io/wp-content/uploads/2022/01/Metallic-Logo-RGB-Tagline-horizontal-updated.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

eb179929559d1c782a136ac57fc47905b297c9e68b98365374ac278319745ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
content-encoding: gzip
x-rq: hhn2 109 28 443
last-modified: Mon, 10 Jan 2022 09:08:52 GMT
server: nginx
etag: W/"9afb58eecc54fb5e"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
expires: Thu, 19 Jan 2023 07:08:51 GMT

GET
H2 200 shutterstock_680078878.png
metallic.io/wp-content/uploads/2021/06/ 295 KB
295 KB 11ms
11ms Image
image/webp 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metallic.io/wp-content/uploads/2021/06/shutterstock_680078878.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6957b64b02efebbf48a55597d6e175b1ec552822345654e7c1e0ed0c53632898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
x-rq: hhn2 109 28 443
last-modified: Fri, 25 Feb 2022 09:31:30 GMT
server: nginx
etag: "a6c2ee910e7df180"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 301916
expires: Sat, 25 Feb 2023 09:31:30 GMT

GET
H2 200 metallic-graylogo.svg
metallic.io/wp-content/uploads/2022/01/ 4 KB
2 KB 11ms
10ms Image
image/svg+xml 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metallic.io/wp-content/uploads/2022/01/metallic-graylogo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ee8d5d161bcef2070811164968a2aff65f5523103c80cc1415e0e27b38f9d2cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
content-encoding: gzip
x-rq: hhn2 109 195 443
last-modified: Wed, 19 Jan 2022 06:35:55 GMT
server: nginx
etag: W/"d1f7fc547e48c635"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
expires: Thu, 19 Jan 2023 07:08:51 GMT

GET
H2 200 / Show response
metallic.io/_static/ 68 KB
21 KB 7ms
7ms Script
application/javascript 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://metallic.io/_static/??/wp-content/themes/metallicio/dist/blocks-shared.min.js,/wp-content/plugins/commvault-core/dist/js/frontend.js?m=1646030648j

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

64e7f223aa27af5611afe45e200eb2efad20383f6979d2ac051512b06a4ec956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
x-rq: hhn2 0 2 9980
last-modified: Mon, 28 Feb 2022 06:44:08 GMT
server: nginx
age: 100993
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 21500

GET
H2 200 p.js Show response
cdn.parsely.com/keys/metallic.io/ 47 KB
18 KB 63ms
13ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/metallic.io/p.js?ver=3.1.2
Requested by: Host: metallic.io
URL: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 164eadf61091beb5ac1acb6f54f317cd64e4385df4d341a8ace9ba47bfbffa3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Mon, 28 Feb 2022 22:33:58 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 20:50:11 GMT
server: nginx
age: 77603
etag: W/"619c0283-bd21"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: PPmRc41OybkcOgFqVpMfAyf_F2CtvzaAt0oEELfpJ2OuziA9MndTeQ==
expires: Tue, 01 Mar 2022 22:33:58 GMT

GET
H2 200 / Show response
metallic.io/_static/ 112 KB
36 KB 7ms
7ms Script
application/javascript 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://metallic.io/_static/??-eJyFjFEOQDAQBS+ErZDGjzhLw2Klu210cX0l/v3OmzdwxXIMoigKuiJjAkZ13tNIASZKGaMcj8QxSNZKcSctTilIxSTVlgr4j8z7u0/fZeC+tq01jbFtt91U1jEX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ce97b5b05596e26c4672e413305c7397187fc58c149f50d4eb3da6fe655c0919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
x-rq: hhn2 0 2 9980
last-modified: Mon, 28 Feb 2022 06:44:08 GMT
server: nginx
age: 100992
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 37030

GET
H2 200 e-202209.js Show response
stats.wp.com/ 9 KB
3 KB 44ms
19ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202209.js
Requested by: Host: metallic.io
URL: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT hhn
date: Tue, 01 Mar 2022 20:07:21 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 19 Feb 2023 22:10:15 GMT

GET
H2 200 v1.7-458 Show response
consent.trustarc.com/asset/notice.js/v/ 75 KB
24 KB 43ms
21ms Script
text/javascript 18.66.122.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-458

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=commvault.com&c=teconsent&text=true&js=bb&noticeType=bb&ver=0.1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-97.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

b62c80a53749bed7d1e8d6a4798f744e4701e66c8383e301621ad8839b24b09c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://metallic.io/
Origin: https://metallic.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:06:33 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 48
x-cache: Hit from cloudfront
pragma: public
access-control-allow-origin: *
last-modified: Mon, 21 Feb 2022 05:49:07 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: gyqHcEKLVHPievFv0IBJlEFsywrTHyFkZWHp87hvcsJG8RX3fg35xw==
expires: Thu, 31 Mar 2022 20:06:33 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
439 B 44ms
44ms Image
image/gif 18.66.122.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=commvault.com&country=de&state=&behavior=expressed&c=2573

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-97.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:21 GMT
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P2
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 43
x-amz-cf-id: 29cKaNg-oqv_CVyBeLzNkgDRisKatIFWPtFYYxTnx5OP1_lt9EdK1A==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 271 KB
79 KB 204ms
106ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLQ2J4B

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f188e298b56dfe3917c25c541c55281dff71054d14d6c19ab1e1a899274713e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80864
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Mar 2022 20:07:21 GMT

GET
DATA 200
OK truncated
/ 235 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b3ac7ddaa35b0fc1ba106e515c24f0fb69e456be8b61288ce0f3aaaf05153f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 350 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae0f7150c7e66afac49f64b4c5e1be6e19ba47d4ec06468d80a35277dc770ebc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 314 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a2f4a9bc789be30ec09086ae27f1a3a84948889dd616a11636b9d17bdbd311d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 672 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e90ae9c24c586e1b37a2073ad5c6ebda82e99b15622c9db9b9e8ea05b5b35dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 background-stripes-1.png
metallic.io/wp-content/themes/metallicio/assets/images/ 105 KB
103 KB 207ms
207ms Image
image/png 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metallic.io/wp-content/themes/metallicio/assets/images/background-stripes-1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ac8cd2296fbd4fe0dd300fd6d1cf0e08192bc5ec440c3273645c7bf42d7fc286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
x-rq: hhn2 0 2 9980
last-modified: Mon, 28 Feb 2022 06:35:22 GMT
server: nginx
age: 0
etag: W/"621c6d2a-1a367"
strict-transport-security: max-age=31536000
x-cache: miss
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
expires: Wed, 01 Mar 2023 20:07:21 GMT

GET
H2 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v10/ 38 KB
38 KB 173ms
64ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v10/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Overpass%3Awght%40300%3B400&display=swap&ver=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

995dfb0c839090c9461662fca31b3d886f80dd9e881db8ea224374866eade55f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metallic.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 21:13:11 GMT
x-content-type-options: nosniff
age: 600850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38496
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:25:12 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 21:13:11 GMT

GET
H2 200 ransomware-essentials-ebook-metallic-blog-ad.png
metallic.io/wp-content/uploads/2021/07/ 30 KB
30 KB 233ms
232ms Image
image/webp 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metallic.io/wp-content/uploads/2021/07/ransomware-essentials-ebook-metallic-blog-ad.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fe2d26d250a44b30fcc9fe96ace1adcb8e473d0464daab91012aa1921af91959

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
x-rq: hhn2 109 32 443
last-modified: Tue, 01 Mar 2022 20:07:21 GMT
server: nginx
etag: "c616c32acdf35534"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 30428
expires: Wed, 01 Mar 2023 20:07:21 GMT

GET
H2 200 metallic-dialog-it-blog-image-2.0.jpg
metallic.io/wp-content/uploads/2022/01/ 38 KB
38 KB 9ms
8ms Image
image/webp 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metallic.io/wp-content/uploads/2022/01/metallic-dialog-it-blog-image-2.0.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

956f75fd3592d8f5bfbaca1aa6786d7eaae837403ba554b90bfe0b5ae659cb72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
x-rq: hhn2 109 140 443
last-modified: Thu, 20 Jan 2022 17:02:55 GMT
server: nginx
etag: "6780fef85cdf3c2d"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 38786
expires: Fri, 20 Jan 2023 17:02:55 GMT

GET
H2 200 featured-image.jpg
metallic.io/wp-content/uploads/2021/10/ 2 MB
2 MB 12ms
12ms Image
image/webp 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metallic.io/wp-content/uploads/2021/10/featured-image.jpg?resize=2048,1152

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bef01773c378482c62f5ce6db2ddfc11137ec90d4b4b563a1724302c08e08edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
x-rq: hhn2 109 30 443
last-modified: Mon, 28 Feb 2022 13:06:39 GMT
server: nginx
etag: "2fef10a8739fc238"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2437562
expires: Tue, 28 Feb 2023 13:06:39 GMT

GET
H2 200 shutterstock_670189804.png
metallic.io/wp-content/uploads/2022/01/ 259 KB
260 KB 18ms
17ms Image
image/webp 2a04:fa87:fffd::c000:4280
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metallic.io/wp-content/uploads/2022/01/shutterstock_670189804.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4280 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6a20c9e4c7d18411043e1ccb7e9dd55a9722692c92d3af3382d77f76b2debb22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
x-rq: hhn2 109 88 443
last-modified: Tue, 25 Jan 2022 18:30:16 GMT
server: nginx
etag: "8eab338d36ee6897"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 265712
expires: Wed, 25 Jan 2023 18:30:16 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 509ms
109ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1646165241825&plid=37933577&idsite=metallic.io&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&urlref=https%3A%2F%2Femail.metallic.io%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&sref=https%3A%2F%2Femail.metallic.io%2F&sts=1646165241823&slts=0&title=Ransomware+Attacks+are+on+the+Rise%E2%80%94and+so+is+Their+Cost&date=Tue+Mar+01+2022+20%3A07%3A21+GMT%2B0000+(GMT)&action=pageview&pvid=64253752&u=pid%3Dc47b5a07e0878b85399a9e304cc953d7
Requested by: Host: metallic.io
URL: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:22 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 01-Mar-2022 20:07:22 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 27ms
26ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.6&blog=164172007&post=4399&tz=-5&srv=metallic.io&host=metallic.io&ref=https%3A%2F%2Femail.metallic.io%2F&fcp=746&rand=0.44276697227046125
Requested by: Host: metallic.io
URL: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 01 Mar 2022 20:07:21 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame FECE 5 KB
3 KB 165ms
72ms Document
text/html 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/

Response headers

content-type: text/html; charset=UTF-8
server: nginx
last-modified: Thu, 13 Jan 2022 06:15:36 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 01 Mar 2022 20:07:21 GMT
etag: W/"5147-1642054536000"
vary: Accept-Encoding Origin
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: RefreshHit from cloudfront
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: I6UVmMPraRmki2v-AOpSU3ksmEa8Yn-OtruhIqKXw_ZSz5RWwZ42MA==

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
539 B 58ms
58ms Image
image/gif 18.66.122.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=commvault.com&behavior=expressed&country=de&language=de&rand=0.38601107202641827

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-97.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
x-content-type-options: nosniff
timing-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: max-age=3600
cloudfront-viewer-country-region: HE
x-amz-cf-id: lyOKcepPu3BLQdnfErOUaY4nEha1u4PyhiP9ROuqYCHl93KYIYJBJQ==
expires: Tue, 01 Mar 2022 21:07:21 GMT

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame FECE 5 KB
2 KB 55ms
55ms Script
application/javascript 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

3cd6119e76764c2fbc4c7a979f8c22754bf6abd76a635bb0554ce18f838c60d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 06:15:54 GMT
server: nginx
x-amz-cf-pop: FRA56-P4
etag: W/"4867-1642054554000"
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: MAb4jafrgSURXVFJM8wPbR42lRBSh76dtx35ZsC6j-q-53jaHi9xuA==
expires: Tue, 01 Mar 2022 20:07:21 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame FECE 20 KB
5 KB 119ms
16ms Script
text/javascript 52.222.236.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-81.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Fri, 18 Feb 2022 14:49:55 GMT
content-encoding: gzip
server: nginx
age: 969447
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
x-amz-cf-id: xbnXzzL0uMi_ZmjhXmpi2neSEFtpBciFuvnM4jRh4tRU1SJS4F6_WQ==
expires: Sun, 20 Mar 2022 14:49:55 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame FECE 3 KB
3 KB 33ms
33ms Image
image/gif 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 07:33:22 GMT
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 45240
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2608
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jan 2022 06:15:36 GMT
server: nginx
etag: W/"2608-1642054536000"
vary: Origin
content-type: image/gif
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: b6FEo2Jn8pTA5q71DYRsWS2Icx2XHExR6A93-FtbFcoN6Q6-T-8DKg==

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 92 KB
37 KB 172ms
57ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-N742X6J

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLQ2J4B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf71007b8b662a1db0af2b052e696f7a1287240c3f8a88b63fca6da8a08a3909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37009
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Mar 2022 20:07:22 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 99ms
38ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLQ2J4B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2B403538504449309EDB13A4BD305F24 Ref B: FRAEDGE1506 Ref C: 2022-03-01T20:07:22Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 193ms
78ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLQ2J4B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 20:07:22 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1006 B
792 B 117ms
27ms Script
application/x-javascript 2a02:26f0:11a::6867:4868
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLQ2J4B
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4868 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 18:48:07 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=59344
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 479

GET
H2 200 9946.js Show response
script.crazyegg.com/pages/scripts/0087/ 5 KB
2 KB 97ms
39ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0087/9946.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLQ2J4B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d934a4ba4a03db8be0212417bbb1d6f781b95d6e61869124d7fcc7ca1c6a5b6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 98767
cf-polished: origSize=4899
cf-ray: 6e5484bb6fca9b3d-FRA
ce-version: 11.1.385
last-modified: Mon, 28 Feb 2022 16:41:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 127ms
10ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLQ2J4B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:44:37 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200092-IAD, cache-hhn11581-HHN

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 83ms
15ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 71ms
15ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: TymZJeBcHAut2VXuCuJp+ES7OAyeOUxONOcIXRjcY5YvCDD463tH+fHGdcxywwi4qasQ9o1EBB+qiKdtGowRGQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 01 Mar 2022 20:07:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 31 KB
13 KB 156ms
38ms Script
application/javascript 34.241.131.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?12
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.131.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-131-177.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cd5489dc88fd8e9e9ea9cacf8077f8b20446d10fab97186491fe62079051a10d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=86400
transfer-encoding: chunked
Connection: keep-alive

GET
H2 200 4323.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 262ms
184ms Script
text/javascript 2606:4700::6812:1bbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/4323.js?p=https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&e=

Requested by

Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1bbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 4eeeede6-5e5f-493e-89c4-65c2e2227ba8
x-runtime: 0.005125
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-ray: 6e5484bc0acc5c50-FRA

GET
H2 200 4325.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
412 B 261ms
189ms Script
text/javascript 2606:4700::6812:1bbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/4325.js?p=https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&e=

Requested by

Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1bbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 18c26219-19dd-40da-9974-2a67009e03da
x-runtime: 0.005294
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-ray: 6e5484bc0ad05c50-FRA

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 98ms
28ms Script
application/javascript 104.111.228.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLQ2J4B

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.228.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-137.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Tue, 01 Mar 2022 20:07:22 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Tue, 08 Mar 2022 20:07:22 GMT

GET
H2 200 4zp3yrhme5 Show response
www.clarity.ms/tag/ 572 B
952 B 250ms
164ms Script
application/x-javascript 2620:1ec:27::cafe:1835
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/4zp3yrhme5
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1835 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 66c6c41f725bfe1f74a06f73cad51eaab03d48aae8ff2b35cf5d077c804f97e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:21 GMT
x-powered-by: ASP.NET
x-azure-ref: 0+nweYgAAAAD0vArhs9+5QZxQVPNh4jbsV0FXMDFFREdFMDUxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
content-length: 572
expires: -1

GET
H2 200 / Show response
bddbeb1bec394be790c50af5e47b2319.js.ubembed.com/ 2 KB
1 KB 229ms
139ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bddbeb1bec394be790c50af5e47b2319.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLQ2J4B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b55e624656d93b66a9919eb92450179d6fed8bef251f336c0b455718edcdcf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 0
etag: 2bc40613183171acaf344afbd2d48653-v0.179.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA56-C1
accept-ranges: none
x-amz-apigw-id: OUh3JFLBjoEFWaQ=

GET
H2 200 kdy73m2n4mrd.js Show response
js.driftt.com/include/1646165400000/ 228 KB
65 KB 178ms
148ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1646165400000/kdy73m2n4mrd.js

Requested by

Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

36a812e3009bc06685082e8b416e86c3998ba3a177fa6a325c3d202544f5d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:25:14 GMT
server: nginx
etag: W/"409d8b51f56bf98e578b0d27c682a924"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: s7mbKXQBeTe7Ti1ObHYPw9olyh3FYJod
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CQdrcKtN7G2WWOnufT21ccEwkKm0j7y4ZAooxbcOOaQVKDRc6xXOKg==

GET
H/1.1 200
OK rtp.js Show response
abrtp2-cdn.marketo.com/rtp-api/v1/ 152 KB
42 KB 1462ms
138ms Script
application/x-javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=commvault2

Requested by

Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

db1f89ccfbe08e886bee02b177d3b16bd48807945d3cbf2747db5588e4c90691

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 22 Jan 2022 03:21:34 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Jan 2022 03:21:34 GMT
Server: Jetty(7.3.1.v20110307)
Strict-Transport-Security: max-age=63113904
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=300
Transfer-Encoding: chunked
Connection: close

