www.randori.com Open in urlscan Pro
35.225.197.149 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.randori.com/blog/cve-2021-44228/
Submission: On December 27 via api (December 27th 2021, 5:39:19 am UTC) from IN — Scanned from DE

Summary HTTP 192 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 43 IPs in 4 countries across 32 domains to perform 192 HTTP transactions. The main IP is 35.225.197.149, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.randori.com.
TLS certificate: Issued by R3 on December 8th 2021. Valid for: 3 months.

This is the only time www.randori.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
57	35.225.197.149 35.225.197.149	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:b649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
62	143.204.98.49 143.204.98.49	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:e800:1f:f723:6fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5805	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.20.96.200 52.20.96.200	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7fab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.98.82 143.204.98.82	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:27::... 2620:1ec:27::cafe:2193	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.98.44 143.204.98.44	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.98.39 143.204.98.39	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	143.204.98.102 143.204.98.102	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	99.81.27.250 99.81.27.250	16509 (AMAZON-02) (AMAZON-02)
3	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.21.178.134 52.21.178.134	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
2	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.40 143.204.98.40	16509 (AMAZON-02) (AMAZON-02)
192	43

57 35.225.197.149 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 149.197.225.35.bc.googleusercontent.com

www.randori.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 143.204.98.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-49.fra50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e800:1f:f723:6fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.96.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-96-200.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:2193 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-44.fra50.r.cloudfront.net

tr.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.27.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-27-250.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.178.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-2-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-40.fra50.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	driftt.com js.driftt.com	743 KB
57	randori.com www.randori.com	980 KB
7	clarity.ms 1 redirects www.clarity.ms f.clarity.ms c.clarity.ms	25 KB
6	drift.com metrics.api.drift.com bootstrap.api.drift.com	434 B
5	gstatic.com fonts.gstatic.com	81 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	64 KB
4	bing.com 1 redirects bat.bing.com c.bing.com	12 KB
4	google-analytics.com www.google-analytics.com	55 KB
4	typekit.net p.typekit.net use.typekit.net	76 KB
3	google.co.uk www.google.co.uk	674 B
3	google.com www.google.com	674 B
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
3	hubspot.com forms.hubspot.com track.hubspot.com	3 KB
3	hs-banner.com js.hs-banner.com	16 KB
3	hsforms.com forms.hsforms.com	2 KB
2	pardot.com pi.pardot.com	3 KB
2	facebook.com www.facebook.com	313 B
2	facebook.net connect.facebook.net	113 KB
2	lfeeder.com sc.lfeeder.com tr.lfeeder.com	9 KB
2	hsforms.net js.hsforms.net	152 KB
2	googletagmanager.com www.googletagmanager.com	103 KB
1	driftcdn.com embeds.driftcdn.com	5 KB
1	zoominfo.com ws.zoominfo.com	478 B
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	hscollectedforms.net js.hscollectedforms.net	26 KB
1	hsleadflows.net js.hsleadflows.net	87 KB
1	lltrck.com lltrck.com
1	googleapis.com fonts.googleapis.com	2 KB
192	32

	Domain	Requested by
62	js.driftt.com	www.randori.com js.driftt.com
57	www.randori.com	www.randori.com
5	fonts.gstatic.com	fonts.googleapis.com
4	metrics.api.drift.com	js.driftt.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	f.clarity.ms	www.clarity.ms f.clarity.ms
3	www.google.co.uk	www.randori.com
3	www.google.com	www.randori.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.randori.com
3	js.hs-banner.com	www.randori.com js.hs-banner.com
3	forms.hsforms.com	js.hsforms.net www.randori.com
3	use.typekit.net	www.randori.com
2	bootstrap.api.drift.com	js.driftt.com
2	track.hubspot.com
2	pi.pardot.com	www.randori.com pi.pardot.com
2	c.clarity.ms	1 redirects www.randori.com
2	www.facebook.com	www.randori.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	px.ads.linkedin.com	2 redirects
2	www.clarity.ms	www.randori.com
2	connect.facebook.net	www.randori.com connect.facebook.net
2	js.hsforms.net	www.randori.com
2	www.googletagmanager.com	www.randori.com
1	embeds.driftcdn.com	js.driftt.com
1	c.bing.com	1 redirects
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	px4.ads.linkedin.com	www.randori.com
1	www.linkedin.com	1 redirects
1	forms.hubspot.com	js.hscollectedforms.net
1	tr.lfeeder.com	www.randori.com
1	ws.zoominfo.com	www.randori.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.hsadspixel.net	www.randori.com
1	js.hs-analytics.net	www.randori.com
1	js.hscollectedforms.net	www.randori.com
1	js.hsleadflows.net	www.randori.com
1	lltrck.com	www.randori.com
1	sc.lfeeder.com	www.randori.com
1	p.typekit.net	www.randori.com
1	fonts.googleapis.com	www.randori.com
192	45

This site contains links to these domains. Also see Links.

Domain
info.randori.com
logging.apache.org
github.com
slf4j.org
access.redhat.com
twitter.com
www.fastly.com
news.ycombinator.com
www.vmware.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.randori.com R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-12-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.lfeeder.com Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
lltrck.com Go Daddy Secure Certificate Authority - G2	`2021-07-25` - `2022-08-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-05` - `2022-01-03`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.randori.com/blog/cve-2021-44228/
Frame ID: 799DD858BE326D692736EBA1B748F139
Requests: 125 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 9A2FDC6AA3245A5C69ABC356849C723D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 972C15CDE8AC2ED3BBF4EB3B5B877B22
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
Frame ID: D2990373EB1CE5517541C6608FAF80F1
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
Frame ID: 1269DBD3B674BAA1749009C049FE768D
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CVE-2021-44228 - Log4j 2 Vulnerability Analysis - Randori Attack Team

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets
<link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

192
Requests

99 %
HTTPS

63 %
IPv6

32
Domains

45
Subdomains

43
IPs

4
Countries

2601 kB
Transfer

7601 kB
Size

35
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://info.randori.com/log4j-log4shell-greynoise-recorded
Title: Webinar: Log4Shell Deepdive w/ Randori & Greynoise

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/2.x/
Title: Apache Log4j 2

Search URL Search Domain Scan URL

URL: https://github.com/apache/logging-log4j2/pull/608
Title: GitHub

Search URL Search Domain Scan URL

URL: https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126
Title: GitHub

Search URL Search Domain Scan URL

URL: http://slf4j.org/log4shell.html
Title: Original Post

Search URL Search Domain Scan URL

URL: https://access.redhat.com/security/cve/CVE-2021-4104
Title: CVE-2021-4101

Search URL Search Domain Scan URL

URL: https://twitter.com/randoriattack
Title: Randori Attack Team

Search URL Search Domain Scan URL

URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Title: Fastly

Search URL Search Domain Scan URL

URL: https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes
Title: https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/2.x/security.html
Title: https://logging.apache.org/log4j/2.x/security.html

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/item?id=29504755
Title: https://news.ycombinator.com/item?id=29504755

Search URL Search Domain Scan URL

URL: https://www.vmware.com/security/advisories/VMSA-2021-0028.html
Title: https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Search URL Search Domain Scan URL

URL: https://twitter.com/randorisecurity?lang=en
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/randorisecurity
Title: Linkedin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=539946&time=1640583554101&url=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D539946%26time%3D1640583554101%26url%3Dhttps%253A%252F%252Fwww.randori.com%252Fblog%252Fcve-2021-44228%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=539946&time=1640583554101&url=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=539946&time=1640583554101&url=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&liSync=true&e_ipv6=AQKB7AMex9P9NgAAAX36ZmagAG-gO9DC4nqsroN7KvQwmMfctIFIsElAZvSfeLlidWrOgCHDFQ

Request Chain 116

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=2EEC250F9B0F44C9B9BC878894870CFB&RedC=c.clarity.ms&MXFR=1042983E97156E733195892493156099 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=2EEC250F9B0F44C9B9BC878894870CFB&MUID=12CB341674DB689308C2250C75096900

192 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.randori.com/blog/cve-2021-44228/ 153 KB
29 KB 492ms
136ms Document
text/html 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

149.197.225.35.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

6303e6dda00ec77ec95f475bf248f9c30ba3dad07d31c48acb4949559dd8b2c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 27 Dec 2021 05:39:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-frame-options: SAMEORIGIN
link: <https://www.randori.com/wp-json/>; rel="https://api.w.org/" <https://www.randori.com/?p=9579>; rel=shortlink
expires: Mon, 27 Dec 2021 05:38:28 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 3
x-cache-group: normal
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 48 KB
2 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen%20Sans&display=swap

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e5edc581d309e1718e2873e89534dc097ea776326ebfe65771992771f197d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Dec 2021 05:39:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 27 Dec 2021 05:39:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Dec 2021 05:39:13 GMT