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 2 KB
1 KB 149ms
77ms Script
text/javascript 2606:4700::6812:5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Oct 2021 14:31:37 GMT
server: cloudflare
age: 11
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Tue, 01 Mar 2022 20:17:11 GMT
cache-control: max-age=1200
cf-ray: 6e5484bcbe629b58-FRA
cf-bgj: minify

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 89ms
19ms Script
application/x-javascript 108.157.1.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLQ2J4B
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-1-118.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 03:31:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 59726
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P2
X-Amz-Cf-Id: ldd_ws77KBhEYz0GG4-fSm93mTf952nNpEjYn7SC4-kYGnSgbSst4w==

GET
H2 200 1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9431 139 KB
46 KB 29ms
29ms Document
text/html 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c0ceb762aaf12dd39c504c27dc678ff8d7e8b093e0a432578d0cf55a83a8f367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 24 Jan 2022 02:12:54 GMT
server: nginx
etag: W/"142808-1642054554000"
last-modified: Thu, 13 Jan 2022 06:15:54 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
vary: Accept-Encoding Origin
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: azUVdSebMWJbHYA0d-DR5RQc5woNl71zSdB6u9Y7cRs8PaaahXcRtg==
age: 3174868

GET
H2 200 695551514534802 Show response
connect.facebook.net/signals/config/ 307 KB
88 KB 76ms
76ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/695551514534802?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52bdb3604507e2cd379a5d6747acbac4c6ddf8a5818946a5d0c4e21a3e362086

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: sDAjhFpV0G11v1ulgx8ggGtABZh3L3n2ivwqGbPdrcuVpTdC04mOvYCioR52oXu+TfcBp2c7thV7LOyk+cw3Rg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 01 Mar 2022 20:07:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame FECE 969 B
892 B 43ms
42ms XHR
application/json 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

edb378ec33f8cd7235d0d1451912782c10e64b73851b8005987dfbb2b24b0a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 1BA9599302A8CB9B1743FB1B18BBBC3E
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
access-control-expose-headers: *
content-disposition: attachment
access-control-allow-origin: *
content-length: 462
x-xss-protection: 1; mode=block
x-amz-cf-id: Ku5_-iySOaXn31ON28-rNfZuohlQ1j6m2nSXmxqhZnhAyE5j2wh-QA==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame FECE 48 B
458 B 42ms
42ms XHR
application/json 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a8331de9ccde3bf73eeba74be1c2a1941d4863960dc68f8972c6bdf3133f5d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 1BA9599302A8CB9B1743FB1B18BBBC3E
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
content-disposition: attachment
content-length: 48
x-xss-protection: 1; mode=block
x-amz-cf-id: wigRV0243WOPaS4346tLtR14T5Olr05AOpVignj0a3rcWhV4zImYuQ==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 17ms
17ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Thu, 09 Jun 2022 20:07:22 GMT

GET
H2 200 9946.json Show response
script.crazyegg.com/pages/data-scripts/0087/ 10 KB
2 KB 93ms
70ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0087/9946.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0087/9946.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c2fc44f519bfa5633f0fa123d03a9c6f7ce40053e07c598a6f580c59d9cab2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 98766
ce-version: 11.1.385
content-length: 1865
timing-allow-origin: *
last-modified: Mon, 28 Feb 2022 16:41:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6e5484bbee3e5b44-FRA

GET
H2 204 4066587.js Show response
bat.bing.com/p/action/ 0
93 B 243ms
243ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4066587.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 01 Mar 2022 20:07:22 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 30D73CFBCB7A45B99FB387BE36D0A21D Ref B: FRAEDGE1506 Ref C: 2022-03-01T20:07:22Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
173 B 36ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4066587&tm=gtm002&Ver=2&mid=a98e1599-0787-4a19-8e80-9e45dc1b3fd6&sid=3488ae30999b11ecaee535d4231a2857&vid=3488cc40999b11ec82fc975e0e116995&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ransomware%20Attacks%20are%20on%20the%20Rise%E2%80%94and%20so%20is%20Their%20Cost&p=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&r=https%3A%2F%2Femail.metallic.io%2F&lt=857&evt=pageLoad&msclkid=N&sv=1&rn=850657
Requested by: Host: metallic.io
URL: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 84F423D3359544F386DCC374431CA363 Ref B: FRAEDGE1506 Ref C: 2022-03-01T20:07:22Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 35ms
35ms Script
application/x-javascript 2a02:26f0:11a::6867:4868
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4868 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 23:50:54 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=72281
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
457 B 186ms
143ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5wql&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e486591e-07b1-4cbc-8825-eb217fb43d80&tw_document_href=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 110
date: Tue, 01 Mar 2022 20:07:21 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 56732bae28b340a1754fe7c5519fa2c0cbf09b5ed7f208ea5b0725e13045533f
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
337 B 405ms
340ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5wql&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e486591e-07b1-4cbc-8825-eb217fb43d80&tw_document_href=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 113
date: Tue, 01 Mar 2022 20:07:21 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5a9cf6b85740a97579dd468ed1a5e44a44066c22465cd78459ca1070f3f90a02
content-length: 43

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame FECE 28 KB
7 KB 54ms
54ms Stylesheet
text/css 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

75b9505ae007f8cc3bc1c5858b2010548ad36d39f1720b71be444a6238b4b8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 06:15:36 GMT
server: nginx
x-amz-cf-pop: FRA56-P4
etag: W/"28907-1642054536000"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: text/css
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: t46bW8j6krU_oVdseOwHmVddHYwHOwdllx9DFt7QubwXv1d-6F_vDA==
expires: Tue, 01 Mar 2022 20:07:21 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/1BA9599302A8CB9B1743FB1B18BBBC3E/ Frame FECE 252 KB
86 KB 17ms
16ms XHR
application/javascript 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/1BA9599302A8CB9B1743FB1B18BBBC3E/10.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

70dcce07bdeb90146081aca50ece25831a6345eebca1b7a71ada3413dfbc357d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 02:13:14 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 06:15:54 GMT
server: nginx
age: 3174848
etag: W/"258145-1642054554000"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: byK01-b0O6KRjHiV5y0OVr4rkEmNiNXKsqfc_mciuTEKlRG0PfWCcQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 50ms
50ms Script
application/javascript 34.241.131.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=59979&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&pv=1646165242243_c35zw41ow&bl=en-us&cb=7645161&return=&ht=&d=&dc=&si=1646165242243_c35zw41ow&cid=&s=1600x1200&rp=https%3A%2F%2Femail.metallic.io%2F
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.131.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-131-177.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Mar 2022 20:07:21 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H/1.1 200
OK 89419 Show response
stags.bluekai.com/site/ Frame F13E 71 B
338 B 272ms
188ms Document
text/html 104.92.72.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/89419?ret=html&phint=__bk_t%3DRansomware%20Attacks%20are%20on%20the%20Rise%E2%80%94and%20so%20is%20Their%20Cost&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Femail.metallic.io%2F&phint=__bk_l%3Dhttps%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&phint=__bk_v%3D3.1.10&limit=1&r=99599784
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.72.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-72-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: dde4
Date: Tue, 01 Mar 2022 20:07:22 GMT
Connection: keep-alive
X-N: S

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/1BA9599302A8CB9B1743FB1B18BBBC3E/ Frame FECE 19 KB
8 KB 16ms
16ms XHR
application/javascript 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/1BA9599302A8CB9B1743FB1B18BBBC3E/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

13b64eac810929d5c8a140f9a28ebec23c9b985399aa87e63789e68978751d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 02:13:03 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 06:15:54 GMT
server: nginx
age: 3174859
etag: W/"19640-1642054554000"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: uMeTqkwjVVErlNuQiYgHhNFgl6uJiSfDMabfak3bB5GHkbB4Br1JpQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 11.1.385.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 75 KB
24 KB 29ms
29ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.385.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0087/9946.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7bd84ecd395344c15bcd1274e5fd10c3749c976ed8cde0e31255c79ee843362

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 09 Feb 2022 00:10:28 GMT
server: cloudflare
age: 111231
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6e5484bc7add9b3d-FRA
content-length: 24714

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/710121479/ 3 KB
1 KB 216ms
77ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/710121479/?random=1646165242311&cv=9&fst=1646165242311&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&ref=https%3A%2F%2Femail.metallic.io%2F&tiba=Ransomware%20Attacks%20are%20on%20the%20Rise%E2%80%94and%20so%20is%20Their%20Cost&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

549daa3ce91e66784ded8205147e4a1b6a067e9cba60ea28688008aba4b492b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/527209523/ 3 KB
2 KB 211ms
74ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/527209523/?random=1646165242313&cv=9&fst=1646165242313&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&ref=https%3A%2F%2Femail.metallic.io%2F&tiba=Ransomware%20Attacks%20are%20on%20the%20Rise%E2%80%94and%20so%20is%20Their%20Cost&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4bd67d4fc98e5ba558294a54286278118dc955d774209e4a45bf8024e52ce4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 38ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=695551514534802&ev=PageView&dl=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&rl=https%3A%2F%2Femail.metallic.io%2F&if=false&ts=1646165242325&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1646165242324.1291325842&it=1646165242180&coo=false&exp=p1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 01 Mar 2022 20:07:22 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame 8F37 5 KB
2 KB 855ms
96ms Document
text/html 34.195.72.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.72.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-72-147.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

date: Tue, 01 Mar 2022 20:07:23 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
etag: W/"5014-1597208285000"
last-modified: Wed, 12 Aug 2020 04:58:05 GMT
content-encoding: gzip

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame FECE 798 B
787 B 281ms
280ms XHR
application/json 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5e6c049ade0de68b7a3a2b859bb80d8ec08b6afc06d277db6d3725adb0d86015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 1BA9599302A8CB9B1743FB1B18BBBC3E
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
access-control-expose-headers: *
content-disposition: attachment
access-control-allow-origin: *
content-length: 358
x-xss-protection: 1; mode=block
x-amz-cf-id: FB9De4io_4iiKsVcZFD6fQe6QS8dqi_-0s9MqwnMemy3WnUsGrIODQ==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame FECE 14 KB
5 KB 91ms
91ms XHR
application/json 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

06cca6b11f5b8e2613ec81274222cc899d30bd7a5eae4196e0baf836eb7cdd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 1BA9599302A8CB9B1743FB1B18BBBC3E
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
access-control-expose-headers: *
content-disposition: attachment
access-control-allow-origin: *
content-length: 4347
x-xss-protection: 1; mode=block
x-amz-cf-id: BTFul1bvRCPBxpDRlnP9WG1eh2KyLUHPrH0_L4v98SNEa2YsKVtpvg==

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 103ms
43ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLQ2J4B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 150
date: Tue, 01 Mar 2022 20:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 01 Mar 2022 22:04:52 GMT

POST
H/1.1 200
OK visitWebPage
369-hbc-165.mktoresp.com/webevents/ 2 B
311 B 972ms
99ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://369-hbc-165.mktoresp.com/webevents/visitWebPage?_mchNc=1646165242358&_mchCn=&_mchId=369-HBC-165&_mchTk=_mch-metallic.io-1646165242358-46294&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&_mchHo=metallic.io&_mchPo=&_mchRu=%2Fblog%2Fransomware-attacks-rising-cost&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Femail.metallic.io%2F&_mchQp=utm_source%3Dmarketo__-__utm_medium%3Demail__-__utm_campaign%3Dransomware__-__utm_content%3Dransomware-blog__-__mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:23 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: cede0aa5-d3ba-4774-85ca-3253d8a568ba

GET
H2 200 9946.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0087/ 340 B
289 B 63ms
63ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0087/9946.json?t=457268
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.385.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3cd91fb71b767534befd0b8ee1edd5f4eba3241eddbbf2efb17d8b223892160

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 48882
ce-version: 11.1.385
content-length: 195
timing-allow-origin: *
last-modified: Tue, 01 Mar 2022 06:32:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6e5484bcc8265b44-FRA

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1483634&time=1646165242369&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1483634%26time%3D1646165242369%26url%3Dhttps%253A%252F%252Fmetallic.io%252Fblog%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1483634&time=1646165242369&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1483634&time=1646165242369&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26ut...

0
264 B

182ms
155ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1483634&time=1646165242369&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&liSync=true&e_ipv6=AQLyI7ESSGx5EwAAAX9HGDR1coxPedSzXJfHw-bnP5TvosZoZuxhu8SWYKevXMmRcviIYTMc
Requested by: Host: metallic.io
URL: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 42DCEA4D76D04F0FA26FCE61CB0D1E3C Ref B: FRAEDGE1412 Ref C: 2022-03-01T20:07:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZLbaQUF1Ov8QACbG7Ng==
x-li-fabric: prod-ltx1

Redirect headers

date: Tue, 01 Mar 2022 20:07:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5BCF7EF6969341A293CFC6CDC7CB858A Ref B: VIEEDGE3211 Ref C: 2022-03-01T20:07:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1483634&time=1646165242369&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&liSync=true&e_ipv6=AQLyI7ESSGx5EwAAAX9HGDR1coxPedSzXJfHw-bnP5TvosZoZuxhu8SWYKevXMmRcviIYTMc
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZLbaMsSSuZhSoCnYYUg==

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
419 B 205ms
28ms XHR
binary/octet-stream 52.222.236.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.385.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-90.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 13:52:43 GMT
via: 1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 6070480
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 19
x-amz-cf-id: IGH7h7Iy9mO7z4TLBbC3Se29jkv1Spv_SM3a1uGa9yXYiO-DrsfiWQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
419 B 320ms
16ms XHR
binary/octet-stream 13.224.241.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.385.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.241.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-241-39.lhr62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 02:43:20 GMT
via: 1.1 299d6cdcc49a194864ae1dbfa6512d00.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 2481843
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: LHR62-C3
accept-ranges: bytes
content-length: 19
x-amz-cf-id: _h1dOmLG743cVX-kmgdCsj3fIMPy4kmhcAMijXlRPKL4hG2wsq0BGQ==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame FECE 4 KB
5 KB 39ms
38ms Image
image/png 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 07:38:40 GMT
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 44922
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4197
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jan 2022 06:15:36 GMT
server: nginx
etag: W/"4197-1642054536000"
vary: Origin
content-type: image/png
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: NWuS364cEzJizExx6ueqWzBAPxim2NslQRhPpbVyhxauCAZvvbSjZg==

GET
BLOB 200
OK c7ecdf42-64a1-47c1-80b6-4eab4f23ac6b
https://metallic.io/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://metallic.io/c7ecdf42-64a1-47c1-80b6-4eab4f23ac6b
Requested by: Host: metallic.io
URL: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.1/ 173 KB
47 KB 189ms
48ms Script
application/javascript 13.224.241.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by: Host: bddbeb1bec394be790c50af5e47b2319.js.ubembed.com
URL: https://bddbeb1bec394be790c50af5e47b2319.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.241.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-241-113.lhr62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 19:44:00 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:19:04 GMT
server: AmazonS3
age: 4753403
etag: W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1b5424f4e08ca48fc35e311bea9e9ff6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: LHR62-C3
x-amz-cf-id: 0SpCv1J_iYPV18iISS_P9UDv1rnZ3x93Vc9miB8-9rrSJ45TSri22A==

GET
H/1.1 200
OK activity.gif
apt.techtarget.com/activity/ 43 B
464 B 552ms
157ms Image
image/gif 206.19.49.24
ATT-CERFNET-BLOCK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=21005569&version=2.1.1&ref=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&r=1646165242494
Requested by: Host: metallic.io
URL: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.19.49.24 , United States, ASN17225 (ATT-CERFNET-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:22 GMT
Last-Modified: Tue, 26 Mar 2019 18:30:29 GMT
ETag: "2b-5850384023492"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 43

GET
H2 200 clarity.js Show response
l.clarity.ms/s/0.6.31/ 52 KB
23 KB 387ms
96ms Script
application/javascript 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/4zp3yrhme5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: br
etag: "1d82c9e8417ec00"
last-modified: Mon, 28 Feb 2022 12:27:14 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=64E2D1DCD98B46FCAF21B23F2615B60A&RedC=c.clarity.ms&MXFR=35B6E2F777E468193392F3AD73E4665E
https://c.clarity.ms/c.gif?CtsSyncId=64E2D1DCD98B46FCAF21B23F2615B60A&MUID=1ADA9A55BC416CA401C58B0FBD2A6DA6

42 B
367 B

26ms
25ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=64E2D1DCD98B46FCAF21B23F2615B60A&MUID=1ADA9A55BC416CA401C58B0FBD2A6DA6
Requested by: Host: metallic.io
URL: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:22 GMT
last-modified: Fri, 18 Feb 2022 21:27:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7f9eac45e25d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5BCAEC03A6FB48F2949C53E28BAA4EA5 Ref B: FRAEDGE1506 Ref C: 2022-03-01T20:07:22Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=64E2D1DCD98B46FCAF21B23F2615B60A&MUID=1ADA9A55BC416CA401C58B0FBD2A6DA6
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 87ms
87ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1428362552&t=pageview&_s=1&dl=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&dr=https%3A%2F%2Femail.metallic.io%2F&ul=en-us&de=UTF-8&dt=Ransomware%20Attacks%20are%20on%20the%20Rise%E2%80%94and%20so%20is%20Their%20Cost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAAC~&jid=1875779019&gjid=1979474077&cid=312196339.1646165243&tid=UA-2378635-24&_gid=1535750320.1646165243&_r=1&gtm=2wg2s0TLQ2J4B&z=449186991