GET
H2 200 style.css
www.randori.com/wp-content/cache/min/1/wp-content/themes/hello-elementor/ 6 KB
2 KB 116ms
112ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/themes/hello-elementor/style.css?ver=1640280816
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 10096a7f5e8d62cd352a60e60c0294442b153fc5b7b07ac3c1000413045f7e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:36 GMT
server: nginx
etag: W/"61c4b2f0-175c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
www.randori.com/wp-content/themes/hello-elementor-child/ 416 B
477 B 117ms
112ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/themes/hello-elementor-child/style.css?ver=5.8
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d2504486b6ae8fb646819cdb9ce390599fb04a4511b06d72e39648a09beecff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:56 GMT
server: nginx
etag: W/"61b92bc4-1a0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
www.randori.com/wp-content/themes/hello-elementor/ 6 KB
2 KB 123ms
118ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/themes/hello-elementor/style.min.css?ver=2.4.2
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 027092a96653b7043305080fa03cbcfff120c251c5b000eedf111168d3fd98bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Mon, 20 Dec 2021 16:01:13 GMT
server: nginx
etag: W/"61c0a8c9-16de"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 theme.min.css
www.randori.com/wp-content/themes/hello-elementor/ 15 KB
3 KB 129ms
125ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.4.2
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9ee09652280b56db59db015c319a6a6b80e1e161a8a0b703207e1a59b4c4e3a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Mon, 20 Dec 2021 16:01:13 GMT
server: nginx
etag: W/"61c0a8c9-3b3c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend-legacy.min.css
www.randori.com/wp-content/plugins/elementor/assets/css/ 13 KB
1 KB 133ms
129ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.5.2
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 30f745fcebeb5d47190a104511f9e237e676d53686fe446ccc0e0785fe493c50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: W/"61c3ebab-35ed"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend-lite.min.css
www.randori.com/wp-content/plugins/elementor/assets/css/ 97 KB
13 KB 133ms
129ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.5.2
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e2031387eb4b7fe61f62ffb4f93742ca3f1bf72eba8a7a2e69b2aaf2efc16b1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: W/"61c3ebab-18204"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-5.css
www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/ 1 KB
588 B 133ms
129ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/post-5.css?ver=1640280816
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4fcf094b0ad604a7dc51305bbf6ecf3cd22c2729678adb8007395c998ea9abd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:36 GMT
server: nginx
etag: W/"61c4b2f0-435"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.basic.css
www.randori.com/wp-content/cache/min/1/wp-content/plugins/ajax-search-lite/css/ 16 KB
4 KB 139ms
135ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=1640280816
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4994fa5a6f7a8ccc75752d9f1318e97f1772182a2e4f6413ea886e19732a0187

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:36 GMT
server: nginx
etag: W/"61c4b2f0-4152"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style-curvy-red.css
www.randori.com/wp-content/cache/min/1/wp-content/plugins/ajax-search-lite/css/ 6 KB
1 KB 146ms
142ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/plugins/ajax-search-lite/css/style-curvy-red.css?ver=1640280816
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 841fc1036a5008683c91f622f2bcf0f9e6a7d2d875fa156fa4a3ac108098c091

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:36 GMT
server: nginx
etag: W/"61c4b2f0-18ce"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 elementor-icons.min.css
www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 153ms
149ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1640280816
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5d0668a2dbbb1b4951308ea413e7b0a32534bc304e25825103c769a38d6edb6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:36 GMT
server: nginx
etag: W/"61c4b2f0-4b60"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.css
www.randori.com/wp-content/plugins/elementor-pro/assets/css/ 206 KB
23 KB 219ms
216ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.2.1
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d0486fdb1b2151c14a59eab883d753076861139950f056474c93813a2e7129de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:57 GMT
server: nginx
etag: W/"61b92bc5-337c2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 all.min.css
www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 59 KB
13 KB 219ms
216ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=1640280816
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 69ddbbb1de9c425c5f594dffcc57bcd00b6aabeb75a3818541733d0a02568ee0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:36 GMT
server: nginx
etag: W/"61c4b2f0-eca7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 v4-shims.min.css
www.randori.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 26 KB
4 KB 225ms
222ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.5.2
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: W/"61c3ebab-684e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 global.css
www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/ 33 KB
3 KB 226ms
222ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/global.css?ver=1640280816
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6922c32e535ca0cfb108fe03596171eb470ee6bb8d85231e7fb278f0d7d670e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:36 GMT
server: nginx
etag: W/"61c4b2f0-82ca"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-13.css
www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/ 13 KB
2 KB 226ms
223ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/post-13.css?ver=1640280816
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ed753db8384dcf49657dda258479eb1456cef4f7cf3e8a8020ac95ea99fa6e6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:36 GMT
server: nginx
etag: W/"61c4b2f0-34e6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-9482.css
www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/ 20 KB
2 KB 226ms
223ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/post-9482.css?ver=1640280816
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7d82943182c314151f0f2e040bf043142f31a27db30a73ea7202957ae3899082

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:36 GMT
server: nginx
etag: W/"61c4b2f0-4e05"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-9119.css
www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/ 17 KB
2 KB 226ms
223ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/post-9119.css?ver=1640280819
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2f50ea45c31048bfa709bb3f8c1a26ad9807a27a555d1c6a1dc0f6dcf6ecf95a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:39 GMT
server: nginx
etag: W/"61c4b2f3-43d1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-9624.css
www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/ 1 KB
710 B 226ms
223ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/post-9624.css?ver=1640280819
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6010538edf50f69ce25cbb46b5de7eba0475a8f05d1f005b0605bb5a94bf8e67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:39 GMT
server: nginx
etag: W/"61c4b2f3-584"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 fontawesome.min.css
www.randori.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
13 KB 226ms
224ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: W/"61c3ebab-e238"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 brands.min.css
www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
556 B 226ms
224ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1640280816
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b8449a28a151415d580be1dfd69056906199f1dd6ceb2c1b5edf61950ada9d13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:36 GMT
server: nginx
etag: W/"61c4b2f0-440"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
www.randori.com/wp-includes/js/jquery/ 87 KB
31 KB 226ms
224ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:49 GMT
server: nginx
etag: W/"61b92bbd-15db1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
www.randori.com/wp-includes/js/jquery/ 11 KB
4 KB 226ms
224ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:49 GMT
server: nginx
etag: W/"61b92bbd-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 v4-shims.min.js Show response
www.randori.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 15 KB
4 KB 226ms
225ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.5.2
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: W/"61c3ebab-3acf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 38ms
7ms Stylesheet
text/css 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=hck3zyb&ht=tk&f=26053.26054.26056.26062.25998.25999.26000.26001.26016.26017.26018.26019.26036.26037.26046.26047.26072.26073.26086.26087&a=18191877&app=typekit&e=css
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 40ms
17ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-127979282-1

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3e989e077a9bb7d6e1e47ba39d6b0907265a877799c11323a453413b45d7b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36181
x-xss-protection: 0
last-modified: Mon, 27 Dec 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Dec 2021 05:39:13 GMT

GET
H2 200 E-v1.js Show response
www.randori.com/wp-content/cache/min/1/wp-content/themes/hello-elementor-child/inc/ 599 KB
137 KB 113ms
112ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/themes/hello-elementor-child/inc/E-v1.js?ver=1640280816
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e9b50157ca5c78e431af98d7b1fa7fbd4d384fe4f44955c5c54a15cbc8e59509

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:36 GMT
server: nginx
etag: W/"61c4b2f0-95b9b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 v2-legacy.js Show response
js.hsforms.net/forms/ 21 KB
8 KB 69ms
31ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2-legacy.js

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd8496b904ded0ea8472d611839277a6a8091398ededfd2aa6b57f2eba97a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 471
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 10:24:31 UTC
server: cloudflare
etag: W/"cb5aceb381ddfd649db465a31c789ea3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxWTx4etXOd%2BHevde5A6m1xpngbFi1Ruk0ZYhCnjesLsVB%2B3Y20YgS6qD3oFVVWe%2BA0Vij2pKQTDMWntuWXlLfPFGm%2Bt%2FITVSymdPtB5Athj%2BHa45FsRAG1BEHrQ0efejGCMnItcaA25kGa2"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: HxRLKurezdWBZo6yVjJGB9rThAdoOYdq
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6c403507b8ae1762-FRA
x-amz-cf-id: MU9TOFv2C2RDrZTFrXn0a_1TB0FhEXuBIgXE0Kvwuyh21vYD8Qo0-g==
x-hs-target-asset: FormsNext/static-5.429/bundles/legacy.js