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://metallic.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://metallic.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 147ms
60ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2378635-24&cid=312196339.1646165243&jid=1875779019&gjid=1979474077&_gid=1535750320.1646165243&_u=YEBAAEAAQAAAAC~&z=2059653569

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://metallic.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 01 Mar 2022 20:07:22 GMT
content-type: text/plain
access-control-allow-origin: https://metallic.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame FECE 895 B
916 B 129ms
128ms XHR
application/json 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b413a73fdf00988d82df4d60171eebfd3854cd7cb3fd975befd39ef1448c3fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 1BA9599302A8CB9B1743FB1B18BBBC3E
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 01 Mar 2022 20:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
access-control-expose-headers: *
content-disposition: attachment
access-control-allow-origin: *
content-length: 485
x-xss-protection: 1; mode=block
x-amz-cf-id: 9ZaHW80VWqh7rt8FMKYukrHXLbHwvcEw8fXJVrfTnMDJgD29g55hRg==

GET
H2 200 /
www.google.com/pagead/1p-user-list/527209523/ 42 B
108 B 186ms
59ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/527209523/?random=1646165242313&cv=9&fst=1646164800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2s0&sendb=1&frm=0&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&ref=https%3A%2F%2Femail.metallic.io%2F&tiba=Ransomware%20Attacks%20are%20on%20the%20Rise%E2%80%94and%20so%20is%20Their%20Cost&async=1&fmt=3&is_vtc=1&random=3644328490&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/527209523/ 42 B
548 B 197ms
56ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/527209523/?random=1646165242313&cv=9&fst=1646164800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2s0&sendb=1&frm=0&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&ref=https%3A%2F%2Femail.metallic.io%2F&tiba=Ransomware%20Attacks%20are%20on%20the%20Rise%E2%80%94and%20so%20is%20Their%20Cost&async=1&fmt=3&is_vtc=1&random=3644328490&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/710121479/ 42 B
548 B 88ms
56ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/710121479/?random=1646165242311&cv=9&fst=1646164800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2s0&sendb=1&frm=0&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&ref=https%3A%2F%2Femail.metallic.io%2F&tiba=Ransomware%20Attacks%20are%20on%20the%20Rise%E2%80%94and%20so%20is%20Their%20Cost&async=1&fmt=3&is_vtc=1&random=827193328&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/710121479/ 42 B
108 B 74ms
59ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/710121479/?random=1646165242311&cv=9&fst=1646164800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2s0&sendb=1&frm=0&url=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&ref=https%3A%2F%2Femail.metallic.io%2F&tiba=Ransomware%20Attacks%20are%20on%20the%20Rise%E2%80%94and%20so%20is%20Their%20Cost&async=1&fmt=3&is_vtc=1&random=827193328&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 68ms
67ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2378635-24&cid=312196339.1646165243&jid=1875779019&_u=YEBAAEAAQAAAAC~&z=1634562012

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 70ms
70ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2378635-24&cid=312196339.1646165243&jid=1875779019&_u=YEBAAEAAQAAAAC~&z=1634562012

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ 29 B
136 B 119ms
37ms XHR
text/plain 34.255.166.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1646165242805
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.385.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.166.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-166-68.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 432eb284b6d21a8de3c3af862765c3d95a90f6a0735250bde9e4e38727a8d826

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 01 Mar 2022 20:07:22 GMT
cache-control: no-store
server: awselb/2.0
content-length: 29
content-type: text/plain

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 18AE 0
18 B 26ms
14ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://metallic.io
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/

Response headers

content-type: text/plain
access-control-allow-origin: https://metallic.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Tue, 01 Mar 2022 20:07:22 GMT

GET
BLOB 200
OK ec4af7b4-75cc-42b8-9e1e-c7bfe961e3f2
https://metallic.io/ 218 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://metallic.io/ec4af7b4-75cc-42b8-9e1e-c7bfe961e3f2
Requested by: Host: metallic.io
URL: https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9025e2e8677e23a2e96d1bcb56c0255b871b08a38ecd9bc4510ef9bba9862600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 218
Content-Type: text/javascript

GET
H2 200 4.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/1BA9599302A8CB9B1743FB1B18BBBC3E/ Frame FECE 41 KB
13 KB 44ms
44ms XHR
application/javascript 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/1BA9599302A8CB9B1743FB1B18BBBC3E/4.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b2cd26689e68284c24b3a000cabc1878242f950fe85c55ab5ac7385fc12586e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 02:13:26 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 06:15:54 GMT
server: nginx
age: 3174837
etag: W/"41643-1642054554000"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: u_zu3aVrg6dre9S4BdF0Ffah28OqdgECq-Hg8OSqAgnNrvcfNH5kTg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame FECE 3 KB
3 KB 31ms
31ms Image
image/gif 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 07:33:22 GMT
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 45241
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2608
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jan 2022 06:15:36 GMT
server: nginx
etag: W/"2608-1642054536000"
vary: Origin
content-type: image/gif
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: 515Xik3v4qokLqMCZgomhkSefO_7tXQCYf3TEFPGA34foQ07e2Yz5A==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame FECE 2 KB
1 KB 35ms
35ms XHR
application/json 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

21e62fb9db555c21dc1309cf2631d6ec4f6da042596e309cb269ddb28b207019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 1BA9599302A8CB9B1743FB1B18BBBC3E
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 01 Mar 2022 20:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
access-control-expose-headers: *
content-disposition: attachment
access-control-allow-origin: *
content-length: 871
x-xss-protection: 1; mode=block
x-amz-cf-id: 7IVogYMBcwbTrAeAHwQmJKcg2pn9WyO3cf_r7Erftu0ByJ81SYM-XA==

GET
H2 200 get
consent.trustarc.com/ Frame FECE 51 KB
52 KB 25ms
25ms Font
application/font-woff 18.66.122.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=dmsans-regular-webfont.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-97.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

51033ca959567bd01090659e6af136f40e5a0d8965069a47c1e30455cac9e759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://consent-pref.trustarc.com/
Origin: https://consent-pref.trustarc.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 19:24:36 GMT
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
age: 2567
x-cache: Hit from cloudfront
content-length: 52724
pragma: public
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: MCurPtmC51EvL7n3SqunYEnBRVjt0YaBN5qJAHK2VnnV-HdUpmvOhA==
expires: Thu, 31 Mar 2022 19:24:36 GMT

GET
H2 200 get
consent.trustarc.com/ Frame FECE 3 KB
3 KB 21ms
20ms Image
image/png 18.66.122.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=commvault_logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-97.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

bfcec94789c0f9f5d4a83415bb9aa81b26799c5dd089a06eb976e03087ed7a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 01 Mar 2022 19:24:36 GMT
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
server: nginx
age: 2567
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
content-length: 2839
x-amz-cf-id: uiHo256WQGMjqooz926vPOg6ppiqjOwja5voT7r7xbvAGTOQzPwowQ==
expires: Thu, 31 Mar 2022 19:24:36 GMT

GET
H2 200 get
consent.trustarc.com/ Frame FECE 15 KB
15 KB 21ms
21ms Image
image/png 18.66.122.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=commvault_logo_new.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-97.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

3d93bd0db1f3585a348a2f4df172df589bb16acd40c1b281048b96186299b6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 01 Mar 2022 19:24:36 GMT
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
server: nginx
age: 2567
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
content-length: 15119
x-amz-cf-id: _WgfkIszGQUDF-Xu8oliEst_MN1wUOtNeiC5a1Q5aW6DJ-11HQ-FeQ==
expires: Thu, 31 Mar 2022 19:24:36 GMT

POST
H2 204 collect Show response
l.clarity.ms/ 0
90 B 191ms
191ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: l.clarity.ms
URL: https://l.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://metallic.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://metallic.io
date: Tue, 01 Mar 2022 20:07:23 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 204 https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjU... Show response
tracking.intentsify.io/page-tracking/intentsify-metallic/ 0
213 B 550ms
151ms Script
text/plain 52.52.72.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.intentsify.io/page-tracking/intentsify-metallic/https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.72.28 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-72-28.us-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 20:07:23 GMT
cache-control: private, no-cache, no-store, must-revalidate
x-powered-by: Express
expires: -1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame FECE 189 KB
37 KB 135ms
135ms XHR
application/json 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4338c5b21944c615462e28b5acb94792ee22d5a69a743b6d4894f98f3300fcca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 1BA9599302A8CB9B1743FB1B18BBBC3E
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 01 Mar 2022 20:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
access-control-expose-headers: *
content-disposition: attachment
access-control-allow-origin: *
content-length: 37244
x-xss-protection: 1; mode=block
x-amz-cf-id: WbmHyfspcrSgN_llWbKam_Bift6wbNgiHe2zAFiJWDIlFCyWlMa3YA==

GET
H2 200 switchbg.png
consent-pref.trustarc.com/images/ Frame FECE 1 KB
1 KB 9ms
9ms Image
image/png 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/switchbg.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/EuPreferenceManager.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/EuPreferenceManager.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 05:32:29 GMT
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 52495
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1068
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jan 2022 06:15:36 GMT
server: nginx
etag: W/"1068-1642054536000"
vary: Origin
content-type: image/png
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: rEvD56lufqaPkcNnqb9YqKeMjsokqXky4T6JDqfG1WW4s1SjzzRgqw==

GET
H2 200 loader.gif
consent-pref.trustarc.com/images/ Frame FECE 2 KB
2 KB 8ms
8ms Image
image/gif 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loader.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:39:16 GMT
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 43880
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1737
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jan 2022 06:15:36 GMT
server: nginx
etag: W/"1737-1642054536000"
vary: Origin
content-type: image/gif
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: zxI7XMxd1PgLjCPowQLf4SH4i_jFW48iu-iG762OjfrkMsntdxAGkQ==

GET
H/1.1

200

master-opt-out Show response
ad.amgdgt.com/ads/ Frame EA31
Redirect Chain

https://ad.amgdgt.com/ads/nai-coop-opt-out?action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023
https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023

2 KB
2 KB

98ms
98ms

Document
text/html

52.0.128.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.128.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-128-82.compute-1.amazonaws.com
Software: /
Resource Hash: eed045818a8dff66812ca9202c882114e1fa34d6e2b738f474f3d4df7219399b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

Cache-Control: no-cache, no-store
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 01 Mar 2022 20:07:23 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1710
Connection: keep-alive

Redirect headers

Cache-Control: no-cache, no-store
Date: Tue, 01 Mar 2022 20:07:23 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 0
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/713/1-2/ Frame C35A
Redirect Chain

https://r.turn.com/r/optout?action_id=3&participant_id=713&rd=https://preferences-mgr.truste.com&nocache=0.5673121263858787
https://preferences-mgr.truste.com/token/713/1-2/

550 B
774 B

57ms
13ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/713/1-2/
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: d9802af64401b98446e9674c0f11b5944c2eeb0d513bf444679e7707114286ae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Tue, 01 Mar 2022 12:06:56 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: l7VYSVJTroKwd5QleHGpPcpcWhY7njtDNy3RUyOYew8zoQPmf4jaEA==
age: 28827

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
location: https://preferences-mgr.truste.com/token/713/1-2/
content-length: 0
date: Tue, 01 Mar 2022 20:07:22 GMT

GET
H/1.1

200
OK

ad_retarget_global_opt_out Show response
www.shopzilla.com/ Frame C7BA
Redirect Chain

https://www.shopzilla.com/opt_out_external?action_id=3&participant_id=611&rd=https://preferences-mgr.truste.com&nocache=0.3941657919865462
https://www.shopzilla.com/ad_retarget_global_opt_out?isExternalOptOut=true&rd=https://preferences-mgr.truste.com&action_id=3&participant_id=611&token=820231515190043643

2 KB
1 KB

280ms
280ms

Document
text/html

192.138.218.136
SHOPZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shopzilla.com/ad_retarget_global_opt_out?isExternalOptOut=true&rd=https://preferences-mgr.truste.com&action_id=3&participant_id=611&token=820231515190043643
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.138.218.136 , United States, ASN14332 (SHOPZILLA, US),
Reverse DNS: shopzilla.com
Software: nginx/1.20.1 /
Resource Hash: 3e1ca6168f1ea6489f18ee9a1fdcde8be68c58db2c06b18582f67a60885b08f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

Server: nginx/1.20.1
Date: Tue, 01 Mar 2022 20:07:24 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Content-Language: de-DE
Content-Encoding: gzip

Redirect headers

Server: nginx/1.20.1
Date: Tue, 01 Mar 2022 20:07:23 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
Location: https://www.shopzilla.com/ad_retarget_global_opt_out?isExternalOptOut=true&rd=https://preferences-mgr.truste.com&action_id=3&participant_id=611&token=820231515190043643
Accept-Ranges: bytes

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYh6EAybKSn9OOo-9Lpb-q6EGe3Fm6eSz/ Frame BAB0
Redirect Chain

https://googleads.g.doubleclick.net/ads/preferences/naioptout?action_id=3&participant_id=804&rd=https://preferences-mgr.truste.com&nocache=0.4764697012338057
https://adssettings.google.com/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYh6EAybKSn9OOo-9Lpb-q6EGe3Fm6eSz&aboutads_sess=ACi0TCigUX9PcdJpCD95zhFo7zm...
https://adssettings.google.de/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYh6EAybKSn9OOo-9Lpb-q6EGe3Fm6eSz&aboutads_sess=ACi0TCigUX9PcdJpCD95zhFo7zmt...
https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYh6EAybKSn9OOo-9Lpb-q6EGe3Fm6eSz/

622 B
847 B

110ms
109ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYh6EAybKSn9OOo-9Lpb-q6EGe3Fm6eSz/
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 430e5c879eb2df80ea2af3692fb5cea44263b12965789bb1f09d38016ccc570c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 622
date: Tue, 01 Mar 2022 20:07:23 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Jlh-e6xsnGE2FVucXp0-s5o2SohMKIOqXC4kClRx_rp9LD2kPy6fnw==

Redirect headers

content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 01 Mar 2022 20:07:23 GMT
location: https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYh6EAybKSn9OOo-9Lpb-q6EGe3Fm6eSz/
content-security-policy: require-trusted-types-for 'script';report-uri /_/AdsSettingsUi/cspreport script-src 'report-sample' 'nonce-wIQkszzz1j1G4Y8M7VV1EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AdsSettingsUi/cspreport;worker-src 'self' script-src 'nonce-wIQkszzz1j1G4Y8M7VV1EA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/AdsSettingsUi/cspreport/allowlist
cross-origin-opener-policy: same-origin-allow-popups; report-to="AdsSettingsUi"
cross-origin-resource-policy: same-site
report-to: {"group":"AdsSettingsUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AdsSettingsUi/external"}]}
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/ Frame 2891
Redirect Chain

https://ad.wsod.com/coop_api/?action_id=3&participant_id=407&rd=https://preferences-mgr.truste.com/&nocache=0.923107378768995
https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/

546 B
770 B

9ms
9ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 2ef794e6984277c05c475b8eef5d63fefef122b5277c4ae2a642d1be51061a58

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Tue, 01 Mar 2022 11:10:13 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ND4FyTqJ6yB8NFMqOihrlVlyF1tKo7zSHss2-_i00MpZNoTD9Qcyiw==
age: 32230

Redirect headers

Server: nginx
Date: Tue, 01 Mar 2022 20:07:23 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Location: https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/

GET
H2

200

0 Show response
preferences-mgr.truste.com/token/519/1/ Frame 9204
Redirect Chain

https://s.thebrighttag.com/api/privacy/3fLGmeU/nai?action_id=3&participant_id=519&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.7795347357877396
https://preferences-mgr.truste.com/token/519/1/0

536 B
760 B

14ms
14ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/519/1/0
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 6e60407537ae8be31f1c4776a6e6ff512a603ef7a1fabc8f6386ff2410b16d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 536
date: Tue, 01 Mar 2022 11:36:18 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: fSwVwYc4shWKG3bSusTKLsoouTMC0_F5nkBQIdheQl5q4ReqbZNAqQ==
age: 30665

Redirect headers

Server: nginx
Date: Tue, 01 Mar 2022 20:07:23 GMT
Content-Length: 0
Connection: keep-alive
X-BT-RequestId: 353ccb40-999b-11ec-8569-0000ac1508ec
Location: https://preferences-mgr.truste.com/token/519/1/0
P3P: CP=NOI DSP COR NID

GET
H2

200

adelphic Show response
preferences-mgr.truste.com/token/642/1/ Frame C6CF
Redirect Chain

https://my.ipredictive.com/optout/aboutads?action_id=3&participant_id=642&rd=https://preferences-mgr.truste.com&nocache=0.13296950321280954
https://preferences-mgr.truste.com/token/642/1/adelphic

550 B
775 B

10ms
9ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/642/1/adelphic
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 2fc144fae13962c0d391f4a75a0ec528c0aadd48b23acfdb0f296ffd7d339adc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Tue, 01 Mar 2022 08:05:28 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: bnSVn2GJZirABPqvLk1Cb0mL5I8eVgS0ZkBx0EvtZoQNLy7ER47IRw==
age: 43315

Redirect headers

date: Tue, 01 Mar 2022 20:07:23 GMT
content-length: 0
location: https://preferences-mgr.truste.com/token/642/1/adelphic
server: Apache-Coyote/1.1
p3p: CP="NOI PSA OUR"

GET
H2

200

1646165243439 Show response
preferences-mgr.truste.com/token/512/1/ Frame 5685
Redirect Chain

https://www.demdex.net/daa/daa_opt.html?action_id=3&participant_id=512&rd=https://preferences-mgr.truste.com&nocache=0.8169025427872048
https://preferences-mgr.truste.com/token/512/1/1646165243439

560 B
786 B

116ms
116ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/512/1/1646165243439
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 9415aed8f0e38bf3551ce1efb7edb139cd16d0879ae09a24a92e0a10b01c7052

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 560
date: Tue, 01 Mar 2022 20:07:23 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: BmCVgLOy70tFXFPhmRK4q3m4fYSC3vK-zXjn71WujxBrNNWJ71b4nQ==

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v028-0f20da976.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://preferences-mgr.truste.com/token/512/1/1646165243439
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 4fw9mu8+QnE=
Content-Length: 0
Connection: keep-alive

GET
H2

200

0b9490d1f38e Show response
preferences-mgr.truste.com/token/781/1/ Frame 03FC
Redirect Chain

https://optout.prod.bidr.io/optout?action_id=3&participant_id=781&rd=https://preferences-mgr.truste.com/&nocache=0.2889624511949809
https://preferences-mgr.truste.com/token/781/1/0b9490d1f38e

558 B
782 B

15ms
15ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/781/1/0b9490d1f38e
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 689f4dd61366a881d6a75acc4c31898ef6a848977c3de9a66f4b22652a779787

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 558
date: Tue, 01 Mar 2022 08:22:15 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: UOAlreUCxnDoHS45ctJZelLt6obQK6fqRiHwt7je6W0YD3N66HSyXQ==
age: 42308

Redirect headers

content-type: text/plain
Date: Tue, 01 Mar 2022 20:07:23 GMT
location: https://preferences-mgr.truste.com/token/781/1/0b9490d1f38e
p3p: We do not support P3P; our privacy policy is at https://www.beeswax.com/privacy.html
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 15
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/ Frame 349C
Redirect Chain

https://ml314.com/daaoptout.ashx?action_id=3&participant_id=718&rd=https://preferences-mgr.truste.com&nocache=0.1648693917911288
https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/

574 B
797 B

66ms
13ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 67175599b4bdf8d3df9fa17e11d12ea2396ad2f6997a70b44e701966b930ec8f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 574
date: Tue, 01 Mar 2022 13:40:43 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: o0njGPfcX88ibND4rXbSsCKcb7FgE38snzNsk3AeY_ljWB-hjS1AIw==
age: 23200

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Mar 2022 20:07:22 GMT
Expires: 0
Location: https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
P3P: CP="ALL DSP COR NID"
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 185
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/762/1-0/ Frame 6B3E
Redirect Chain

https://segments.company-target.com/dnt?action_id=3&participant_id=762&rd=https://preferences-mgr.truste.com&nocache=0.35741975563449224
https://preferences-mgr.truste.com/token/762/1-0/

550 B
773 B

17ms
17ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/762/1-0/
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 862dc87fba8cf3233eedca7a7b8a3f4a99659743c06233a59193251e0cc63887

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Mon, 28 Feb 2022 20:40:12 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 47f3IcKA-szQsGKGQFdkMlencoiR_nC3yJSYSgA7jwYfuusiBgcyTg==
age: 84431

Redirect headers

Content-Length: 0
Connection: keep-alive
Date: Tue, 01 Mar 2022 20:07:23 GMT
trace-id: 99ac6ec05f2d9c82
Vary: Origin
Location: https://preferences-mgr.truste.com/token/762/1-0/
X-Cache: Miss from cloudfront
Via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
X-Amz-Cf-Id: Kwer0KakOy7v9hW7iucITx2Q_U2QiXnatPrKBEbH9RPo669RFtMipg==

GET
H2

200

SOoxP5wG7osJuZgrvSLkvNphp Show response
preferences-mgr.truste.com/token/848/1/ Frame 5A2B
Redirect Chain

https://casalemedia.com/privacy/optout?action_id=3&participant_id=848&rd=https://preferences-mgr.truste.com&nocache=0.36196806183390584
https://preferences-mgr.truste.com/token/848/1/SOoxP5wG7osJuZgrvSLkvNphp

584 B
810 B

109ms
109ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/848/1/SOoxP5wG7osJuZgrvSLkvNphp
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b71eff512a63c76099be52a83aaafe7bbf175d65d4bd1bebea9f4d9b2f43fb70

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 584
date: Tue, 01 Mar 2022 20:07:23 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: txz084_wMTiGhW94k5PXtyk_xIxcVEO3Dwn33THPIRK-m8IbbdbBmQ==

Redirect headers

date: Tue, 01 Mar 2022 20:07:23 GMT
content-type: text/html
content-length: 0
location: https://preferences-mgr.truste.com/token/848/1/SOoxP5wG7osJuZgrvSLkvNphp
p3p: NOI DSP COR DEVa TAIa OUR BUS UNI
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2

200

84wB7bA0hz Show response
preferences-mgr.truste.com//token/366/1-0/ Frame 2426
Redirect Chain

https://pixel.rubiconproject.com/oba/optout/?action_id=3&participant_id=366&rd=https://preferences-mgr.truste.com/&nocache=0.007899048657263874
https://preferences-mgr.truste.com//token/366/1-0/84wB7bA0hz

550 B
775 B

156ms
114ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/366/1-0/84wB7bA0hz
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: f140c4cd7825b747d157f267381a775239cb0e5c709f3d45fc39377bf2254043

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Tue, 01 Mar 2022 20:07:23 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: TzIHS5Uf0RJj39Vs1fTamOqubqWTC9ir_sbhfCbciUQdFIkmlFGu8A==

Redirect headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Location: https://preferences-mgr.truste.com//token/366/1-0/84wB7bA0hz
content-length: 0

GET
H/1.1 200
OK nai.php Show response
www.mathtag.com/ Frame D7D4 284 B
786 B 298ms
101ms Document
text/html 74.121.140.207
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https://preferences-mgr.truste.com/&nocache=0.8387022652191409
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.121.140.207 Reston, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 95040fb29c0629dbffdc65884db8cd02a8a4b772c8f74c6bfc624f427693feda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

Server: nginx
Date: Tue, 01 Mar 2022 20:10:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 238
Connection: keep-alive
Keep-Alive: timeout=360
Referrer-Policy: no-referrer-when-downgrade
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/755/3/ Frame F76A
Redirect Chain

https://jadserve.postrelease.com/naioptout?action_id=3&participant_id=755&rd=https://preferences-mgr.truste.com&nocache=0.3245437776890474
https://preferences-mgr.truste.com/token/755/3/

546 B
769 B

10ms
10ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/755/3/
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 244c6dae6dcb45d4f8890326398b2e39628b713f4f37f327a492b5b163083d72

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Tue, 01 Mar 2022 17:20:06 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: s32YLGZVpuNGFSbIcC1yWmf9kWoL23K3f5es9vqdmGUultz8-0bEMg==
age: 10037

Redirect headers

date: Tue, 01 Mar 2022 20:07:23 GMT
content-length: 0
location: https://preferences-mgr.truste.com/token/755/3/
server: nginx/1.12.1
expires: Mon, 1 Jan 1990 12:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/765/1/1646165243/ Frame AAFD
Redirect Chain

https://u.openx.net/privacy/daa?action_id=3&participant_id=765&rd=https://preferences-mgr.truste.com&nocache=0.4806648486644969
https://preferences-mgr.truste.com/token/765/1/1646165243/

554 B
779 B

119ms
114ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/765/1/1646165243/
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 07d690690dde4561bf3e3ebfebb5db460beb6c061456091b2b170c04fd0e5dc0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 554
date: Tue, 01 Mar 2022 20:07:23 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: hks55wGJ3sNWCmF107nD1WEYhv1y6tDe141jRgITBknE6qXF_2y6pQ==

Redirect headers

server: OXGW/17.2.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://preferences-mgr.truste.com/token/765/1/1646165243/
date: Tue, 01 Mar 2022 20:07:23 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

no-token Show response
preferences-mgr.truste.com/token/591/1-1/ Frame E410
Redirect Chain

https://px.owneriq.net/nai/optout?action_id=3&participant_id=591&rd=https://preferences-mgr.truste.com&nocache=0.4141005585479318
https://preferences-mgr.truste.com/token/591/1-1/no-token

554 B
777 B

13ms
13ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/591/1-1/no-token
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 892af2ba7758cbe009692eb0bc3e5a3b0fa5a15925d309a0d1fca2c229934982

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 554
date: Tue, 01 Mar 2022 07:56:40 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: eNiQCKETI64GcJY0Y4OgFmKHEa92pr8tp7Nte5TpkVpsl4tEL8rOFw==
age: 43843

Redirect headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://preferences-mgr.truste.com/token/591/1-1/no-token
Content-Length: 0
Content-Type: text/html
Expires: Tue, 01 Mar 2022 20:07:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 01 Mar 2022 20:07:23 GMT
Connection: keep-alive

GET
H/1.1 200
OK optout.jsp Show response
apps.pubmatic.com/ Frame 38F2 788 B
1 KB 674ms
173ms Document
text/html 104.36.113.45
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.pubmatic.com/optout.jsp?action_id=3&participant_id=420&rd=https://preferences-mgr.truste.com/&nocache=0.239570638328926
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.45 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 9821ab0c2c0ec5b01063600d74683297ce2374c280142908a947ae553b60a027

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

Date: Tue, 01 Mar 2022 20:07:23 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST
Access-Control-Allow-Headers: X-Forwarded-For, X-app123-XPTO
Content-Encoding: gzip

GET
H2

200

Owgk4wsifBFu Show response
preferences-mgr.truste.com//token/422/1/ Frame 13B2
Redirect Chain

https://bh.contextweb.com/bh/oba/aboutads/?action_id=3&participant_id=422&rd=https://preferences-mgr.truste.com/&nocache=0.08230272041532749
https://preferences-mgr.truste.com//token/422/1/Owgk4wsifBFu

546 B
773 B

114ms
114ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/422/1/Owgk4wsifBFu
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 2a63edaf9a7f51bd8a298667502a2ea6175a8f5fe6287f25242a1e526e6e2a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Tue, 01 Mar 2022 20:07:23 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: vGGa8qQ_yf29QQWsajZKtDWdHH4X9sEJdqFKnKrpBmWZQLMZXZjgCg==

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://preferences-mgr.truste.com//token/422/1/Owgk4wsifBFu
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/806/1-0/O010137803831646165243347/ Frame 099D
Redirect Chain

https://pixel.quantserve.com/optout?action_id=3&participant_id=806&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6556306553870277
https://preferences-mgr.truste.com/token/806/1-0/O010137803831646165243347/

588 B
813 B

155ms
115ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/806/1-0/O010137803831646165243347/
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: ee36bcd9c1f0f09104c4dd365ac7253c0cdfe56e7133b9e829a7d5bde0fdd679

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 588
date: Tue, 01 Mar 2022 20:07:23 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: I8E7X7RgMkB-HluFvr6lxmKPLy-jFkM2_qPiQJn58qiuNthoz8c42g==

Redirect headers

date: Tue, 01 Mar 2022 20:07:23 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://preferences-mgr.truste.com/token/806/1-0/O010137803831646165243347/
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

282855468 Show response
preferences-mgr.truste.com/token/831/1-1/ Frame 027B
Redirect Chain

https://i.w55c.net/optout/nai?action_id=3&participant_id=831&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.38906929705434434
https://preferences-mgr.truste.com/token/831/1-1/282855468

556 B
781 B

123ms
113ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/831/1-1/282855468
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 1fb5d016c1440b2d0c44476f90ce1378a3558595f6d8694c79331ebaa36ed3e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 556
date: Tue, 01 Mar 2022 20:07:23 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: HSk3rhlLjwoFAG98BthE9Pg2msunPxIVYFEr0nVY4-OKcYzwI1yRQw==

Redirect headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=utf-8
Date: Tue, 01 Mar 2022 20:07:23 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://preferences-mgr.truste.com/token/831/1-1/282855468
Pragma: no-cache
Server: PixelTracking/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/862/1/ Frame 20BA
Redirect Chain

https://go.sonobi.com/optout?action_id=3&participant_id=862&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.04403541192169125
https://preferences-mgr.truste.com/token/862/1/

546 B
769 B

15ms
15ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/862/1/
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 8db76846bf1112adc5bc91ee3b0f712074188fba3b352c6840a814dacb764632

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Tue, 01 Mar 2022 09:36:13 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: KQ69a17W1ssP0_mEYIl59IgoEFqH9mPlcvcAk1fAvyxJawBjc2pYvQ==
age: 37870

Redirect headers

Date: Tue, 01 Mar 2022 20:07:23 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-ams-1-7-8
X-Xss-Protection: 0
Location: https://preferences-mgr.truste.com/token/862/1/
Server: sonobi-go

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/742/1/ Frame D8F6
Redirect Chain

https://ap.lijit.com/cookie_opt_out?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com&nocache=0.23588792455301877
https://ap.lijit.com/check_optout_cookie?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com
https://preferences-mgr.truste.com/token/742/1/

546 B
770 B

16ms
15ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/742/1/
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a84d6b5a26df2f5550f066a6f55ffda41c871a58132a2e639c296631e687f59d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Tue, 01 Mar 2022 11:13:09 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: O9myxb1wWD_z52V85RnFbYUR_jyUpU6SkjgSisgG_AzAc7BOwKhqeQ==
age: 32054

Redirect headers

Server: nginx
Date: Tue, 01 Mar 2022 20:07:23 GMT
Content-Length: 0
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://preferences-mgr.truste.com/token/742/1/
X-Powered-By: raptor-daa
X-Sovrn-Pod: ad_ap4ams1

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/428/1/f8b7e5dc-be2f-4171-83df-11d3d5c3307e/ Frame 38B6
Redirect Chain

https://privacy.tapad.com/daa-coop?action_id=3&participant_id=428&rd=https://preferences-mgr.truste.com&nocache=0.5977981901662015
https://preferences-mgr.truste.com/token/428/1/f8b7e5dc-be2f-4171-83df-11d3d5c3307e/

606 B
832 B

125ms
125ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/428/1/f8b7e5dc-be2f-4171-83df-11d3d5c3307e/
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a3c21adcda47f45159ca41568e9d8dac293603fc2e1be37638b6b442c84ec912

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 606
date: Tue, 01 Mar 2022 20:07:23 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: _xxfbwGG2Jdwm9hqCUn0EECFtRyvRmiFaJMfIWwERlBPEn-UFXbRdQ==

Redirect headers

location: https://preferences-mgr.truste.com/token/428/1/f8b7e5dc-be2f-4171-83df-11d3d5c3307e/
strict-transport-security: max-age=31536000
date: Tue, 01 Mar 2022 20:07:23 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

csrf Show response
preferences-mgr.truste.com/token/747/1-0/ Frame 800E
Redirect Chain

https://optout.bigsea.weborama.com/optout?action_id=3&participant_id=747&rd=https://preferences-mgr.truste.com&nocache=0.5439853883155565
https://preferences-mgr.truste.com/token/747/1-0/csrf

546 B
769 B

12ms
12ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/747/1-0/csrf
Requested by: Host: email.metallic.io
URL: https://email.metallic.io/MzY5LUhCQy0xNjUAAAGCvJwAcQmHUe9q9f6cuCH4tMiX2pmG_ZvZPGW__uiBHNYvzc1pGINOK4e9-ZyXW2svcB3-eYk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: efec5394dfd449bbe933fad5abd3dc6991d17596494f4cd12990a8e35b33e3f9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Tue, 01 Mar 2022 05:57:01 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: JIt6hJ2k3iv-oVlRERzlef2BAS4zekecAIAp7_GvBhMS4T5XsmbIqw==
age: 51022

Redirect headers

Date: Tue, 01 Mar 2022 20:07:23 GMT
Location: https://preferences-mgr.truste.com/token/747/1-0/csrf
P3P: CP="This is not a valid P3P header"
Content-Length: 0
Connection: keep-alive

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame 923C 2 KB
1 KB 9ms
9ms Document
text/html 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://prefmgr-cookie.truste-svc.net/

Response headers

content-type: text/html; charset=UTF-8
server: nginx
last-modified: Thu, 13 Jan 2022 06:15:36 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 28 Feb 2022 20:38:44 GMT
etag: W/"2008-1642054536000"
vary: Accept-Encoding Origin
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: Is4OLVgwRCXnIt0adusxog23kE94v6T8nXu7y3NK5JcewyMEwsNJjQ==
age: 84519

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame FECE 4 KB
5 KB 8ms
8ms Image
image/png 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/1BA9599302A8CB9B1743FB1B18BBBC3E.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 07:38:40 GMT
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 44923
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4197
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jan 2022 06:15:36 GMT
server: nginx
etag: W/"4197-1642054536000"
vary: Origin
content-type: image/png
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: 7xmyIeKHUohytMi2Px8b9lXEPIXiWfH9-dyt-WpLD0t4qtO8YMGtDA==

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/807/1-1/i79m2ugrp14iddj2r6tn0830a0/ Frame D7D4
Redirect Chain

https://pixel.mathtag.com/event/img?mt_id=888&mt_nsync&mm_bnc&redir=https%3A%2F%2Fpreferences-mgr.truste.com%2F%2Ftoken%2F807%2F%5BNAI_OPTOUT%5D-1%2Fi79m2ugrp14iddj2r6tn0830a0%2F
https://preferences-mgr.truste.com//token/807/1-1/i79m2ugrp14iddj2r6tn0830a0/