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 565 KB
144 KB 68ms
29ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1de48ca333e7ed7ea263055100dad7bb8ced7fe44d59831ccd49fe8b7155d0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
via: 1.1 126bc2e5c4c1b9ac0ffa004edc6f02c5.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 10:24:31 UTC
server: cloudflare
etag: W/"4a09092143104bbd73d83353e3de8f45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6ZObS%2F6OEuiElZeETBY9SmkoKxct3kKp8Kqk7JjkD9RwCgi0i80PwW9%2FTCvEhRNsh%2B0e8wF9tQR6%2FRx9YoDfFuoAC1PHZpWxxMUk2Dsb%2BB9sWfcJMW7rrCQ%2BJ9zzTe5vbAUHdP2Keb60I7n"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: XQgMPDVWVhxA2fBXXk7Bfu.xqq3CrItk
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6c403507b8af1762-FRA
x-amz-cf-id: EQt_lX_sZd-qXCqhvgHhfOBwbi5lxJdpM76o0-Yo23SPcT5LUut6BQ==
x-hs-target-asset: FormsNext/static-5.429/bundles/project_with_deps.js

GET
H2 200 4663384.js Show response
www.randori.com/wp-content/cache/min/1/ 2 KB
733 B 114ms
112ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/4663384.js?ver=1640280816
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 79ee1fa2648251a48cd93f1dace4a327e11fbe894e32ce31de0af090ae67d8cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:36 GMT
server: nginx
etag: W/"61c4b2f0-964"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 solid.min.css
www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
557 B 212ms
211ms Stylesheet
text/css 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1640280819
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dc7e118b7e07217031d017282955569cb66891f527050135caadb2dd5779824f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 17:33:39 GMT
server: nginx
etag: W/"61c4b2f3-43a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 hello-frontend.min.js Show response
www.randori.com/wp-content/themes/hello-elementor/assets/js/ 3 KB
1 KB 212ms
211ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd29338c097619843470ad38187d0c1754d939b12fa755f4c11f9e53fd46b09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Mon, 20 Dec 2021 16:01:13 GMT
server: nginx
etag: W/"61c0a8c9-c29"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 regenerator-runtime.min.js Show response
www.randori.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 212ms
211ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:50 GMT
server: nginx
etag: W/"61b92bbe-1906"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-polyfill.min.js Show response
www.randori.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 212ms
211ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:50 GMT
server: nginx
etag: W/"61b92bbe-4056"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 hooks.min.js Show response
www.randori.com/wp-includes/js/dist/ 5 KB
2 KB 212ms
211ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:50 GMT
server: nginx
etag: W/"61b92bbe-1540"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.ajaxsearchlite.min.js Show response
www.randori.com/wp-content/plugins/ajax-search-lite/js/min/ 73 KB
20 KB 212ms
211ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/ajax-search-lite/js/min/jquery.ajaxsearchlite.min.js?ver=4.9.5
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0a1af4d6495079c1a02bbd0f55a3d04fcf7835f66495f4ff7824531e1e715ad4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:57 GMT
server: nginx
etag: W/"61b92bc5-1245d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.smartmenus.min.js Show response
www.randori.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
8 KB 212ms
210ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:57 GMT
server: nginx
etag: W/"61b92bc5-6272"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 webpack-pro.runtime.min.js Show response
www.randori.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 212ms
211ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.2.1
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bda898dee9f63756e407d54b197e77a9f8349efd46f89df9f65ea20c05c21aab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:57 GMT
server: nginx
etag: W/"61b92bc5-15a0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 webpack.runtime.min.js Show response
www.randori.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 212ms
211ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.2
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f22b3dd13e81113afb3a94bc053b7f41363692316d7d61515b8a8055aba28a7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: W/"61c3ebab-1329"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend-modules.min.js Show response
www.randori.com/wp-content/plugins/elementor/assets/js/ 14 KB
5 KB 212ms
211ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.2
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d38e62f3e50f31b512f58dcd817cc1f1bac4b95e09f734bc1d79fd1861831694

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: W/"61c3ebab-379b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.sticky.min.js Show response
www.randori.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 6 KB
2 KB 212ms
211ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.2.1
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:57 GMT
server: nginx
etag: W/"61b92bc5-19c3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
www.randori.com/wp-content/plugins/elementor-pro/assets/js/ 56 KB
16 KB 212ms
211ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.2.1
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2bce7624951170bc10fd7e836524146bc81ff6f38b5b1f4ada2a796e0260e0e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:57 GMT
server: nginx
etag: W/"61b92bc5-df25"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 waypoints.min.js Show response
www.randori.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 212ms
212ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: W/"61c3ebab-2fa6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 core.min.js Show response
www.randori.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 212ms
212ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:49 GMT
server: nginx
etag: W/"61b92bbd-5133"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
www.randori.com/wp-content/plugins/elementor/assets/js/ 36 KB
11 KB 212ms
212ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.2
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7e53d6bb1d640561e7a15b9890c11a74b6b0f7d34c3dbfa9f387a41596cf5058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: W/"61c3ebab-9011"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 elements-handlers.min.js Show response
www.randori.com/wp-content/plugins/elementor-pro/assets/js/ 50 KB
13 KB 212ms
212ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.2.1
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5a577c50d0df50fe59ddd83881dd07180455bd97a482e49888714ba934a7f9c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:57 GMT
server: nginx
etag: W/"61b92bc5-c80c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 lazyload.min.js Show response
www.randori.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 123ms
122ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:56 GMT
server: nginx
etag: W/"61b92bc4-1ed2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 fntxumm4u6tn.js Show response
js.driftt.com/include/1640583600000/ 218 KB
63 KB 196ms
132ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1640583600000/fntxumm4u6tn.js

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2a34dac5fa380ef562478cff7f003120397f0737f264f6869c61297eda8a5229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: b9q7pHRol681AbzhOUrmc3dnFKfX_1z4
content-encoding: gzip
etag: W/"bc11126df1e49cd488ff38dbbef7c580"
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 19:07:34 GMT
server: nginx
date: Mon, 27 Dec 2021 05:39:13 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WQZt9VJgacK33M9P-uszbHRgmf9mZ9zCfiPsmqg1iyLUuFRJoPLN3w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 201 KB
67 KB 51ms
29ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WT6WG6

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7ac5a7ce95803cf0a5969e7ebc9aed6ff01aea22e5e12e1c50660fff0c0d1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68189
x-xss-protection: 0
last-modified: Mon, 27 Dec 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Dec 2021 05:39:13 GMT

GET
H2 200 lftracker_v1_DzLR5a5E2KYaBoQ2.js Show response
sc.lfeeder.com/ 23 KB
9 KB 174ms
133ms Script
application/javascript 2600:9000:2156:e800:1f:f723:6fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_DzLR5a5E2KYaBoQ2.js
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfc96491eb0a7ed5772bce6032418fe16ee5bb57963a7a2d1613f70f5ca14fa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 0806KESQoc5_nvUuo4HtKlRQesKI2Vgp
content-encoding: gzip
last-modified: Wed, 22 Dec 2021 08:34:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"2049e5026f8b19553f23fb5804b218b6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Mon, 27 Dec 2021 05:39:14 GMT
x-amz-cf-id: XR03kct7OsQcppsX56Y1iKtVkjmClePTbg1__NZizJpfAnqNwRjgIA==

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bad19f2de7b59cf07ee9901facf805839f8d8b580c77b3b9c8df0213547d7fd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25aa8b7a8f677db78ee9a176baea49fea46544171871657c8107c8cff7b0a87e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 127242a462485b0bf9a3aa71583528b7cee97983e774d0658181a90d5b120309

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 download-1.svg
www.randori.com/wp-content/uploads/2021/08/ 175 B
346 B 140ms
140ms Image
image/svg+xml 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.randori.com/wp-content/uploads/2021/08/download-1.svg
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/post-13.css?ver=1640280816
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d81271b90b34b3b762ffa785ef0a67806bca99d0a0bdfe1216db37eeea003164

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/wp-content/cache/min/1/wp-content/uploads/elementor/css/post-13.css?ver=1640280816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:51 GMT
server: nginx
etag: W/"61b92bbf-af"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 Threat-Exposure-BLOG-1.png
www.randori.com/wp-content/uploads/2021/08/ 308 KB
309 KB 140ms
139ms Image
image/png 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.randori.com/wp-content/uploads/2021/08/Threat-Exposure-BLOG-1.png
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 043a858820cb8895354fb0bd32c1f913a920129d59f677a504bef7266a8a2404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
last-modified: Tue, 14 Dec 2021 23:41:51 GMT
server: nginx
etag: "61b92bbf-4d0db"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 315611

GET
H2 200 l
use.typekit.net/af/e3a744/00000000000000003b9acb3f/27/ 26 KB
27 KB 57ms
16ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e3a744/00000000000000003b9acb3f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2a955cf83ce3ba3f0e9792da77a8f277e22a27e0fe08e725667fde9bcbb67b23

Request headers

Referer: https://www.randori.com/
Origin: https://www.randori.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
server: nginx
etag: "85cab88f0242c61b2adc4254ad911625e4e89ceb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27128

GET
H2 200 l
use.typekit.net/af/c4767b/00000000000000003b9acb20/27/ 24 KB
24 KB 67ms
25ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c4767b/00000000000000003b9acb20/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 92569e9beeb76f8ae2ea2560193ef621f55007020ef7a1a8a32a41c65164409b

Request headers

Referer: https://www.randori.com/
Origin: https://www.randori.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
server: nginx
etag: "6bd9e3c946167b49c2eaa0745742d186d6587225"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24812

GET
H2 200 fa-brands-400.woff2
www.randori.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
75 KB 137ms
137ms Font
font/woff2 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=1640280816
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=1640280816
Origin: https://www.randori.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: "61c3ebab-12bdc"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 76764

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
18 KB 29ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen%20Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.randori.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 20:39:33 GMT
x-content-type-options: nosniff
age: 377980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 20:39:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 34ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.randori.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 05:33:18 GMT
x-content-type-options: nosniff
age: 432355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 05:33:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 36ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.randori.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 01:54:06 GMT
x-content-type-options: nosniff
age: 445507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 01:54:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 37ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.randori.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 466278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 20:07:55 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 40ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.randori.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 15:40:00 GMT
x-content-type-options: nosniff
age: 395953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17004
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 15:40:00 GMT

GET
H2 200 l
use.typekit.net/af/f2b2eb/00000000000000003b9acb1a/27/ 25 KB
25 KB 43ms
22ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f2b2eb/00000000000000003b9acb1a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 90425d65d9b6c5ca78081440ab9b6f59d531a63267d4fa549a963cbfe2123a9e

Request headers

Referer: https://www.randori.com/
Origin: https://www.randori.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
server: nginx
etag: "e7f29ac4bd40b461efcdc9a380c0b2e1634b73b3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25356

GET
H2 200 e277972f-a069-4cdf-822a-713485701114 Show response
forms.hsforms.com/embed/v3/form/4663384/ 3 KB
1 KB 157ms
131ms Script
application/javascript 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4663384/e277972f-a069-4cdf-822a-713485701114?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1832be3d22aba7c0ec091ca85046e064b5389154e2ea01c7516d93843af09399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: a5026f3d-81e1-49e3-a4ae-aa6199898b66
cf-ray: 6c40350ada64702d-FRA
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2B01AFA12900D982C21B25BB51780372564627D8B2000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e274da4a9242623dfb51c1e42989ab516b43cb39e182f96b1247dd2b4739d86d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 403 lt-v3.js
lltrck.com/scripts/ 0
0 328ms
100ms Script
text/html 52.20.96.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/scripts/lt-v3.js?llid=31583
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.96.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-96-200.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 nav-menu.6da75281e733e539a9ad.bundle.min.js Show response
www.randori.com/wp-content/plugins/elementor-pro/assets/js/ 3 KB
1 KB 122ms
121ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.6da75281e733e539a9ad.bundle.min.js
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.2.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d4fc7cd2b72db91acccb00c112a4dfeaceb212f18e98419229fa986796a78ebc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:57 GMT
server: nginx
etag: W/"61b92bc5-c7e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 share-buttons.c2d8b4d6b9df24794248.bundle.min.js Show response
www.randori.com/wp-content/plugins/elementor-pro/assets/js/ 2 KB
997 B 127ms
127ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/js/share-buttons.c2d8b4d6b9df24794248.bundle.min.js
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.2.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 55e25143fa48eadea7e9fcaa1ba851cb123e0ef9e9813f799dbb40146b18fc0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:57 GMT
server: nginx
etag: W/"61b92bc5-6b0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 text-editor.289ae80d76f0c5abea44.bundle.min.js Show response
www.randori.com/wp-content/plugins/elementor/assets/js/ 1 KB
891 B 124ms
123ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 636450e920df1c9efefebe0bd648a4054369ebda02d5a50f144312cba0365af4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: W/"61c3ebab-54b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 form.847b51cf479577c6dc6f.bundle.min.js Show response
www.randori.com/wp-content/plugins/elementor-pro/assets/js/ 25 KB
7 KB 123ms
122ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/js/form.847b51cf479577c6dc6f.bundle.min.js
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.2.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fa8048af6850d862b9cf8da838ca5f6c352e072fb5a7b365fa875390ea3067f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:57 GMT
server: nginx
etag: W/"61b92bc5-6559"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 popup.502330d9929af9beeefd.bundle.min.js Show response
www.randori.com/wp-content/plugins/elementor-pro/assets/js/ 867 B
691 B 123ms
123ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/js/popup.502330d9929af9beeefd.bundle.min.js
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.2.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 56565a28e58e16709ed6520d2f0a5c279e1c166ae34f1455eee3d9e6e4a394f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:57 GMT
server: nginx
etag: W/"61b92bc5-363"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 dialog.min.js Show response
www.randori.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 117ms
116ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: W/"61c3ebab-29ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
87 KB 80ms
29ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/cache/min/1/4663384.js?ver=1640280816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea

Request headers

Referer: https://www.randori.com/
Origin: https://www.randori.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
via: 1.1 5148e372b4ab17878741ea92be548473.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 6182
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js&cfRay=6c3f9e180b3e44f2-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6c40350bd9d84303-FRA
last-modified: Fri, 10 Dec 2021 01:08:50 UTC
server: cloudflare
etag: W/"a20da5f3327ff62c3dfbc71571e4fc6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: L5EK4Wtvn0GVRD3yODp9CC_dzIEEuKk.
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: XWi-LWqsRvkmSPmO8Py4las73EoNzmM5mTRRXFJI9gcKd57gdr-4gw==
x-hs-target-asset: lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js

GET
H2 200 4663384.js Show response
js.hs-banner.com/ 61 KB
16 KB 454ms
404ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/4663384.js
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/cache/min/1/4663384.js?ver=1640280816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 312bbadd076992630c6568f11a3e59d3b581af3edecad9d7b4941037729d87d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: QRQ5CBJ54NETGSJ5
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: jgHCYxi9P5chHqnhCl0//5Zco8IlLjaPUAcG0fJnQWepKxqq8+1827LeiFzNBJesgVivNymyMw0=
timing-allow-origin: *
last-modified: Mon, 27 Sep 2021 06:37:12 GMT
server: cloudflare
etag: W/"7c1d3ea558e3ad64ac5352e33da804f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: ZZ3WSHRMpRNhB.O6DBXU8eS30.up1jvZ
access-control-allow-origin: https://info.randori.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6c40350bcbd85b32-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 27 Dec 2021 05:44:14 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 82 KB
26 KB 39ms
22ms Script
application/javascript 2606:4700::6811:7fab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/cache/min/1/4663384.js?ver=1640280816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d1cb06ace0ff3e399d3c53bb02c3a8c386cd97dc01081b376c34785c92e4f3

Request headers

Referer: https://www.randori.com/
Origin: https://www.randori.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6182
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.260/bundles/project.js&cfRay=6c3f9e189ff5699f-IAD
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6c40350b99e1692b-FRA
last-modified: Tue, 07 Dec 2021 01:47:22 UTC
server: cloudflare
etag: W/"6a87c3fbb201ae0e1e27682863544b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: MgiHycm2IQFcF7nscbJ1l6RorgU5R2aj
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 4xV_LcMbjM9j53ddtNk4M75Q0hTBnWypVoOYfx_BWH9CVhZqTTZPSw==
x-hs-target-asset: collected-forms-embed-js/static-1.260/bundles/project.js

GET
H2 200 4663384.js Show response
js.hs-analytics.net/analytics/1640280600000/ 62 KB
20 KB 177ms
127ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1640280600000/4663384.js
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/cache/min/1/4663384.js?ver=1640280816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd525b67ed285b5a7786e2f7d5e9656e169ee16bbc0e6fb2286bb48a317bb361

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: MD022MBS3SD4D0J6
x-amz-server-side-encryption: AES256
cf-ray: 6c40350bca540609-FRA
x-amz-id-2: 7+Pt5dQIm6NNHivpAD+/LI6JqtO8XWwDZF/yn18mWKsX8tTG+o0yaOyNl0MjfjS1V6SrL9trwmE=
last-modified: Mon, 27 Sep 2021 06:37:12 GMT
server: cloudflare
etag: W/"fb55434db49221bb4ea870f6b9d5be6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Mon, 27 Dec 2021 05:44:13 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 62ms
12ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/cache/min/1/4663384.js?ver=1640280816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1462ee824fc3172a7c7fb70f6f2276fa6be8bcffaa9eea71ef529c94eb56124