550 B
775 B

132ms
131ms

Document
text/html

18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/807/1-1/i79m2ugrp14iddj2r6tn0830a0/
Requested by: Host: www.mathtag.com
URL: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https://preferences-mgr.truste.com/&nocache=0.8387022652191409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 8edf4afffb3c82dacbc2d3b56f77e65a90087b26da334c29665eb02cc1f55351

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https://preferences-mgr.truste.com/&nocache=0.8387022652191409

Response headers

content-length: 550
date: Tue, 01 Mar 2022 20:07:23 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: JnKY51xZ9GnVD_4y0avnQcyMa8LpF5D0onffy2fRa4bvPawUvrZ8yQ==

Redirect headers

Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 4172 645ee8c master cdg-pixel-x27 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://preferences-mgr.truste.com//token/807/1-1/i79m2ugrp14iddj2r6tn0830a0/
Expires: Tue, 01 Mar 2022 20:07:22 GMT
Date: Tue, 01 Mar 2022 20:07:23 GMT
Connection: keep-alive

GET
H/1.1 200 jquery-1.11.1.min.js Show response
ad.amgdgt.com/ads/js/ Frame EA31 94 KB
94 KB 193ms
193ms Script
application/javascript 52.0.128.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/js/jquery-1.11.1.min.js
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.128.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-128-82.compute-1.amazonaws.com
Software: /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:23 GMT
Last-Modified: Wed, 30 Jan 2019 10:48:44 GMT
Connection: keep-alive
Content-Length: 95786
Content-Type: application/javascript

GET
H/1.1 200 jquery.cookie.js Show response
ad.amgdgt.com/ads/js/ Frame EA31 3 KB
3 KB 326ms
135ms Script
application/javascript 52.0.128.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/js/jquery.cookie.js
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.128.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-128-82.compute-1.amazonaws.com
Software: /
Resource Hash: 5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:23 GMT
Last-Modified: Wed, 30 Jan 2019 10:48:44 GMT
Connection: keep-alive
Content-Length: 3128
Content-Type: application/javascript

GET
H/1.1 200 optout.js Show response
ad.amgdgt.com/ads/js/ Frame EA31 22 KB
22 KB 326ms
135ms Script
application/javascript 52.0.128.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/js/optout.js
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.128.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-128-82.compute-1.amazonaws.com
Software: /
Resource Hash: 13f5ddb50d8506f227f9ed4039d935ccbea8390f52b946c11de4f73a7dabbcc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:23 GMT
Last-Modified: Wed, 30 Jan 2019 10:48:44 GMT
Connection: keep-alive
Content-Length: 22414
Content-Type: application/javascript

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/1.8.3/ 91 KB
33 KB 52ms
26ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=commvault2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2015 11:20:15 GMT
Server: AkamaiNetStorage
ETag: "3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 33467

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 22 KB
4 KB 38ms
12ms Stylesheet
text/css 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=commvault2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:57:42 GMT
Server: AkamaiNetStorage
ETag: "7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3752

GET
H/1.1 200
OK trw Show response
abrtp2.marketo.com/gw1/ 0
435 B 566ms
100ms Script
application/x-javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/trw?aid=commvault2&ref=https%3A%2F%2Femail.metallic.io%2F&trwv.uid=commvault2-1646165243914-5f06ed28&trwv.vc=1&trwsa.sid=commvault2-1646165243915-d4b2ff5b&trwsb.cpv=1&ctzo=-00:00&uri=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&ma=id%3A369-HBC-165%26token%3A_mch-metallic.io-1646165242358-46294&pm=&viewedTypes=&rts=1646165243918

Requested by

Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=commvault2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:24 GMT
Cache-Control: no-cache
Server: Jetty(7.3.1.v20110307)
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Content-Type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK ga-integration-2.0.4.js Show response
rtp-static.marketo.com/rtp/libs/ 17 KB
6 KB 32ms
13ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=commvault2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 07:56:23 GMT
Server: AkamaiNetStorage
ETag: "cfd84ea6865e772828527b0485a0eb7e:1622706982.648039"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5540

GET
H/1.1 200
OK msg Show response
abrtp2.marketo.com/gw1/ 0
494 B 518ms
102ms Script
text/javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/msg?a=2&sid=commvault2-1646165243915-d4b2ff5b&aid=commvault2&ma=id%3A369-HBC-165%26token%3A_mch-metallic.io-1646165242358-46294&viewedTypes=&0.5249053745067231&rts=1646165243970

Requested by

Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=commvault2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:24 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/ 126 KB
35 KB 26ms
26ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by: Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=commvault2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 12:54:21 GMT
Server: AkamaiNetStorage
ETag: "5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 35484

GET
H2 200 optout.js Show response
cdn.pubmatic.com/mgmt/javascripts/ Frame 38F2 10 KB
4 KB 220ms
10ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pubmatic.com/mgmt/javascripts/optout.js

Requested by

Host: apps.pubmatic.com
URL: https://apps.pubmatic.com/optout.jsp?action_id=3&participant_id=420&rd=https://preferences-mgr.truste.com/&nocache=0.239570638328926

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-180.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c868eb0300543d253fcc83d604c6e1b6425937bb7ebf47bc1217fd7abdef9d8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.pubmatic.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apps.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.pubmatic.com
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 12:28:11 GMT
server: Apache
etag: "7e0375-2739-5d5ee84d96dc2"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=172800
date: Tue, 01 Mar 2022 20:07:24 GMT
accept-ranges: bytes
content-type: text/javascript
content-length: 4026
expires: Thu, 03 Mar 2022 17:56:32 GMT

POST
H2 204 collect Show response
l.clarity.ms/ 0
25 B 91ms
91ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: l.clarity.ms
URL: https://l.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://metallic.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://metallic.io
date: Tue, 01 Mar 2022 20:07:23 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H/1.1 200
OK daa.js Show response
s1.cnnx.io/s2static/us/sz/926fb478/br2/js/ Frame C7BA 269 KB
73 KB 59ms
9ms Script
application/x-javascript 108.138.17.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.cnnx.io/s2static/us/sz/926fb478/br2/js/daa.js
Requested by: Host: www.shopzilla.com
URL: https://www.shopzilla.com/ad_retarget_global_opt_out?isExternalOptOut=true&rd=https://preferences-mgr.truste.com&action_id=3&participant_id=611&token=820231515190043643
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-51.fra56.r.cloudfront.net
Software: nginx/1.20.1 /
Resource Hash: efe869dead55b972b6b62b5914777f1c7c313f32afd4753bfce30ad4b2a85a8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shopzilla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 14:27:12 GMT
Via: 1.1 varnish, 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
Age: 1143611
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 14:21:24 GMT
Server: nginx/1.20.1
ETag: W/"abd5fc9240f991a2-432b1-620d0864"
Vary: Accept-Encoding
X-Varnish: 457975177
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA56-P7
Content-Type: application/x-javascript
X-Amz-Cf-Id: yG_FuD28rlJxSqNtb16M-e7x4x9azPiWyyAJ40R91EsXcTEGhtfphg==

GET
H2 200 / Show response
preferences-mgr.truste.com//token/420/1/TpYlrYqu6UF2hBAN1dsl4VMrUlnQBSNFrkh8/ Frame 38F2 546 B
771 B 113ms
113ms Document
text/html 18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/420/1/TpYlrYqu6UF2hBAN1dsl4VMrUlnQBSNFrkh8/
Requested by: Host: cdn.pubmatic.com
URL: https://cdn.pubmatic.com/mgmt/javascripts/optout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 76ae13d2e5266dc043603e2a81b889759d5b48e61913abf6ec6a118cc3d55e78

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://apps.pubmatic.com/

Response headers

content-length: 546
date: Tue, 01 Mar 2022 20:07:24 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: fZKw_OSkR-tCl6CJNL7qe4KcMeHytoDbUpd1JgxeAOkw4PrNb_o7_Q==

GET
H/1.1 200
OK cse Show response
connexity.net/c/ Frame 3B9B 15 KB
5 KB 663ms
164ms Document
text/html 64.19.224.207

General

Check archive.org

Show headers Download Go to

Full URL: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default1031&xdm_p=1
Requested by: Host: s1.cnnx.io
URL: https://s1.cnnx.io/s2static/us/sz/926fb478/br2/js/daa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.19.224.207 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 211cdb17e82d28b69ab2dd8b56d500e8a080a182e87baad4b3c02a3cc8d282b6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shopzilla.com/

Response headers

Server: nginx
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tues, 01 Mar 2022 20:07:24 GMT
Cache-Control: no-store, max-age=-1, post-check=0, pre-check=0
Pragma: no-cache
Expires: -1
P3P: policyref="/w3c/p3p.xml", CP="CAO PSA OUR CURa DEVa PSDo PSAo BUS COR UNI COM",an.pp="http://www.connexity.com/privacy",an.oo="http://www.connexity.com/privacy",an.bt="N"
Content-Encoding: gzip

GET
H2

200

transparent.gif
cdn.amgdgt.com/base/pixels/ Frame EA31
Redirect Chain

https://ad.amgdgt.com/ads/opt-out?op=check&src=MST&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D7918982912802816%26pf%3Damg%26st%3D
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=7918982912802816&pf=amg&st=nt
https://cdn.amgdgt.com/base/pixels/transparent.gif

43 B
400 B

27ms
19ms

Image
image/gif

2600:9000:2261:4000:10:8317:ee40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023
Protocol: H2
Server: 2600:9000:2261:4000:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 04:13:43 GMT
via: 1.1 e1dafdc346c45e381eadf0a96d4694c6.cloudfront.net (CloudFront)
last-modified: Wed, 29 Apr 2015 18:15:05 GMT
server: Apache
age: 316421
etag: "2b-514e0f55a9e7d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P4
accept-ranges: bytes
content-length: 43
x-amz-cf-id: OCjmH6_Pc2fy6sYcKEjc8gTFuJ7FADvlEakENM0yShn_1wG4ETy4uw==
expires: Mon, 28 Mar 2022 04:13:43 GMT

Redirect headers

Location: https://cdn.amgdgt.com/base/pixels/transparent.gif
Date: Tue, 01 Mar 2022 20:07:24 GMT
Cache-Control: no-cache, no-store
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

transparent.gif
cdn.amgdgt.com/base/pixels/ Frame EA31
Redirect Chain

https://r.turn.com/r/optout?src=amobee&type=status&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D2410551700550057984%26pf%3Dturn%26st%3D
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=2410551700550057984&pf=turn&st=t
https://cdn.amgdgt.com/base/pixels/transparent.gif

43 B
400 B

107ms
19ms

Image
image/gif

2600:9000:2261:4000:10:8317:ee40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023
Protocol: H2
Server: 2600:9000:2261:4000:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 04:13:43 GMT
via: 1.1 e1dafdc346c45e381eadf0a96d4694c6.cloudfront.net (CloudFront)
last-modified: Wed, 29 Apr 2015 18:15:05 GMT
server: Apache
age: 316421
etag: "2b-514e0f55a9e7d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P4
accept-ranges: bytes
content-length: 43
x-amz-cf-id: Mw0KlHTzqLR3LJga0OHj-COuBCjL-61k8I5tAi8Cw0834qup4btdZA==
expires: Mon, 28 Mar 2022 04:13:43 GMT

Redirect headers

Location: https://cdn.amgdgt.com/base/pixels/transparent.gif
Date: Tue, 01 Mar 2022 20:07:23 GMT
Cache-Control: no-cache, no-store
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

transparent.gif
cdn.amgdgt.com/base/pixels/ Frame EA31
Redirect Chain

https://ingest.tidaltv.com/opt-out?op=givethestatus&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D-3121838966697885696%26pf%3Dvid%26st%3D
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=-3121838966697885696&pf=vid&st=nt
https://cdn.amgdgt.com/base/pixels/transparent.gif

43 B
400 B

18ms
18ms

Image
image/gif

2600:9000:2261:4000:10:8317:ee40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.6453718920154023
Protocol: H2
Server: 2600:9000:2261:4000:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 04:13:43 GMT
via: 1.1 e1dafdc346c45e381eadf0a96d4694c6.cloudfront.net (CloudFront)
last-modified: Wed, 29 Apr 2015 18:15:05 GMT
server: Apache
age: 316421
etag: "2b-514e0f55a9e7d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P4
accept-ranges: bytes
content-length: 43
x-amz-cf-id: Vk94nE7y5axQSXcV5TNYAc30q_Mhf-g4f2Djw_fQzDmq4uuzGuZb3g==
expires: Mon, 28 Mar 2022 04:13:43 GMT

Redirect headers

Location: https://cdn.amgdgt.com/base/pixels/transparent.gif
Date: Tue, 01 Mar 2022 20:07:23 GMT
Cache-Control: no-cache, no-store
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK msg Show response
abrtp2.marketo.com/gw1/ 0
494 B 99ms
99ms Script
text/javascript 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: abrtp2-cdn.marketo.com
URL: https://abrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=commvault2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:24 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H2 200 / Show response
preferences-mgr.truste.com/token/636/2/18574453568258555374/ Frame EA31 574 B
800 B 123ms
123ms Document
text/html 18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/636/2/18574453568258555374/
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/js/optout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e5619aaf257ee765441b7753027d8cb985a258ddf78c1c855a8176f6a80ce8d9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.amgdgt.com/

Response headers

content-length: 574
date: Tue, 01 Mar 2022 20:07:24 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 0O9R_S9CF7Nzb27aRDezHubNALrzPDTHOT6CqrqZe3yoPjYQnC2cwQ==

GET
H/1.1 200
OK easyXDM.min.js Show response
t.e1e.io/ Frame 3B9B 20 KB
8 KB 667ms
157ms Script
application/x-javascript 64.19.224.210

General

Check archive.org

Show headers Download Go to

Full URL: https://t.e1e.io/easyXDM.min.js
Requested by: Host: connexity.net
URL: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default1031&xdm_p=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.19.224.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: fd15cf2495ff729dc0a57746488d7216668b18988e602a79bd14c4bef2bb2548

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connexity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:25 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"56f5c0bb-50bb"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 02 Mar 2022 20:07:25 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame C642 2 KB
1 KB 100ms
99ms Document
text/html 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1646165400000/kdy73m2n4mrd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d9eb312999bd404e2f08d1d0181f76d89b107e7066eeca64667e44ed712178af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 25 Feb 2022 17:24:59 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: flWmiApTiRw7GWkHxDz42eUeMPE7Y7O6
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 01 Mar 2022 20:07:25 GMT
cache-control: no-cache
etag: W/"dc4df856b101857b6a217ee12e411d23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 82P-n-PttWpSUV4Pn2cMrwMmerDoFl3ltZ70Y4CBF_IAQg5U9I2v6w==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 0879 2 KB
1 KB 286ms
285ms Document
text/html 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1646165400000/kdy73m2n4mrd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d9eb312999bd404e2f08d1d0181f76d89b107e7066eeca64667e44ed712178af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 25 Feb 2022 17:24:59 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: flWmiApTiRw7GWkHxDz42eUeMPE7Y7O6
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 01 Mar 2022 20:07:25 GMT
cache-control: no-cache
etag: W/"dc4df856b101857b6a217ee12e411d23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 6XibEsKWnvxCBAAxXjdhDFrt23TMQ7ccxrkugk3tbyxIHtO7hxcrEA==

GET
H/1.1 200
OK visitor Show response
abrtp2.marketo.com/gw1/rtp/api/v1_1/ 211 B
866 B 393ms
107ms XHR
application/json 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/rtp/api/v1_1/visitor?sid=commvault2-1646165243915-d4b2ff5b&aid=commvault2&1646165245663

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

6f24bfebce37ab422ae701560149f9fa5736f4c08a9d229e499011d1ee284b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Mar 2022 20:07:25 GMT
Content-Encoding: gzip
Last-Modified: Tue Mar 01 14:07:26 CST 2022
Server: Jetty(7.3.1.v20110307)
Strict-Transport-Security: max-age=63113904
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://metallic.io
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sgm Show response
abrtp2.marketo.com/gw1/ga/ 48 B
500 B 425ms
115ms XHR
text/json 192.28.155.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp2.marketo.com/gw1/ga/sgm?sid=commvault2-1646165243915-d4b2ff5b&1646165245665

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.155.3 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:26 GMT
Server: Jetty(7.3.1.v20110307)
Strict-Transport-Security: max-age=63113904
Content-Type: text/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Length: 48

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 2224 0
182 B 110ms
33ms Document
text/html 35.71.131.137

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=m7wnp3i&ref=https%3A%2F%2Fmetallic.io%2Fblog%2Fransomware-attacks-rising-cost%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Dransomware%26utm_content%3Dransomware-blog%26mkt_tok%3DMzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA&upid=17xtz0s&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://metallic.io/