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
via: 1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 92
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.260/bundles/pixels-release.js&cfRay=6c4032c74d8f7039-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 21 Dec 2021 12:57:36 UTC
server: cloudflare
etag: W/"4810ba79843c6ef24b5495e240dece67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Boqywn5qgiRrIgfbl8XekFtn0W1ZcHLq
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6c40350bc819536a-FRA
x-amz-cf-id: Od-zb0He2hj8t1oJ92Cwowq2f129qxl0z0WKvX5ioPOmlhuZixGEPw==
x-hs-target-asset: adsscriptloaderstatic/static-1.260/bundles/pixels-release.js

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 50ms
4ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127979282-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2287
date: Mon, 27 Dec 2021 05:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 27 Dec 2021 07:01:06 GMT

GET
H2 200 cropped-logo_a2181bf2.png
www.randori.com/wp-content/uploads/2021/08/ 6 KB
7 KB 197ms
197ms Image
image/png 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.randori.com/wp-content/uploads/2021/08/cropped-logo_a2181bf2.png
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c26dc06f4cdebfdfa37b15f2200c169f1c10c95a1b9e9ebd7615ed35be6b489c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
last-modified: Tue, 14 Dec 2021 23:41:51 GMT
server: nginx
etag: "61b92bbf-196f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6511

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 39ms
16ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WT6WG6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 05:39:13 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 51ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WT6WG6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3101CA80B4B548B2838D899A51D1089B Ref B: FRAEDGE1208 Ref C: 2021-12-27T05:39:13Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 38ms
13ms Script
application/x-javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WT6WG6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 05:39:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=68540
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 hotjar-2723916.js Show response
static.hotjar.com/c/ 4 KB
2 KB 70ms
40ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2723916.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WT6WG6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

Resource Hash

878d18e42f32616213a7a0774afdbc087b839e44600089d1d41287d2a3b99fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/4fe751053d1aa7008d0e61fb9ce90068
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 2028
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-id: jAG7ahRw_8yM2C6VuU30GTJFrdEO1T9wqP4HnLVyNKXpDezJ1-FUxQ==

GET
H2 200 5cXLrNlEwpNWxdupPaCM Show response
ws.zoominfo.com/pixel/ 0
478 B 184ms
162ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/5cXLrNlEwpNWxdupPaCM

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6c40350c2cf21f31-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: TYOHkJV1F04UxHKRG4DQyYMqAd301K02o9Cuy1epSr8szzN2pHAAsGfrWD0bnvQ5zF7seuPxsKAQ+jU/rqSHVQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 27 Dec 2021 05:39:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 9iy6ta9jb7 Show response
www.clarity.ms/tag/ 572 B
794 B 363ms
152ms Script
application/x-javascript 2620:1ec:27::cafe:2193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9iy6ta9jb7
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2193 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 0818d35d97d1805482bc46e0fe516fa20e712d65689fa674d04f7d4d0b5975a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
x-powered-by: ASP.NET
x-azure-ref: 0glHJYQAAAABEMZNznNyJTowwyITeLQx/U09GMDFFREdFMDQxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 9pxyt7zlv9 Show response
www.clarity.ms/tag/ 572 B
953 B 361ms
151ms Script
application/x-javascript 2620:1ec:27::cafe:2193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9pxyt7zlv9?ref=gtm2
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2193 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f0dc507465585302696105abc026d61e240b1f6e5c5a7410514ccd68675c8624

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
x-powered-by: ASP.NET
x-azure-ref: 0glHJYQAAAABOgjBfrOJoQpGUPMHgKzsnU09GMDFFREdFMDQxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
content-length: 572
expires: -1

GET
H2 200 /
tr.lfeeder.com/ 43 B
292 B 59ms
29ms Image
image/gif 143.204.98.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=DzLR5a5E2KYaBoQ2&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FDbGllbnRJZHMiOltdLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6ImxmdHJhY2tlciIsInZlcnNpb24iOiIyLjMxLjAifSwicGFnZVVybCI6Imh0dHBzOi8vd3d3LnJhbmRvcmkuY29tL2Jsb2cvY3ZlLTIwMjEtNDQyMjgvIiwicGFnZVRpdGxlIjoiQ1ZFLTIwMjEtNDQyMjggLSBMb2c0aiAyIFZ1bG5lcmFiaWxpdHkgQW5hbHlzaXMgLSBSYW5kb3JpIEF0dGFjayBUZWFtIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiI4MDY2NjIxNDE1YTNjZjJiIiwiY2xpZW50VGltZXN0YW1wIjoiMjAyMS0xMi0yN1QwNTozOToxMy45NjVaIiwiY2xpZW50VGltZXpvbmUiOjAsInNjcmlwdElkIjoiRHpMUjVhNUUyS1lhQm9RMiIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS43MzE1ZTk3YTU1MjFhY2JiLjE2NDA1ODM1NTM5NTgiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlfQ==
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-44.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: IEWzS_o-o2aUxXehN7iOtiYhWZJ9PNCM8hGj37yYgC8ebEwbbzwlzA==

GET
H2 200 arrow-down.svg
www.randori.com/wp-content/uploads/2021/08/ 431 B
505 B 112ms
111ms Image
image/svg+xml 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.randori.com/wp-content/uploads/2021/08/arrow-down.svg
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 97da3e6cde87d694b1fb2dd73fd9ea0652c444ea644b3170d832a5ae5e47fee8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 23:41:51 GMT
server: nginx
etag: W/"61b92bbf-1af"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 fa-solid-900.woff2
www.randori.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 113ms
113ms Font
font/woff2 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=1640280816
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=1640280816
Origin: https://www.randori.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: "61c3ebab-13174"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 78196

GET
H2 200 eicons.woff2
www.randori.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 89 KB
90 KB 118ms
118ms Font
font/woff2 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.13.0
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1640280816
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3368bde807b9dc25e071e9d50a7f698b8788e5b12b7a967dd1efcffb8cc957ab

Request headers

Referer: https://www.randori.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1640280816
Origin: https://www.randori.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: "61c3ebab-16550"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 91472

GET
H2 200 share-link.min.js Show response
www.randori.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 142ms
141ms Script
application/javascript 35.225.197.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.randori.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.5.2
Requested by: Host: www.randori.com
URL: https://www.randori.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.197.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.197.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/blog/cve-2021-44228/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 03:23:23 GMT
server: nginx
etag: W/"61c3ebab-a12"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=400052958&t=pageview&_s=1&dl=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&ul=en-us&de=UTF-8&dt=CVE-2021-44228%20-%20Log4j%202%20Vulnerability%20Analysis%20-%20Randori%20Attack%20Team&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUADQAAAAC~&jid=2018141519&gjid=1007284135&cid=1028108851.1640583554&tid=UA-127979282-1&_gid=1145194829.1640583554&_r=1&gtm=2ouc10&z=1763044203

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.randori.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 05:39:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.randori.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-NMJNHVT&t=gtm7&cid=1028108851.1640583554

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

030d94c74321336c40a500780541b4794f72fa35a49b27a2431a368808b7c4d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36079
x-xss-protection: 0
last-modified: Mon, 27 Dec 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Dec 2021 05:39:14 GMT

GET
H3 200 234435305383178 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 60ms
51ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/234435305383178?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

287723a71ae6a8ba98d21628a5e95f59961ff9eb2a4052fd453e8451dfe9e524

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 4TxoxbQX2JD2qbOsVa39H7K7axcJ2jYry+fWRrdDwpIb1MQfnLIc52If/avIw9r74u7D6CmsWbZApZy4xGc6Ww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 05:39:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 199ms
123ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=4663384&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef8353a3f4850cd090ea1419a65a9be88ac47bd699fdc81586c6f099493759a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.randori.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 549b7928-382c-472d-ad72-7a870f50841a
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWQ1neHmmJoFyUJKr74BFdqTNmgL%2FybIhMoy7pFpKfC38CfV%2FGD2quvnOFJfktR0PvjJ%2BRkResQZrY30%2FeMceOjdSHBbEI6GmkKM13QKVwFUYmPb8CP%2BqgZIAcKEYRHANQ6HQ8rxBpuvHm%2BYfiBc"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.randori.com
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 6c40350d8b0c701c-FRA
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=539946&time=1640583554101&url=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D539946%26time%3D1640583554101%26url%3Dhttps%253A%252F%252Fwww.randori.com%252Fblo...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=539946&time=1640583554101&url=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=539946&time=1640583554101&url=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&liSync=true&e_ipv6=AQKB7AMex9P9NgAAAX36ZmagAG-gO9DC4nqsroN...

0
155 B

318ms
115ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=539946&time=1640583554101&url=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&liSync=true&e_ipv6=AQKB7AMex9P9NgAAAX36ZmagAG-gO9DC4nqsroN7KvQwmMfctIFIsElAZvSfeLlidWrOgCHDFQ
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:15 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: Gb58FQ2GxBaQXTnFvioAAA==

Redirect headers

date: Mon, 27 Dec 2021 05:39:14 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 01C92560EF68467B973CA05DB96BAD85 Ref B: FRAEDGE0910 Ref C: 2021-12-27T05:39:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=539946&time=1640583554101&url=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&liSync=true&e_ipv6=AQKB7AMex9P9NgAAAX36ZmagAG-gO9DC4nqsroN7KvQwmMfctIFIsElAZvSfeLlidWrOgCHDFQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXUGiAAkBP05qk6BMicNg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/782479048/ 2 KB
2 KB 80ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782479048/?random=1640583554103&cv=9&fst=1640583554103&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&tiba=CVE-2021-44228%20-%20Log4j%202%20Vulnerability%20Analysis%20-%20Randori%20Attack%20Team&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12a4a108b5eb7dc9cb81ebb1c1b6d63c19a37b8f14ff3093751cffe3c8561afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 05:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1048
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.6d5409da698bc5e020b1.js Show response
script.hotjar.com/ 228 KB
60 KB 59ms
11ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6d5409da698bc5e020b1.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2723916.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Resource Hash

9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 16:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 480548
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 61259
access-control-allow-origin: *
last-modified: Tue, 21 Dec 2021 16:09:54 GMT
etag: "a250696209ae851dce97a4101057f333"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: dPNw5BoQ_zcQpl5itLNvyxMoNynCjZPSn00OeaE-YHNgUguD3DlzvA==

GET
H2 200 56079018.js Show response
bat.bing.com/p/action/ 685 B
739 B 212ms
212ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/56079018.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4f1a9e86d211c3111f86f465818624637c5a8b20e91e1253f78a1008b04f14c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0D2B1C24AC8C4A2D8326988D7E388B64 Ref B: FRAEDGE1208 Ref C: 2021-12-27T05:39:14Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 588

GET
H2 204 0
bat.bing.com/action/ 0
148 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56079018&tm=gtm002&Ver=2&mid=6a0c59e5-6c61-4528-814a-939118b79222&sid=532f726066d711ec9b6fcb5be5189800&vid=532faf7066d711eca3ee99068fd5c5f4&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=CVE-2021-44228%20-%20Log4j%202%20Vulnerability%20Analysis%20-%20Randori%20Attack%20Team&p=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&r=&lt=1094&evt=pageLoad&msclkid=N&sv=1&rn=160752
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 05:39:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FB73117440914242A53825C12B912085 Ref B: FRAEDGE1208 Ref C: 2021-12-27T05:39:14Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
445 B 43ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-127979282-1&cid=1028108851.1640583554&jid=2018141519&gjid=1007284135&_gid=1145194829.1640583554&_u=YEBAAUACQAAAAC~&z=2037689465

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.randori.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 27 Dec 2021 05:39:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.randori.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame 9A2F 2 KB
1 KB 34ms
7ms Document
text/html 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2723916.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 1iDRaLmK03Wew2t5JPuJaRuQrYO49B63IOsBZa5u9XJ6Gwmy2EvmpA==
age: 2123168

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=400052958&t=pageview&_s=1&dl=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&ul=en-us&de=UTF-8&dt=CVE-2021-44228%20-%20Log4j%202%20Vulnerability%20Analysis%20-%20Randori%20Attack%20Team&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQAAAAC~&jid=306574348&gjid=127807162&cid=1028108851.1640583554&tid=UA-127979282-1&_gid=1145194829.1640583554&_r=1&gtm=2wgc105WT6WG6&z=37969128

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.randori.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 05:39:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.randori.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/782479048/ 42 B
548 B 40ms
17ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/782479048/?random=1640583554103&cv=9&fst=1640581200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&tiba=CVE-2021-44228%20-%20Log4j%202%20Vulnerability%20Analysis%20-%20Randori%20Attack%20Team&async=1&fmt=3&is_vtc=1&random=703701521&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 05:39:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/782479048/ 42 B
548 B 40ms
19ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/782479048/?random=1640583554103&cv=9&fst=1640581200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&tiba=CVE-2021-44228%20-%20Log4j%202%20Vulnerability%20Analysis%20-%20Randori%20Attack%20Team&async=1&fmt=3&is_vtc=1&random=703701521&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 05:39:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=234435305383178&ev=PageView&dl=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&rl=&if=false&ts=1640583554207&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1640583554206.1101215832&it=1640583554078&coo=false&rqm=GET

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 27 Dec 2021 05:39:14 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
28 B 28ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-127979282-1&cid=1028108851.1640583554&jid=306574348&gjid=127807162&_gid=1145194829.1640583554&_u=aGDAAUADQAAAAC~&z=220099377

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.randori.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 27 Dec 2021 05:39:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.randori.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 36ms
18ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-127979282-1&cid=1028108851.1640583554&jid=2018141519&_u=YEBAAUACQAAAAC~&z=629211330

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 05:39:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 35ms
19ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-127979282-1&cid=1028108851.1640583554&jid=2018141519&_u=YEBAAUACQAAAAC~&z=629211330

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 05:39:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2723916/ 146 B
323 B 114ms
35ms XHR
application/json 99.81.27.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2723916/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6d5409da698bc5e020b1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.27.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-27-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de

Request headers

Referer: https://www.randori.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
17ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-127979282-1&cid=1028108851.1640583554&jid=306574348&_u=aGDAAUADQAAAAC~&z=1881324532

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 05:39:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-127979282-1&cid=1028108851.1640583554&jid=306574348&_u=aGDAAUADQAAAAC~&z=1881324532

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 05:39:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
495 B 140ms
129ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: a9d056e9-a175-4331-8886-dcbf7167c551
x-trace: 2B81C17E934CF5C3BB193A346D13923876141C35F9000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c40350e6b55435d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
x-robots-tag: none

GET
H2 200 clarity.js Show response
f.clarity.ms/s/0.6.31/ 52 KB
23 KB 306ms
99ms Script
application/javascript 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9pxyt7zlv9?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:13 GMT
content-encoding: br
etag: "1d7f3ace6a16300"
last-modified: Sat, 18 Dec 2021 01:16:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=2EEC250F9B0F44C9B9BC878894870CFB&RedC=c.clarity.ms&MXFR=1042983E97156E733195892493156099
https://c.clarity.ms/c.gif?CtsSyncId=2EEC250F9B0F44C9B9BC878894870CFB&MUID=12CB341674DB689308C2250C75096900

42 B
368 B

29ms
28ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=2EEC250F9B0F44C9B9BC878894870CFB&MUID=12CB341674DB689308C2250C75096900
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 05:39:13 GMT
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f95a3e4769d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 05:39:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 902AF6B2C326419FB4AE97D8352C56BB Ref B: FRAEDGE1208 Ref C: 2021-12-27T05:39:14Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=2EEC250F9B0F44C9B9BC878894870CFB&MUID=12CB341674DB689308C2250C75096900
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
459 B 122ms
121ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 6adaaa15-7465-4d23-96a8-d59468581f58
x-trace: 2B9CC6F538CFEB49A462C090DF5E2703CA9A01DC3A000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c4035110ec6435d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
x-robots-tag: none

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 972C 0
18 B 15ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.randori.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.randori.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 27 Dec 2021 05:39:14 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
93 B 243ms
243ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.randori.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.randori.com
date: Mon, 27 Dec 2021 05:39:14 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 core Show response
js.driftt.com/ Frame D299 2 KB
1 KB 116ms
116ms Document
text/html 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1640583600000/fntxumm4u6tn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e93b1d85e9777eceb62ec06d7dacd23d475c09199b61a5fb61f10a19255ca0b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 23 Dec 2021 19:07:15 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: QIEK2qmEwyudOzO9CtwwAr2V9l.B2H.i
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 27 Dec 2021 05:39:15 GMT
cache-control: no-cache
etag: W/"22a90baa42c0ddc6dccc88f71276b350"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: bqFVKS-iY-C-Ym-76INfnW8zVKD4ndj2Tax1XwEywdIF8aEsGmFmjg==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 1269 2 KB
1 KB 116ms
116ms Document
text/html 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1640583600000/fntxumm4u6tn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e93b1d85e9777eceb62ec06d7dacd23d475c09199b61a5fb61f10a19255ca0b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 23 Dec 2021 19:07:15 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: QIEK2qmEwyudOzO9CtwwAr2V9l.B2H.i
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 27 Dec 2021 05:39:15 GMT
cache-control: no-cache
etag: W/"22a90baa42c0ddc6dccc88f71276b350"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 39jTEqFbCkYIBqWWjREHEOfDzRniHBwgQm-Jz41WVhYx4XwSsZQN9g==