Response headers

date: Tue, 01 Mar 2022 20:07:25 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK ad-retarget-cookie-check Show response
www.shopzilla.com/ Frame C7BA 82 B
360 B 272ms
271ms Script
text/javascript 192.138.218.136
SHOPZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shopzilla.com/ad-retarget-cookie-check?brand=shopzilla&callback=ConnexityOptOut.Shopzilla.optOutStatusHandler
Requested by: Host: s1.cnnx.io
URL: https://s1.cnnx.io/s2static/us/sz/926fb478/br2/js/daa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.138.218.136 , United States, ASN14332 (SHOPZILLA, US),
Reverse DNS: shopzilla.com
Software: nginx/1.20.1 /
Resource Hash: aae5ba09ab7a749876f90cb4b01ad7fbd575d434ae53c8bea1b1f374d14c96d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.shopzilla.com/ad_retarget_global_opt_out?isExternalOptOut=true&rd=https://preferences-mgr.truste.com&action_id=3&participant_id=611&token=820231515190043643
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 20:07:25 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
Content-Type: text/javascript;charset=utf-8
Transfer-Encoding: chunked
P3P: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"

GET
H/1.1 200
OK cse Show response
connexity.net/c/ Frame 3B9B 1 B
315 B 158ms
158ms XHR
text/html 64.19.224.207

General

Check archive.org

Show headers Download Go to

Full URL: https://connexity.net/c/cse?a=U
Requested by: Host: connexity.net
URL: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default1031&xdm_p=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.19.224.207 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default1031&xdm_p=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-CXT-NOOP-U: true

Response headers

Pragma: no-cache
Date: Tues, 01 Mar 2022 20:07:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, max-age=-1, post-check=0, pre-check=0
Connection: keep-alive
Expires: -1

POST
H/1.1 200
OK cse Show response
connexity.net/c/ Frame 3B9B 44 B
611 B 164ms
163ms XHR
image/gif 64.19.224.207

General

Check archive.org

Show headers Download Go to

Full URL: https://connexity.net/c/cse?a=L&R=1600x1200c24&T=44&P=t&U=0&Q=cook:n,h5:no,TS:(load:-58ms),(msg:recheck:0ms),(checkStatus:0ms),(noop-U:0ms),(Burl-L:161ms)
Requested by: Host: connexity.net
URL: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default1031&xdm_p=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.19.224.207 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 6d1743a4b9cd803083da5fd65626a4e92edebe73a40ee18f60276c96492b4afd

Request headers

Referer: https://connexity.net/c/cse?a=O&O=10&xdm_e=https%3A%2F%2Fwww.shopzilla.com&xdm_c=default1031&xdm_p=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tues, 01 Mar 2022 20:07:25 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="CAO PSA OUR CURa DEVa PSDo PSAo BUS COR UNI COM",an.pp="http://www.connexity.com/privacy",an.oo="http://www.connexity.com/privacy",an.bt="N"
Cache-Control: no-store, max-age=-1, post-check=0, pre-check=0
Content-Transfer-Encoding: binary
Connection: keep-alive
Content-Type: image/gif
Expires: -1

GET
H2 200 runtime~main.517c53cd.js Show response
js.driftt.com/core/assets/js/ Frame C642 6 KB
3 KB 8ms
7ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

998cd3cb10d4cc054aaf25824f3a9cf37526441124d9d98277937b76fb738604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:19 GMT
server: nginx
etag: W/"19002c68c29af3a15cd00d2060233d41"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hrmkgX4X4zC5lkp3VrxMghTwrOiI0L1v
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vSfk-Slez3oqMjjx7vEYtTIBrXd9b024Ia9mBTZApTaMrkal6bs2Jg==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 58 KB
20 KB 10ms
8ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 00:15:05 GMT
content-encoding: gzip
age: 3527540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: P_j_K9jDbxJyM90WDdS2X.rONeS2gHZN
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: itOVyczIltH-ODNa_09jQFtsqjRKAH-L-Glkce1ybyvkRBHTbJigjg==

GET
H2 200 main~493df0b3.91d188cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 6 KB
3 KB 10ms
9ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.91d188cd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:58 GMT
content-encoding: gzip
age: 3610287
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:35 GMT
server: nginx
etag: W/"364091b90499473799e7470f551ae597"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7uIUVQ4XUoQK29DMeEkAuhAtXXE3airq
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PHG0ad32PwkvRLBbh5Q2r2Ciu2ucrzzB91aHnSqfMi7M0bF-g46dQQ==

GET
H2 200 43.bf52ab96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 47 KB
14 KB 8ms
8ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4ab965f0d26a973cf1be72a39d537999"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SIJLtOk7PXIgJIf54NBJQngGjZ1AQW3g
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UmdhoPveA14zYd1S5SKHYVL3K7urkVCAinq4arFGsg8pUWlO7FaZcQ==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 44 KB
13 KB 10ms
9ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jwQre3sLXY1gwzFy7E86HTfmjCnMZ-Nn4nJF5HNT6dPVsI0xL2GjFg==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 25 KB
8 KB 11ms
10ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YAS1kIjvqdROtgNERRXOF5PSI8HwtdOVNO4npTEBpnETJqREQseVAw==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 16 KB
5 KB 11ms
10ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4853623
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hrKoDJr5w79ARs8CCqFTcilr1N8EFIv03By-HQ3lTHcdnzr-Lik_Zw==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 72 KB
22 KB 12ms
11ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:43 GMT
content-encoding: gzip
age: 4853622
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XMl1RR81FYtWZzDSKwKI9ukMePJxXBvhywIdgcMHiDVsggINBYgHiQ==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 16 KB
6 KB 13ms
12ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vaHAdJBxyx-0Q69VRxYJJ3jlvSj9tWkaxfYKM2QONdYmvxLWTkMSZw==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 59 KB
19 KB 15ms
13ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 5511262
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eVsfjSTUakfJD1COG925crOWprqF88bo15wzQdQhbZTcoh5kGpZhCw==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 91 KB
28 KB 17ms
16ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: deAZaSSAVAVWayv3UONqL7XeH2BfHprX872HxJ8ybL4FwEankd-Vmg==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 24 KB
7 KB 18ms
17ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 3610317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:33 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qO3a.NcOI1oBDRBABVLWfFTMfjEE__CA
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: C4_uJQ4valSndwKe0zXUUy5xWx7eq54LkCaAL42RXgBfYyD-noPAJw==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 62 KB
20 KB 20ms
18ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7SH6dFUZGp90d0j3ewiUrKfK9KvPszEVliF9ZwN2CCrz9Wq87raCFg==

GET
H2 200 41.ef07ba02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 105 KB
34 KB 21ms
20ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"da03c1012cb0aaeb2041fa677a272d14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PUE1ymtEnnJrnvHAGtNCk_LXWmQVmA51TiqUxosc1V4uLa0NHdiiAA==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 12 KB
4 KB 23ms
22ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 3610317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 123ec01tvkGnjrPsnvwWzlXkBB9QJfPb
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nRvhyr4hJ6oWWo64vjIFdyjQ7zgiZEDpBfaQlZZhHI-9ZytqhUcowg==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 12 KB
5 KB 23ms
22ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jNeVG9W__lOvPpK6kSaKwr7LS24tEksGxoZeh0d1K3ciLxGuwSbOLQ==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 17 KB
7 KB 24ms
23ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RotqAqYxAUdxO2xpfD9SaK67PSnSmEeHiBTY5UCl10wnVzrPLF3LhQ==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame C642 11 KB
3 KB 24ms
23ms Stylesheet
text/css 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GMcAQRTrDhAscRArhBskweNe6zq55Dvplqe6V-AvShHQk8as7loWbA==

GET
H2 200 8.14761f6a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 69 KB
22 KB 25ms
24ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.14761f6a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

67339ddd57bfadccc7db0301c04748abfd5fe9f6ea21b0b9afa5e03aeb080fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:18 GMT
server: nginx
etag: W/"d7e7ac040cc38a4014be2dac5911f809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1S_vUKzB1dNvDRU9IvHgH4WqU0q.qWdi
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fWk7AHSPLQy-Ao_Gcpwmns11z7S8E25d5U-GMQYemW2A_iFqWdrVrA==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame C642 24 B
668 B 25ms
25ms Stylesheet
text/css 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W3zL_OHSxGJvc8O-t_Jtck0yNSMWPZSYzSqNYEP4MNqSEr-H-wwJTg==

GET
H2 200 15.7662c098.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 75 KB
19 KB 26ms
26ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.7662c098.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1787cb259c57ce6cd27152c77d90363b2917ff8b5f34dd377f691042d787e408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"4cdfcf8a0153b5f113c1c52b9d1561e4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B_P689676Qm.H7C_2wNidWTRmsrF5U63
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ct_jFBZ_I9D9QBu4ibcNZLVW4lJfo4ZfXcuH9Q4L5hd4Gyo9FwZRWw==

GET
H2 200 22.668b8a5d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 47 KB
13 KB 28ms
27ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.668b8a5d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

6754bd59e77debd17bde0e93a50f3e0c70322c34fd3496dc3f19167db71d77d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"4aa1ed4965ed229dc887a387dbb0e750"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kk7pdJKMde0rW3fGmZfi6D0Xi5DBuQ1x
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PIAfAzXGDy7FRofAZs2BiNwWIub35KaHcwNoidL4wK1NYCZB5-gt-g==

GET
H2 200 13.c0ad52b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 41 KB
13 KB 29ms
29ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.c0ad52b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d0140fb02b20c12a1743ca95ef1e7afb7423bbb3b93ac32f3392d013b23664db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"8f231ce9b25513cb1a87fe2de43ea370"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zMcMlBp5vkU_F7nnrBOdt_lOKr9xUiq_
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6wqyyaDRVFFRbxVIAJlWdKDngOQpRw1P_F6FZS5hc2DGh5gaOeYguw==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 9 KB
3 KB 13ms
12ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4853623
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9V3GRCm7RcJ4-0A7TBhv1nS6nJGExvf8HPoZMZwJXcdI9vGhR1fOFg==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 33 KB
10 KB 14ms
13ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4853623
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LcjepTSdTIP3TYamt9S6TQ4IzFvRquuU
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fbbZw36FGV0pdTWs9_3vIYsWbHk_vg-J5mA6MUuqT-LfunsWVtd4mw==

GET
H2 200 25.49c6961c.chunk.css
js.driftt.com/core/assets/css/ Frame C642 8 KB
2 KB 14ms
13ms Stylesheet
text/css 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.49c6961c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4853623
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"f80cd64e339375567091159cb077b941"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bxrqjBCKX9ERzz7WjftbPaYdOBk8_KxN
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LobUj_kXW7hqfz5iWBddWirrTgXVImctqRERR0p-k1SIXiv9c38hdA==

GET
H2 200 25.2e3c0d77.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 12 KB
5 KB 14ms
14ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.2e3c0d77.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1a938735cf14d8329a7b1c12b0a4ed99c3d9f43aba11d1fc326cc5a3159250f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355346
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"ae2dc5d2abfa8c0d45e495347a15f6de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bi1OJyoFIiF9itfH_IKgFqEuho_2zhIU
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tGwf3xKdMPi6tYo2vSqifsZD6FZcIQINi5tOD9--iCPORFsnsVd6YA==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame C642 365 B
1007 B 16ms
15ms Stylesheet
text/css 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
age: 4853623
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eDSgTpssczGDn2812OLuvvF.eUpzKWka
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PtVKdrtE23JXOXXHOTKVKJHsNB25dKtg99bhd7Ofvhw0Xpp3W-_0AQ==

GET
H2 200 19.dbf97669.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C642 85 KB
24 KB 17ms
17ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.dbf97669.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

7fac9a43ab09cf21eafe26af20439d52313fa761cf6100c10ef950a6af22f7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=kdy73m2n4mrd&region=US&forceShow=false&skipCampaigns=false&sessionId=daca5703-d503-46ae-b0d0-13e0b0626e91&sessionStarted=1646165245.624&campaignRefreshToken=4e84c0db-105a-4865-a652-3b0e664f0e61&hideController=false&pageLoadStartTime=1646165241551&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"e5d01e169fc99a46f4cbb5ef34e481c4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1C7KEcTG69elg1eC9vdIkv1xid1OAtru
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wjOelfN2ztSqU6c6-ZyylW5I2nmcD3X1uBRY92qLnSoRq0XujAINUw==

GET
H2 200 runtime~main.517c53cd.js Show response
js.driftt.com/core/assets/js/ Frame 0879 6 KB
3 KB 14ms
11ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

998cd3cb10d4cc054aaf25824f3a9cf37526441124d9d98277937b76fb738604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:19 GMT
server: nginx
etag: W/"19002c68c29af3a15cd00d2060233d41"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hrmkgX4X4zC5lkp3VrxMghTwrOiI0L1v
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ktTfpN4UlY_HMa8sLezY0VnsyS-ggz83JG3Q-eSeagZIy3knGYjFUQ==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 58 KB
20 KB 15ms
13ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 00:15:05 GMT
content-encoding: gzip
age: 3527540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: P_j_K9jDbxJyM90WDdS2X.rONeS2gHZN
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TYMCV_q2jX0099mOHdhXgWP7_2j8CewB5q-9rMYR37T3XbrvJ9hr8w==

GET
H2 200 main~493df0b3.91d188cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 6 KB
3 KB 15ms
14ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.91d188cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:58 GMT
content-encoding: gzip
age: 3610287
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:35 GMT
server: nginx
etag: W/"364091b90499473799e7470f551ae597"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7uIUVQ4XUoQK29DMeEkAuhAtXXE3airq
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1sRXXqb47U2Hssi0SZXVobib21a_xrIGD9gQckNG84C-fsfBHhGM0w==

GET
H2 200 / Show response
preferences-mgr.truste.com/token/611/2/820231515190043643/ Frame C7BA 570 B
795 B 121ms
120ms Document
text/html 18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/611/2/820231515190043643/
Requested by: Host: s1.cnnx.io
URL: https://s1.cnnx.io/s2static/us/sz/926fb478/br2/js/daa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-49.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 8ee78ed9baf188f6badb30069d08e41af5c110d561b989dcb1b46b91561f8170

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.shopzilla.com/

Response headers

content-length: 570
date: Tue, 01 Mar 2022 20:07:26 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Iog-cTtYu4m6ZCsDGHHiXm7q9xaUhZc9o2cOWTAZPbQSj8WXHx5LqQ==

GET
H2 200 43.bf52ab96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 47 KB
14 KB 16ms
15ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4ab965f0d26a973cf1be72a39d537999"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SIJLtOk7PXIgJIf54NBJQngGjZ1AQW3g
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0lYs_NJzgxF7o8dEldUrgwIE_V23I2IUIGEF4gRwx8Ek71p4MPViHA==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 44 KB
13 KB 17ms
16ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qhcMZoOhehgao1SOhUKNCfHsZktq8Eut8MgOfeKhFcLiCTLecu7fKA==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 25 KB
8 KB 17ms
16ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1zowt9oNeB8-zJQefeAJCC5ksUint5EUy1cE-cqOF4CAk2TJ1hIxHQ==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 16 KB
5 KB 17ms
16ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4853623
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xAx5A0DNnIY7N4c8RF4ehbN3PZt97Vy6Y3P3VbRQZERsRF28iTbXZA==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 72 KB
22 KB 20ms
18ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:43 GMT
content-encoding: gzip
age: 4853622
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tcGswYvyaMom8_gYQMef81uwI79s-jeLPtkOEVo_2z2JTe3rqElX4g==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 16 KB
6 KB 21ms
19ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qCW3Qx1iEtW3B4VVsX1oZubrUjW4CZcsheJmhKH80mGn4L7aY7NoiA==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 59 KB
19 KB 23ms
21ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 5511262
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0WYvEmrjEGP5jobpKoVPb_yjgGBzMGrOSp9L-TDHL4HnB_yz8Ntg2w==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 91 KB
28 KB 24ms
22ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: R5420MMD9DouQq5Yr9NVu8ENS1znkdDuIojBlVpYeKHX3L510YapWg==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 24 KB
7 KB 27ms
25ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 3610317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:33 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qO3a.NcOI1oBDRBABVLWfFTMfjEE__CA
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v19WQrzDXBLaUe1v7I1qpg2f5pJRRdzHmoAEEknaCdyEE7D8nkAE2A==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 62 KB
20 KB 30ms
28ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853625
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EPkTlOTUGlSdkUB0rurpwvyIXMQZc4pk90hfAGXI0KGYh512Lv0idQ==

GET
H2 200 41.ef07ba02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 105 KB
34 KB 31ms
29ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853625
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"da03c1012cb0aaeb2041fa677a272d14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JxAF0H_JF12dD9vuySG7KyM5N2CrMmTDSTWHAC6Pa1EZlLoMLaFbGA==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 12 KB
4 KB 34ms
33ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 3610318
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 123ec01tvkGnjrPsnvwWzlXkBB9QJfPb
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -_PhYMSYo3vLDrDGQClcXCj1XEFyQQ9IrFQZ4TneoHQawxDeTu63LQ==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 12 KB
5 KB 35ms
33ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853625
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VpYU0A4LGW9ieQhfx2UZUvw615FPwf5bB6IrJvKE_seykhtEYNgq_A==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 17 KB
7 KB 35ms
34ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853625
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OoTeg_r1OftEFTYJwOEh_UOJ7Wcpi_RQkTWTR3IOuPw7n1HrJy2fHA==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 0879 11 KB
3 KB 35ms
34ms Stylesheet
text/css 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4853625
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: F-czqMqze7sjx9bDEygJJ8q9jHhpIVlSiXD4jPkTwoeehkPM834j_A==

GET
H2 200 8.14761f6a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 69 KB
22 KB 37ms
35ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.14761f6a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

67339ddd57bfadccc7db0301c04748abfd5fe9f6ea21b0b9afa5e03aeb080fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:18 GMT
server: nginx
etag: W/"d7e7ac040cc38a4014be2dac5911f809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1S_vUKzB1dNvDRU9IvHgH4WqU0q.qWdi
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pups3GSooznNxNI07fLTtX2pgQcvK2yM-cK2FKUYLtzpQ931Q-RKKQ==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 0879 24 B
665 B 36ms
34ms Stylesheet
text/css 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
age: 4853625
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xv2-6QB3IgcgLA9u2EXHy2rE5hVHfvkj38im1oTv71Z8Ef2WCTY_tg==

GET
H2 200 15.7662c098.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 75 KB
19 KB 38ms
37ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.7662c098.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1787cb259c57ce6cd27152c77d90363b2917ff8b5f34dd377f691042d787e408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"4cdfcf8a0153b5f113c1c52b9d1561e4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B_P689676Qm.H7C_2wNidWTRmsrF5U63
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PFvufyakAVTf_QnrBlStjtr3R-pQvNhY7lH_aV2CO8CXBsYBSl-ONQ==

GET
H2 200 22.668b8a5d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 47 KB
13 KB 40ms
39ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.668b8a5d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

6754bd59e77debd17bde0e93a50f3e0c70322c34fd3496dc3f19167db71d77d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"4aa1ed4965ed229dc887a387dbb0e750"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kk7pdJKMde0rW3fGmZfi6D0Xi5DBuQ1x
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SmqJVVFUoGGQrPm23viNH3U8pJ2vw3jBcQ4S1BXj7JlRwk6bfgq4PQ==

GET
H2 200 13.c0ad52b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 41 KB
13 KB 43ms
42ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.c0ad52b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d0140fb02b20c12a1743ca95ef1e7afb7423bbb3b93ac32f3392d013b23664db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"8f231ce9b25513cb1a87fe2de43ea370"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zMcMlBp5vkU_F7nnrBOdt_lOKr9xUiq_
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wc5Tez8yOABjBEU9J6R4JtOhNM-SyGn5la7oPVOhomUR-rbjFumnAg==

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 0879 3 KB
1 KB 8ms
8ms Stylesheet
text/css 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u5jls1rsjTMRW03RSXYJxMQTbD86EmFF
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: L5_ga_4G9f55xymATVSZf_15zZukgFjfrJdj6W6bTZLsuE8vU5tPVQ==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 3 KB
2 KB 9ms
8ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:05:36 GMT
content-encoding: gzip
age: 3456110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 18:53:54 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9pIhc0wyy2uFZp3UiIdf1ZYNnPQh9D45
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NXIy8ZtAOD_ScG2jmaGm7mYyeLDr3PkWqcRuYomqo2wH691-4-B4iw==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 9 KB
3 KB 13ms
12ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: A_M15Fehr3iPB10JI3imNBPxewM2vimGyFp-ZhJxZuZB_UpjlOeBBw==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 0879 7 KB
2 KB 13ms
12ms Stylesheet
text/css 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Y5MQMpfNZ9bYDeQmDMLbw0xNzGrQukfM
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4EqLx8dyk2fe5REIcsRtY1uG2KrRIEmCIEN0iHG19zOlXck7u7E78g==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 54 KB
16 KB 14ms
13ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4853624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dNyr.b_J6AuxSb56NRWJ3LKsWJ9BzeOS
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ywWs7SMUsJ3sLXu5YQZkJrknJAbNTrTyhxhUUtfF-kgXhPZw6H51ag==

GET
H2 200 1.e250bb71.chunk.css
js.driftt.com/core/assets/css/ Frame 0879 44 KB
7 KB 14ms
14ms Stylesheet
text/css 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e250bb71.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f9163f3372bf09f2bcb3c8fa8b218443c557dbb32c78a36ee9221ca5abf8b193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 2173946
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:27 GMT
server: nginx
etag: W/"2b7f0e5ff08649a2d71db9fdde0609ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: U0zOe09_ThzYcAoSvmLbLojXTsJVu6PB
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eFxwcEjm-93OCe_b-XQHWuY3Zkc2MAWvvSvouSP7h2EkZuPMGjSXLg==

GET
H2 200 1.19a2e22a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 71 KB
24 KB 15ms
15ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.19a2e22a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8d06b89fce1308b54fc204a2ea41e96ad6a034c075dbf396eea0611b71ffa7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:15 GMT
server: nginx
etag: W/"e1ca1e814dcbca2657c8795cba51dab9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: H3WkY2wyImzg96kEeVoZBSZ5Xs5uT9xg
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wSzVEaOOvlrelggIlCPPgCG6s6ZSLL-c2a-nnrKdYq7iQXW9hQ63_Q==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame 0879 12 KB
3 KB 16ms
16ms Stylesheet
text/css 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 2173946
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:27 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: e.sL0vOF62s4pyHwBuhbHf.Miph1ZlJo
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2OXnIcNTCnyXqmgz2tAR78ClUhZw-dTHLxub990-ZWnXBoFIOPaSUQ==

GET
H2 200 30.06ea9e6f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0879 12 KB
5 KB 17ms
16ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.06ea9e6f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

78913609a9836662923c497915aa1e3804160e068c21f01bb21e0a3d6582886e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646165241551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 355348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"9ad3e8e9ed7458e666e1cdccbf6fdfed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u1oYyEHPReh5D_oj3y6CAtENmhC681Wu
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _5YHdMhz0QbzXOwUcFVql4PEFV2SrqHLy3HHAlcDPSSD0sU0pYldQA==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame C642 25 B
123 B 110ms
110ms XHR
application/json 3.94.218.138

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Mar 2022 20:07:26 GMT
server: istio-envoy
requestid: 8e6f48799976230c
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 306ms
100ms Preflight
text/plain 3.94.218.138

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Mar 2022 20:07:26 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift727eca845ddabc848d179a529d9
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame C642 126 B
223 B 101ms
100ms XHR
application/json 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

708463bb01d928f56b90673b2b853b760090c19212815fe7badaa83d54649241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Mar 2022 20:07:26 GMT
server: istio-envoy
requestid: 1771a9ebf8a1df5f
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 126
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 313ms
102ms Preflight
text/plain 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Mar 2022 20:07:26 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftff72cb348869c4fa706c4cb0a97
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 kdy73m2n4mrd.json Show response
embeds.driftcdn.com/embeds/ Frame C642 26 KB
7 KB 419ms
400ms XHR
application/json 52.222.236.80

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/kdy73m2n4mrd.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.80 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03ef37008b3b9ba132b2aacbf05397f335870dc13b4d5a07e301a50fd3340716

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:27 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 01 Mar 2022 17:25:57 GMT
server: AmazonS3
etag: W/"68ee46d14750e4e9ecc2445348b26f60"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: 9V-_q5EHJo7G2F7s5Q9OEbRn2NzPyNWe54nGIFKF6KJUN95CHXDB0w==

POST
H2 204 collect Show response
l.clarity.ms/ 0
48 B 101ms
101ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: l.clarity.ms
URL: https://l.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://metallic.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://metallic.io
date: Tue, 01 Mar 2022 20:07:27 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame C642 25 B
88 B 110ms
110ms XHR
application/json 3.94.218.138

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Mar 2022 20:07:28 GMT
server: istio-envoy
requestid: b56423396e758697
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 99ms
98ms Preflight
text/plain 3.94.218.138

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 01 Mar 2022 20:07:28 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift09be93746fc841bfea80a42bb96
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tracking.intentsify.io/page-tracking/intentsify-metallic	1970-01-23 16:52:05	Name: userId Value: 451de46c-b2ec-42e9-8058-d9a2ed2ab363
.s.thebrighttag.com/api/privacy/3fLGmeU	1969-12-31 23:59:59	Name: btpstkn Value: -gdjsAvoZTSLo_Nxhn7LiAAAAX9HGDX0
.doubleclick.net/ads/preferences	1970-01-20 01:16:07	Name: pm_sess_2500685038 Value: ACi0TCigUX9PcdJpCD95zhFo7zmt-gBzJOtfHPpkzyEi70h2GshM0MI3w9ltOozuKmh3Wr-U1bZn
adssettings.google.com/ext/nai/	1969-12-31 23:59:59	Name: aboutads_sess-1384814699 Value: ACi0TCigUX9PcdJpCD95zhFo7zmt-gBzJOtfHPpkzyEi70h2GshM0MI3w9ltOozuKmh3Wr-U1bZn
adssettings.google.de/ext/nai/	1969-12-31 23:59:59	Name: aboutads_sess-1384814699 Value: ACi0TCigUX9PcdJpCD95zhFo7zmt-gBzJOtfHPpkzyEi70h2GshM0MI3w9ltOozuKmh3Wr-U1bZn
metallic.io/blog	1969-12-31 23:59:59	Name: Value: test
.metallic.io/blog	1970-01-20 01:17:31	Name: utm_campaign Value: ransomware
.metallic.io/blog	1970-01-20 01:17:31	Name: utm_source Value: marketo
.metallic.io/blog	1970-01-20 01:17:31	Name: utm_medium Value: email
.metallic.io/blog	1970-01-20 01:17:31	Name: utm_content Value: ransomware-blog
email.metallic.io/	1969-12-31 23:59:59	Name: BIGipServerab_mailtracking_80 Value: !U0XYyTfPruS41dXaQbCLRqc3TBcuiomhSGxF/GjwSkDfMhvKuPuA2SvEsPpWttBUI5no9veBs59iOhM=
.email.metallic.io/	1970-01-20 01:16:07	Name: __cf_bm Value: wqWjQDNE8tQdAq.sSGjn5GZGYgGXXSUfvNOZD0itNZU-1646165240-0-AcWrb+qs25jaYwOpOeeWJwjqDTz2RUO21jLPYe9Rz2RhXFN6Usq8E8se193sbTovRJqrvfgKvAPBQyhHobOBPNg=
.metallic.io/	1970-01-20 01:16:07	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://metallic.io/blog/ransomware-attacks-rising-cost?utm_source=marketo&utm_medium=email&utm_campaign=ransomware&utm_content=ransomware-blog&mkt_tok=MzY5LUhCQy0xNjUAAAGCvJwAcXRP6Pl3cljLG7sN_0a7R1OkqeVyT-_uScFcrjrIHg2uzuLRh0u5n3w5xUeP-dM_RtrP18fL8dRepGaNAQrk3AvtNWhfcgAvtyrcAA%22%2C%22sref%22:%22https://email.metallic.io/%22%2C%22sts%22:1646165241823%2C%22slts%22:0}
.metallic.io/	1970-01-20 10:45:29	Name: _parsely_visitor Value: {%22id%22:%22pid=c47b5a07e0878b85399a9e304cc953d7%22%2C%22session_count%22:1%2C%22last_session_ts%22:1646165241823}
.metallic.io/	1970-01-20 03:25:41	Name: _gcl_au Value: 1.1.385019888.1646165242
.bing.com/	1970-01-20 10:37:41	Name: MUID Value: 1ADA9A55BC416CA401C58B0FBD2A6DA6
.metallic.io/	1970-01-20 01:17:31	Name: _uetsid Value: 3488ae30999b11ecaee535d4231a2857
.metallic.io/	1970-01-20 10:37:41	Name: _uetvid Value: 3488cc40999b11ec82fc975e0e116995
.metallic.io/	1970-01-20 03:25:41	Name: _fbp Value: fb.1.1646165242324.1291325842
.metallic.io/	1970-01-20 18:47:17	Name: _mkto_trk Value: id:369-HBC-165&token:_mch-metallic.io-1646165242358-46294
.techtarget.com/	1970-01-20 01:16:07	Name: __cf_bm Value: NBXgWh1rJQR.P29CNS_juPVM3IFa06EexRH1E934eRw-1646165242-0-Af6enF8vrhp6so3pnG+8Jg/sYciUe/fb17M8gH9fX2YmabIlKk8QjHdS4Xmwbme+THE57jFAqe9O1qwyyblbZ5Y=
www.clarity.ms/	1970-01-20 10:01:41	Name: CLID Value: e012eff9b32b49dba4f409ec77d56dcc.20220301.20230301
tracking.g2crowd.com/	1970-01-20 01:36:14	Name: _session_id Value: 3fb9740bef8e55b56174a9bc9a736129
.g2crowd.com/	1970-01-20 01:16:07	Name: __cf_bm Value: LBdhnjJ4PPYhWaqLdilEKduK.e8Z9O3BmM3Iy6DsL2E-1646165242-0-AY650uzynhYu+ksxrpbuSwWdokeLnwdPC+kIhlTYCqLHp3SGh1EvhgOO0NcnBQ14i7rPr0Tp4ADQ2qsPBlCds/4=
.metallic.io/	1970-01-20 18:47:17	Name: _ga Value: GA1.2.312196339.1646165243
.metallic.io/	1970-01-20 01:17:31	Name: _gid Value: GA1.2.1535750320.1646165243
.metallic.io/	1970-01-20 01:16:05	Name: _gat_UA-2378635-24 Value: 1
.twitter.com/	1970-01-20 18:47:17	Name: personalization_id Value: "v1_mF2cvI2fnZ0d6c0apMV98g=="
.doubleclick.net/	1970-01-20 01:16:06	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-20 01:59:17	Name: UserMatchHistory Value: AQJTJyPirk20oAAAAX9HGDLmiohFvE-51VWGxWANtlvFhbb9E78tFV-06lnohy6qYa2eDtfW2F-QKQ
.linkedin.com/	1970-01-20 01:59:17	Name: AnalyticsSyncHistory Value: AQJZJtgGodhGTQAAAX9HGDLmop55JX0gIddFeoCQ_gRceu_qzolTBkRaWUMBTCGS1Nv7g7msVPmFUbUojnuBkQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:47:59	Name: bcookie Value: "v=2&18484166-36ee-4f82-85cf-db80a998e3fc"
.linkedin.com/	1970-01-20 01:17:31	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2288:u=1:x=1:i=1646165242:t=1646251642:v=2:sig=AQFH02CstzM7mhDF9DmDroZ2gCN60m4Z"
.t.co/	1970-01-20 18:47:17	Name: muc_ads Value: e2b8cf24-0534-450c-b395-d0971030a767
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:47:59	Name: bscookie Value: "v=1&202203012007220fecf410-b27d-4567-84f5-4961719b2f33AQE_O2R78x53ssaMH8R97wsWJ3Hxt2Fu"
.linkedin.com/	1970-01-20 18:38:45	Name: li_gc Value: MTswOzE2NDYxNjUyNDI7MjswMjEQeM3YUcQc6fUkUqodheKEcTJrVDdRK7jgx8Y26F17yg==
.c.bing.com/	1970-01-20 10:37:41	Name: SRM_B Value: 1ADA9A55BC416CA401C58B0FBD2A6DA6
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:37:41	Name: MUID Value: 1ADA9A55BC416CA401C58B0FBD2A6DA6
.c.clarity.ms/	1970-01-20 01:16:05	Name: ANONCHK Value: 0
.metallic.io/	1970-01-20 10:01:41	Name: _ce.s Value: v11.rlc~1646165242929
.metallic.io/	1970-01-20 10:01:41	Name: _clck Value: 1vtckz9\|1\|eze\|0
apt.techtarget.com/	1969-12-31 23:59:59	Name: TS01fac3f6 Value: 012c66465958c0f4d7876a113e3f2a256e99cc2a890e91c82ba84926c2136571e95f07a9bdc3b351438c32de4fb8f101b42cd6d914
prefmgr-cookie.truste-svc.net/	1970-01-20 01:16:05	Name: cookie_3rdparty Value: enabled
.metallic.io/	1970-01-20 01:17:31	Name: _clsk Value: mnotv2\|1646165243335\|1\|1\|l.clarity.ms/collect
.rubiconproject.com/	1970-01-20 01:16:08	Name: 84wB7bA0hz Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5G Value: s578\|Yh58/
.google.com/	1970-01-20 05:39:36	Name: NID Value: 511=rw2zuV8hQ5NMIJOxJa5bOByVP-jBoghx6nPygPCuANmE_z8jb47-_NKXc9w7QPXCNlwTmWORVhmZul8lBoOASQOFFF_xjUZHwwqfMfBIdTSRlRyQU1gSuq2fHYzQKi2xeSyLmwnZ5TWBIaCRvc4csbMj8GWIzvTVWQk1uj_otVw
consent-pref.trustarc.com/	1970-01-20 01:16:05	Name: token_test Value: Tue Mar 01 2022 20:07:23 GMT+0000 (GMT)
.postrelease.com/	1970-01-21 21:05:31	Name: opt_out Value: 1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 4e5afae9cabed283
.google.de/	1970-01-20 05:39:36	Name: NID Value: 511=cWAX1d6w7lZGv-ZAZ_TgjRXYlJfZPV5kvLvJi7iwEfi1SOwcKB5_Ems-mcDcc1_fzJ9URmrP7kMoBX8p3ZpRrzQkv_OxeBiaToGyybAOMa50IMuxgHpuCjNV5daiyTJTQrLRSwWWT7PbQZDyBMUM8aQjMZYjFz-DQDbVG6mdbAA
.shopzilla.com/	1970-01-20 01:16:08	Name: opt_out_token Value: 820231515190043643
.metallic.io/	1970-01-20 18:47:17	Name: trwv.uid Value: commvault2-1646165243914-5f06ed28%3A1
.metallic.io/	1970-01-20 01:16:07	Name: trwsa.sid Value: commvault2-1646165243915-d4b2ff5b%3A1
apps.pubmatic.com/	1970-01-20 01:16:08	Name: pub_coop_token Value: TpYlrYqu6UF2hBAN1dsl4VMrUlnQBSNFrkh8
.amgdgt.com/	1969-12-31 23:59:59	Name: OO-ST-2410551700550057984 Value: t
.amgdgt.com/	1969-12-31 23:59:59	Name: OO-ST-7918982912802816 Value: nt
.amgdgt.com/	1969-12-31 23:59:59	Name: OO-ST--3121838966697885696 Value: nt