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner/activity/ Frame 0
0 149ms
134ms Preflight
application/octet-stream 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.randori.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 27 Dec 2021 05:39:15 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://www.randori.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4035139da22bca-FRA

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 396ms
93ms Script
application/javascript 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.randori.com
URL: https://www.randori.com/blog/cve-2021-44228/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-2-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 05:39:15 GMT
Content-Encoding: gzip
X-Pardot-Route: 4587f66dff94d6e76a668284fbf3dba1
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Last-Modified: Fri, 17 Dec 2021 05:16:14 GMT
Server: PardotServer
ETag: "1547-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1950
Expires: Wed, 27 Dec 2023 05:39:15 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
559 B 154ms
128ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=e277972f-a069-4cdf-822a-713485701114&fci=35b582c8-89c3-4cc6-ac28-7495f63ef428&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=4663384&rcu=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&pu=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&t=CVE-2021-44228+-+Log4j+2+Vulnerability+Analysis+-+Randori+Attack+Team&cts=1640583555110&vi=5ae6fd530fe295af35ac4d40b8937bf6&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:15 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c28dae1a-ec98-4e0f-9e18-59a049f17d11
cf-ray: 6c403513abd942fd-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0C%2FZkTPNAytaaHaWXMCm4I%2FnnGT3fp%2BUObDhBbddfCO3n8pk7EaG%2BpnnewBnMLbldBk%2B66dhtmbvWoGNA0oRC1VkHqpxYz0ZNDYNJIJ3flKXykM6TvZi1Rd1SVTa1XzWjAsAX06BAGiBeSDT%2FVmV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1005 B 153ms
127ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=4663384&rcu=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&pu=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&t=CVE-2021-44228+-+Log4j+2+Vulnerability+Analysis+-+Randori+Attack+Team&cts=1640583555111&vi=5ae6fd530fe295af35ac4d40b8937bf6&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:15 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 81a056f6-3a06-43ca-af6b-d3e672eb1113
cf-ray: 6c403513abdb42fd-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peFuq%2Fya7jQFWWI%2FI2qvB5uHESJ1o48xE1A%2FnxKGOIEv0M%2BzULQ4fh1kGuRoenLS9yJa89p3Dt9mtVSpK%2BEhP3F3NixHlhBxSA2e9SMSh3ZK8AdJZnYwmKVQAl3Jl4QU2AigeUh54M5YDSlb7Ao2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner/activity/ 0
84 B 146ms
141ms XHR
text/plain 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/4663384.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.randori.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 05:39:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 891ac582-8cc9-49a3-a1a9-cca4eb2b7c75
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.randori.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 6c4035147e682bca-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id

GET
H2 200 runtime~main.c9394037.js Show response
js.driftt.com/core/assets/js/ Frame D299 6 KB
3 KB 8ms
7ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

07e751db5a9be85544376d383bc9a6a25f64f218b1fab3ed9c1c18f23ad7bbd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 19:07:14 GMT
content-encoding: gzip
age: 297121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:27 GMT
server: nginx
etag: W/"0fd958739fd4c40086f46804c2192b1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _6QI7Hx47Az5fxwdfERAjhbdYLpEpaR4
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Hvquk-_Az1zRx643JTXKVipUgNJ3U6UE6X7AxhIGAhLNOTXnMyRhxA==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 58 KB
20 KB 9ms
8ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 12305218
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YMayurREB6fqbSjg8GHngKC8veIQKMWj-1U0k0MtWwVdViAIRc-fHw==

GET
H2 200 main~493df0b3.580db5ef.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 6 KB
3 KB 10ms
9ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.580db5ef.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 06:03:57 GMT
content-encoding: gzip
age: 5441718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:07:00 GMT
server: nginx
etag: W/"9b4aab2d855603fa59a09f8160eb7cb4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SHbjo2Z875cq.BpS9ven0n3hNF1FVxPh
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3U-qCbZ9vwUbvZKC2vtVRF55cq1tWCzOFiojBV48Og-4AWsQF7d8gQ==

GET
H2 200 runtime~main.c9394037.js Show response
js.driftt.com/core/assets/js/ Frame 1269 6 KB
3 KB 10ms
9ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

07e751db5a9be85544376d383bc9a6a25f64f218b1fab3ed9c1c18f23ad7bbd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 19:07:14 GMT
content-encoding: gzip
age: 297121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:27 GMT
server: nginx
etag: W/"0fd958739fd4c40086f46804c2192b1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _6QI7Hx47Az5fxwdfERAjhbdYLpEpaR4
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kE1o5IUzEhAWiE6peF2IZcwoz3cVaQcgY8vqhWDZcBCP-ws_7niIfw==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 58 KB
20 KB 10ms
9ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 12305218
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rDMRuiEuttQF6SeH-de_TzO5nE4RyROMdDzdFYWpH-2dGXRkBDhzaQ==

GET
H2 200 main~493df0b3.580db5ef.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 6 KB
3 KB 10ms
10ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.580db5ef.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 06:03:57 GMT
content-encoding: gzip
age: 5441718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:07:00 GMT
server: nginx
etag: W/"9b4aab2d855603fa59a09f8160eb7cb4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SHbjo2Z875cq.BpS9ven0n3hNF1FVxPh
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ru7vEZOiTr6kXejECjhy5lsjp4Ls2mpn2R7DGwx49cKFvTesCtJR0Q==

GET
H2 200 42.3b1c2441.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 47 KB
14 KB 8ms
7ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:54:58 GMT
content-encoding: gzip
age: 4848257
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:08 GMT
server: nginx
etag: W/"62fe06940598a98760a9eae46800ff59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZvrGZ__CENehO4yWRJghqJAjDXfkpDfG
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5VSMEBzgp1peNVpn1klgj6nr_wuLtWmn9IXysIZi028TK9LwyERCWQ==

GET
H2 200 17.cce21c2a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 44 KB
13 KB 9ms
8ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.cce21c2a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:54:58 GMT
content-encoding: gzip
age: 4848257
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:07 GMT
server: nginx
etag: W/"565bf690dc82ce7e1f45c9647d892490"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: V1tQBeNhHuSP3Kq4PFVzDyqDvIlj_GeG
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7DC2WRCTGcjWfGVyVdZnpGdm-JTCIcWxEyCmzqtfCRTUfn5Bx57bMg==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 25 KB
8 KB 10ms
9ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:08:30 GMT
content-encoding: gzip
age: 4793445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:57 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KfofLwvG14tKBpk6tXvFAfICf2R3Oaes
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hzvqInK-jthyXBy_0k3oLWSRWVj61GJ_PSd2NWve-lAJGs5E8AVgxg==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 16 KB
5 KB 10ms
9ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 06:18:05 GMT
content-encoding: gzip
age: 9674470
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 14:38:32 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vLMtFICr__AmVbpyC1134yZVvjJr6q0Q
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hpxSfhqcE99A5IwHDJxdH6-dqy8tR4E7vu1vV8Rve88l0bveqJzvFQ==

GET
H2 200 19.5937a5b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 72 KB
22 KB 10ms
9ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.5937a5b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:55:04 GMT
content-encoding: gzip
age: 4848251
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:07 GMT
server: nginx
etag: W/"08aceb94bd26b0e431ca437d628e3c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a9V2sG0hWPWT.cLrpxmLmJQEJHJ3pTch
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6EAKfxj_jr_ILd_SenejqYR8A4X9PlBrPw5RkLTMXxippVjul5PK_g==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 16 KB
6 KB 13ms
12ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:21 GMT
content-encoding: gzip
age: 5427954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:58 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: juigjv2.842khaDjrzqiMoucoadLCjYk
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 04_KSWKtPRNVlxs9gwVgzGDwGYczAhDEJ2-QVn9Y9dw23hPJ2Pkapg==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 59 KB
19 KB 13ms
12ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:41:23 GMT
content-encoding: gzip
age: 2347071
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 29 Nov 2021 22:20:10 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Bes4ojoExyGtogevsaG2vPPgIGz3MINt
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xog4q_frlKHcP91nnxUarBGQ0NXr6TdHvkazFQUhZM53_mXYrnApEQ==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 91 KB
28 KB 14ms
12ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 20:47:44 GMT
content-encoding: gzip
age: 7462290
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Oct 2021 18:06:47 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8SLWCghXfnMEQiqJuVzEB4mWFfFgTeMA
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uL7I3iLQ0Cgr_jQtaY51GIVKVOYoKwwctlxHqXlF3j2mrfMOjWkGXw==

GET
H2 200 9.cea5327f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 24 KB
7 KB 15ms
13ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.cea5327f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fb372bf086a350fc14b803de31af04857aaf0b0e18bf7de76737715efa2ce57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:01:38 GMT
content-encoding: gzip
age: 2299057
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 29 Nov 2021 22:20:12 GMT
server: nginx
etag: W/"2db4f74e4d7ffda350b50dde6a07ed5e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XO6Gj_y9Dw4LqhxSapA287FNAF2AYGBn
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YXR6H0gyM0-lAGrn7HPnLth4H9pRxU2CGTG6sjY0WWF0Ur3fLkLreQ==