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css2?family=Work+Sans%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3A0%2C700%3B1%2C400%3B1%2C500%3B1%2C600%3A1%2C700&display=swap&ver=0.1.4 Message: Failed to load resource: the server responded with a status of 400 ()
security	warning	URL: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/ Message: Mixed Content: The page at 'https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/' was loaded over HTTPS, but requested an insecure element 'http://consent.trustarc.com/get?name=commvault_logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/ Message: Mixed Content: The page at 'https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/' was loaded over HTTPS, but requested an insecure element 'http://consent.trustarc.com/get?name=commvault_logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/ Message: Mixed Content: The page at 'https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/' was loaded over HTTPS, but requested an insecure element 'http://consent.trustarc.com/get?name=commvault_logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/ Message: Mixed Content: The page at 'https://consent-pref.trustarc.com/?layout=gdpr&type=commvaultgdpr2&site=commvault.com&action=notice&country=de&locale=de&behavior=expressed&irm=undefined&from=https://consent.trustarc.com/' was loaded over HTTPS, but requested an insecure element 'http://consent.trustarc.com/get?name=commvault_logo_new.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

369-hbc-165.mktoresp.com
abrtp2-cdn.marketo.com
abrtp2.marketo.com
ad.amgdgt.com
ad.wsod.com
adssettings.google.com
adssettings.google.de
analytics.twitter.com
ap.lijit.com
apps.pubmatic.com
apt.techtarget.com
assets-tracking.crazyegg.com
assets.ubembed.com
bat.bing.com
bddbeb1bec394be790c50af5e47b2319.js.ubembed.com
bh.contextweb.com
bootstrap.api.drift.com
c.bing.com
c.clarity.ms
casalemedia.com
cdn.amgdgt.com
cdn.parsely.com
cdn.pubmatic.com
connect.facebook.net
connexity.net
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
email.metallic.io
embeds.driftcdn.com
fonts.googleapis.com
fonts.gstatic.com
go.sonobi.com
googleads.g.doubleclick.net
i.w55c.net
ingest.tidaltv.com
insight.adsrvr.org
jadserve.postrelease.com
js.adsrvr.org
js.driftt.com
l.clarity.ms
metallic.io
metrics.api.drift.com
ml314.com
munchkin.marketo.net
my.ipredictive.com
optout.bigsea.weborama.com
optout.prod.bidr.io
p1.parsely.com
pagestates-tracking.crazyegg.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
preferences-mgr.truste.com
prefmgr-cookie.truste-svc.net
privacy.tapad.com
px.ads.linkedin.com
px.owneriq.net
px4.ads.linkedin.com
r.turn.com
rtp-static.marketo.com
s.thebrighttag.com
s1.cnnx.io
script.crazyegg.com
segments.company-target.com
snap.licdn.com
stags.bluekai.com
static.ads-twitter.com
stats.g.doubleclick.net
stats.wp.com
t.co
t.e1e.io
tags.bkrtx.com
tracking.crazyegg.com
tracking.g2crowd.com
tracking.intentsify.io
trk.techtarget.com
u.openx.net
www.clarity.ms
www.demdex.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.mathtag.com
www.shopzilla.com
104.111.216.226
104.111.228.137
104.111.234.67
104.111.242.53
104.17.70.206
104.244.42.3
104.244.42.5
104.36.113.45
104.92.72.137
107.178.246.49
108.138.17.51
108.157.1.118
13.107.42.14
13.224.241.113
13.224.241.39
142.250.185.194
151.101.193.131
170.76.128.226
178.162.133.148
18.66.100.58
18.66.112.55
18.66.122.97
18.66.248.49
192.0.76.3
192.138.218.136
192.28.144.124
192.28.155.3
198.148.27.139
199.232.136.157
2.18.233.180
2.18.233.201
20.120.65.166
2001:678:cb4:bbbb::11
206.19.49.24
209.234.224.22
216.52.2.19
2600:9000:2261:4000:10:8317:ee40:93a1
2606:4700::6812:1bbe
2606:4700::6812:5c
2606:4700::6813:9308
2620:116:800d:21:3175:5196:e3fd:8c1d
2620:1ec:22::14
2620:1ec:27::cafe:1835
2620:1ec:c11::200
2a00:1450:4001:803::200e
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9b
2a00:1450:400e:80e::200e
2a02:26f0:11a::6867:4868
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:fa87:fffd::c000:4280
2a05:d018:24:b002:5c97:83c8:403c:77a7
3.94.218.138
34.195.72.147
34.231.120.176
34.241.131.177
34.255.166.68
34.98.64.218
35.156.243.46
35.71.131.137
52.0.128.82
52.142.114.2
52.19.97.175
52.208.115.171
52.222.214.106
52.222.236.115
52.222.236.80
52.222.236.81
52.222.236.90
52.49.222.19
52.52.72.28
52.6.122.118
54.144.144.142
54.147.21.139
54.228.243.156
64.19.224.207
64.19.224.210
69.173.144.139
74.121.140.207
0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482
03ef37008b3b9ba132b2aacbf05397f335870dc13b4d5a07e301a50fd3340716
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
06cca6b11f5b8e2613ec81274222cc899d30bd7a5eae4196e0baf836eb7cdd64
07d690690dde4561bf3e3ebfebb5db460beb6c061456091b2b170c04fd0e5dc0
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13b64eac810929d5c8a140f9a28ebec23c9b985399aa87e63789e68978751d0c
13f5ddb50d8506f227f9ed4039d935ccbea8390f52b946c11de4f73a7dabbcc2
160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22
164eadf61091beb5ac1acb6f54f317cd64e4385df4d341a8ace9ba47bfbffa3e
1787cb259c57ce6cd27152c77d90363b2917ff8b5f34dd377f691042d787e408
17f48a4197f2c7e1e809378704ccc4e736a4cc079db4aba670c4eb7f800fd4f6
1a938735cf14d8329a7b1c12b0a4ed99c3d9f43aba11d1fc326cc5a3159250f0
1c2fc44f519bfa5633f0fa123d03a9c6f7ce40053e07c598a6f580c59d9cab2c
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63
1e90ae9c24c586e1b37a2073ad5c6ebda82e99b15622c9db9b9e8ea05b5b35dd
1fb5d016c1440b2d0c44476f90ce1378a3558595f6d8694c79331ebaa36ed3e0
1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5
211cdb17e82d28b69ab2dd8b56d500e8a080a182e87baad4b3c02a3cc8d282b6
21e62fb9db555c21dc1309cf2631d6ec4f6da042596e309cb269ddb28b207019
244c6dae6dcb45d4f8890326398b2e39628b713f4f37f327a492b5b163083d72
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2a2f4a9bc789be30ec09086ae27f1a3a84948889dd616a11636b9d17bdbd311d
2a63edaf9a7f51bd8a298667502a2ea6175a8f5fe6287f25242a1e526e6e2a30
2b55e624656d93b66a9919eb92450179d6fed8bef251f336c0b455718edcdcf6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ef794e6984277c05c475b8eef5d63fefef122b5277c4ae2a642d1be51061a58
2fc144fae13962c0d391f4a75a0ec528c0aadd48b23acfdb0f296ffd7d339adc
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
36a812e3009bc06685082e8b416e86c3998ba3a177fa6a325c3d202544f5d72c
3cd6119e76764c2fbc4c7a979f8c22754bf6abd76a635bb0554ce18f838c60d7
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
3d93bd0db1f3585a348a2f4df172df589bb16acd40c1b281048b96186299b6ea
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3e1ca6168f1ea6489f18ee9a1fdcde8be68c58db2c06b18582f67a60885b08f4
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
41b3ac7ddaa35b0fc1ba106e515c24f0fb69e456be8b61288ce0f3aaaf05153f
4304d53980a45418be2c4d7806b889b1d17e8d18410e631a2817e71175a75187
430e5c879eb2df80ea2af3692fb5cea44263b12965789bb1f09d38016ccc570c
432eb284b6d21a8de3c3af862765c3d95a90f6a0735250bde9e4e38727a8d826
4338c5b21944c615462e28b5acb94792ee22d5a69a743b6d4894f98f3300fcca
49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
51033ca959567bd01090659e6af136f40e5a0d8965069a47c1e30455cac9e759
52bdb3604507e2cd379a5d6747acbac4c6ddf8a5818946a5d0c4e21a3e362086
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
549daa3ce91e66784ded8205147e4a1b6a067e9cba60ea28688008aba4b492b3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b
5e466990af9258cc57867c013d198f0b23b8c351c804e9bb83b997221ad80ab4
5e6c049ade0de68b7a3a2b859bb80d8ec08b6afc06d277db6d3725adb0d86015
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
64e7f223aa27af5611afe45e200eb2efad20383f6979d2ac051512b06a4ec956
66c6c41f725bfe1f74a06f73cad51eaab03d48aae8ff2b35cf5d077c804f97e1
67175599b4bdf8d3df9fa17e11d12ea2396ad2f6997a70b44e701966b930ec8f
67339ddd57bfadccc7db0301c04748abfd5fe9f6ea21b0b9afa5e03aeb080fe6
6754bd59e77debd17bde0e93a50f3e0c70322c34fd3496dc3f19167db71d77d8
689f4dd61366a881d6a75acc4c31898ef6a848977c3de9a66f4b22652a779787
6957b64b02efebbf48a55597d6e175b1ec552822345654e7c1e0ed0c53632898
6a20c9e4c7d18411043e1ccb7e9dd55a9722692c92d3af3382d77f76b2debb22
6d1743a4b9cd803083da5fd65626a4e92edebe73a40ee18f60276c96492b4afd
6e60407537ae8be31f1c4776a6e6ff512a603ef7a1fabc8f6386ff2410b16d31
6f24bfebce37ab422ae701560149f9fa5736f4c08a9d229e499011d1ee284b77
708463bb01d928f56b90673b2b853b760090c19212815fe7badaa83d54649241
70dcce07bdeb90146081aca50ece25831a6345eebca1b7a71ada3413dfbc357d
75b9505ae007f8cc3bc1c5858b2010548ad36d39f1720b71be444a6238b4b8ba
76ae13d2e5266dc043603e2a81b889759d5b48e61913abf6ec6a118cc3d55e78
78913609a9836662923c497915aa1e3804160e068c21f01bb21e0a3d6582886e
7fac9a43ab09cf21eafe26af20439d52313fa761cf6100c10ef950a6af22f7d4
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
862dc87fba8cf3233eedca7a7b8a3f4a99659743c06233a59193251e0cc63887
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
892af2ba7758cbe009692eb0bc3e5a3b0fa5a15925d309a0d1fca2c229934982
8b88a848cf931c68500df112efc770e08ead3fdaf4d3ee96afdba0fcf5561f1f
8d06b89fce1308b54fc204a2ea41e96ad6a034c075dbf396eea0611b71ffa7a6
8db76846bf1112adc5bc91ee3b0f712074188fba3b352c6840a814dacb764632
8edf4afffb3c82dacbc2d3b56f77e65a90087b26da334c29665eb02cc1f55351
8ee78ed9baf188f6badb30069d08e41af5c110d561b989dcb1b46b91561f8170
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
9025e2e8677e23a2e96d1bcb56c0255b871b08a38ecd9bc4510ef9bba9862600
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
9415aed8f0e38bf3551ce1efb7edb139cd16d0879ae09a24a92e0a10b01c7052
95040fb29c0629dbffdc65884db8cd02a8a4b772c8f74c6bfc624f427693feda
952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303
956f75fd3592d8f5bfbaca1aa6786d7eaae837403ba554b90bfe0b5ae659cb72
9821ab0c2c0ec5b01063600d74683297ce2374c280142908a947ae553b60a027
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
995dfb0c839090c9461662fca31b3d886f80dd9e881db8ea224374866eade55f
998cd3cb10d4cc054aaf25824f3a9cf37526441124d9d98277937b76fb738604
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a3c21adcda47f45159ca41568e9d8dac293603fc2e1be37638b6b442c84ec912
a4bd67d4fc98e5ba558294a54286278118dc955d774209e4a45bf8024e52ce4f
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
a8331de9ccde3bf73eeba74be1c2a1941d4863960dc68f8972c6bdf3133f5d7c
a84d6b5a26df2f5550f066a6f55ffda41c871a58132a2e639c296631e687f59d
aadb42a6b797ccc99cc7c5fd3bdba909ded7f91efced3d3310371b3607aeb479
aae5ba09ab7a749876f90cb4b01ad7fbd575d434ae53c8bea1b1f374d14c96d7
ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac8cd2296fbd4fe0dd300fd6d1cf0e08192bc5ec440c3273645c7bf42d7fc286
ae0f7150c7e66afac49f64b4c5e1be6e19ba47d4ec06468d80a35277dc770ebc
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b2cd26689e68284c24b3a000cabc1878242f950fe85c55ab5ac7385fc12586e5
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b413a73fdf00988d82df4d60171eebfd3854cd7cb3fd975befd39ef1448c3fc0
b62c80a53749bed7d1e8d6a4798f744e4701e66c8383e301621ad8839b24b09c
b71eff512a63c76099be52a83aaafe7bbf175d65d4bd1bebea9f4d9b2f43fb70
b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838
bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d
bef01773c378482c62f5ce6db2ddfc11137ec90d4b4b563a1724302c08e08edd
bfcec94789c0f9f5d4a83415bb9aa81b26799c5dd089a06eb976e03087ed7a87
c0ceb762aaf12dd39c504c27dc678ff8d7e8b093e0a432578d0cf55a83a8f367
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c868eb0300543d253fcc83d604c6e1b6425937bb7ebf47bc1217fd7abdef9d8a
cd5489dc88fd8e9e9ea9cacf8077f8b20446d10fab97186491fe62079051a10d
ce97b5b05596e26c4672e413305c7397187fc58c149f50d4eb3da6fe655c0919
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf71007b8b662a1db0af2b052e696f7a1287240c3f8a88b63fca6da8a08a3909
d0140fb02b20c12a1743ca95ef1e7afb7423bbb3b93ac32f3392d013b23664db
d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4
d8acea20201f88e86ac080f7fcb7f2badecd9e20a16c507b9fe7e83733e6b055
d934a4ba4a03db8be0212417bbb1d6f781b95d6e61869124d7fcc7ca1c6a5b6f
d9802af64401b98446e9674c0f11b5944c2eeb0d513bf444679e7707114286ae
d9eb312999bd404e2f08d1d0181f76d89b107e7066eeca64667e44ed712178af
db1f89ccfbe08e886bee02b177d3b16bd48807945d3cbf2747db5588e4c90691
dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd91fb71b767534befd0b8ee1edd5f4eba3241eddbbf2efb17d8b223892160
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e5619aaf257ee765441b7753027d8cb985a258ddf78c1c855a8176f6a80ce8d9
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0
eb179929559d1c782a136ac57fc47905b297c9e68b98365374ac278319745ea8
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
edb378ec33f8cd7235d0d1451912782c10e64b73851b8005987dfbb2b24b0a1e
ee36bcd9c1f0f09104c4dd365ac7253c0cdfe56e7133b9e829a7d5bde0fdd679
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
ee8d5d161bcef2070811164968a2aff65f5523103c80cc1415e0e27b38f9d2cd
eed045818a8dff66812ca9202c882114e1fa34d6e2b738f474f3d4df7219399b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
efe869dead55b972b6b62b5914777f1c7c313f32afd4753bfce30ad4b2a85a8c
efec5394dfd449bbe933fad5abd3dc6991d17596494f4cd12990a8e35b33e3f9
f140c4cd7825b747d157f267381a775239cb0e5c709f3d45fc39377bf2254043
f188e298b56dfe3917c25c541c55281dff71054d14d6c19ab1e1a899274713e5
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
f6f2c33d85808631654396754b400d30704503bbbea66d719fb624f222798ed6
f7bd84ecd395344c15bcd1274e5fd10c3749c976ed8cde0e31255c79ee843362
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f9163f3372bf09f2bcb3c8fa8b218443c557dbb32c78a36ee9221ca5abf8b193
fd15cf2495ff729dc0a57746488d7216668b18988e602a79bd14c4bef2bb2548
fe2d26d250a44b30fcc9fe96ace1adcb8e473d0464daab91012aa1921af91959
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

metallic.io Open in urlscan Pro 2a04:fa87:fffd::c000:4280 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

234 Requests

97 %HTTPS

28 %IPv6

65 Domains

90 Subdomains

63 IPs

9 Countries

5198 kBTransfer

9391 kBSize

61 Cookies

19 Outgoing links

Page URL History

Redirected requests

234 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

metallic.io Open in urlscan Pro
2a04:fa87:fffd::c000:4280 Public Scan

Screenshot
Live screenshot

Full Image

234
Requests

97 %
HTTPS

28 %
IPv6

65
Domains

90
Subdomains

63
IPs

9
Countries

5198 kB
Transfer

9391 kB
Size

61
Cookies

234 HTTP transactions
4 data transactions