GET
H2 200 13.c2156fc2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 62 KB
20 KB 15ms
13ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.c2156fc2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:21 GMT
content-encoding: gzip
age: 5427954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:58 GMT
server: nginx
etag: W/"b94404e76324bd4454531b2e0a54f7bb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UBqTGR_Kpp2cPp4uQTy5DkPbiTlHyHAU
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hzH74MddfhWCTcLhSy2X_c8rxk2KJb0P7oV6yx9l2Ntjix-5Q9psBQ==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 105 KB
34 KB 16ms
14ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:21 GMT
content-encoding: gzip
age: 5427954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:59 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2QdQNwJ4SDmpUoZVr7HrkjjZUMt.Wzuw
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 326TIByrrv6WdaD6R60Cz7YxTeP6Sl0cyqMR5xWIZW0Dp33XuYdsRg==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 12 KB
4 KB 17ms
15ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:18:04 GMT
content-encoding: gzip
age: 2859671
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bXdSjY9CDnekLor1Q.RFbiIDqi7ulpJa
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OW_truSjQjTGsMVv4FBWwZXByY-a16tzxaUX9FwtiHwu3tZMC7TzSQ==

GET
H2 200 25.b7a0bf53.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 12 KB
5 KB 17ms
15ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.b7a0bf53.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:18:04 GMT
content-encoding: gzip
age: 2859671
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"808f7c7829001881a39cef6846a36ce0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q2g0zIRf_FIeqHbwx92fc3AdT0lCB1K6
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uQJSdUZ-fLVIi7Y093azccs0UILSjhkQGmgS__tyjt1D3uisDmT3GQ==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 17 KB
7 KB 17ms
16ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 16:58:47 GMT
content-encoding: gzip
age: 4538428
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 03 Nov 2021 13:47:23 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wCl6QNbYqV3zaB4E280GBYT.UNDnPeJC
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oGDNXGDiMRKb7wKRS8H_4jiOJRE7Z4XNWk5aICTXpuYUlWvcb-yZPQ==

GET
H2 200 7.30af169a.chunk.css
js.driftt.com/core/assets/css/ Frame D299 11 KB
3 KB 17ms
16ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.30af169a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:28:20 GMT
content-encoding: gzip
age: 4792255
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:54 GMT
server: nginx
etag: W/"bd798c00af88b7523deb5a8065993250"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: i5VGTHkGJ3W10pB8.FdBO9KWoGwOWrOx
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5tDphDHNi9NKWjxEu2k7fMlkY2Z3owv-ACtlbwzHwGz3_g75ngcfgQ==

GET
H2 200 7.daca2b0a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 69 KB
22 KB 18ms
17ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.daca2b0a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d43cd96fdf45131a049306a14096152378f435af3201abe7cbf484eca91c7b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 20:41:27 GMT
content-encoding: gzip
age: 377868
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 22 Dec 2021 20:15:36 GMT
server: nginx
etag: W/"671b9cfa12078e077a3d922afd9079cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9XD7hbQ9eJSEcIsxG0rM2ek6hvNJ5SGn
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1rs4cQhjuX0LRp7WGofFjGVta7Zv5JCjaSclKcCkBVUaSP48wB9dQA==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame D299 24 B
667 B 17ms
16ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
age: 12305217
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dsaQ1MPotEIJdxv3VDjVE8CjVUE5yV4WXTR5ySPqjet2JDnzeaxGrQ==

GET
H2 200 14.807fe395.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 74 KB
19 KB 18ms
17ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.807fe395.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9672dbb3bf065e2814d3c7aa0e3d2e74536e2a4ce37b062f31487a1c36e688c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:42:23 GMT
content-encoding: gzip
age: 979012
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 15 Dec 2021 21:37:30 GMT
server: nginx
etag: W/"75a43a7bca7194613f807d29ac3d074c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jZ418GrnPZWp.Rmpz87oGj4FWIurEvsW
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: M6bqP35WVXfuQNvbmOFwSGiJBdVxiPLWFYfgexcbxTZAu2CGkO5Rcw==

GET
H2 200 20.12e08c2a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 47 KB
13 KB 18ms
18ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.12e08c2a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

acadd76a335e98061ef67610e2cc701027232396e26b593a2af78a6f027cef75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:42:23 GMT
content-encoding: gzip
age: 979012
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 15 Dec 2021 21:37:31 GMT
server: nginx
etag: W/"61892b29d94d646e4fe4c955206e953e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: YWs4_7Z5RQFczzNCHJBWyq0qUaPuRJnt
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _w-om2xAzrbekHGbl08bHzamwOa5CpjrvM1efbjc8ngJjw3oL1gM1Q==

GET
H2 200 12.8b90a5b0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 41 KB
13 KB 19ms
19ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.8b90a5b0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e3b45255d95c0c568dc6e8b9f70e4d2ab7aef959ea5951d45ca6dd3775f43138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 19:07:15 GMT
content-encoding: gzip
age: 297120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"c14d2aa1198b8e446655dd0c65ae67e6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2.jwm_aZ96GvuflRvwK7JK..Qk_sWl8u
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uLLYVV3G--UfdAhGKLwVi1dB7NSL78NyWS05LfG966l9O8Xoq_lNdQ==

GET
H2 200 42.3b1c2441.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 47 KB
14 KB 18ms
17ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:54:58 GMT
content-encoding: gzip
age: 4848257
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:08 GMT
server: nginx
etag: W/"62fe06940598a98760a9eae46800ff59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZvrGZ__CENehO4yWRJghqJAjDXfkpDfG
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _BE6IRdWL-uKqNvQ8skTtIQXgqQonD1EEMtfBQG3ebFW_lim-B0ZWw==

GET
H2 200 17.cce21c2a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 44 KB
13 KB 18ms
17ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.cce21c2a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:54:58 GMT
content-encoding: gzip
age: 4848257
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:07 GMT
server: nginx
etag: W/"565bf690dc82ce7e1f45c9647d892490"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: V1tQBeNhHuSP3Kq4PFVzDyqDvIlj_GeG
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ISMU80TGFDsYrl6ioaq179AR2Kd4q8QWjrJMg1snTUKDOoZkw7Zwxg==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 25 KB
8 KB 18ms
17ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:08:30 GMT
content-encoding: gzip
age: 4793445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:57 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KfofLwvG14tKBpk6tXvFAfICf2R3Oaes
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7QW_bxfeNN8A8zgUELpUXgtLInrUYHHdeTKpRUcT6IXpDV7TLTdfbg==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 16 KB
5 KB 19ms
12ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 06:18:05 GMT
content-encoding: gzip
age: 9674470
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 14:38:32 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vLMtFICr__AmVbpyC1134yZVvjJr6q0Q
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nFk548m78eoZSW2C0pM4XhQshMkWxKOqdvxFP9f6glYsybExWZIbqA==

GET
H2 200 19.5937a5b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 72 KB
22 KB 19ms
10ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.5937a5b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:55:04 GMT
content-encoding: gzip
age: 4848251
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:07 GMT
server: nginx
etag: W/"08aceb94bd26b0e431ca437d628e3c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a9V2sG0hWPWT.cLrpxmLmJQEJHJ3pTch
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Vqt0UCpzl99AxVkzcvu16CQJUxo85MgL3pxsxRTEr6f2ejUe0QHMkQ==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 16 KB
6 KB 19ms
10ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:21 GMT
content-encoding: gzip
age: 5427954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:58 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: juigjv2.842khaDjrzqiMoucoadLCjYk
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gQjYnfCr4yDDeLfFSMITExPZqQy47IwAyqKTw3yP1jqUwgNK1bnA1g==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 59 KB
19 KB 20ms
9ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:41:23 GMT
content-encoding: gzip
age: 2347071
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 29 Nov 2021 22:20:10 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Bes4ojoExyGtogevsaG2vPPgIGz3MINt
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jgXgfT7yWLU-kMj0yukLdH5YlE70m_Vfej0D2HrCwmdkCzvEV2-13w==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 91 KB
28 KB 20ms
10ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 20:47:44 GMT
content-encoding: gzip
age: 7462290
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Oct 2021 18:06:47 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8SLWCghXfnMEQiqJuVzEB4mWFfFgTeMA
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pAfnkqKTueXIdoLpxPXg-hCwBY8OBe6K8ZEZr_v9fPEuce2SRsC1oQ==

GET
H2 200 9.cea5327f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 24 KB
7 KB 21ms
11ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.cea5327f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fb372bf086a350fc14b803de31af04857aaf0b0e18bf7de76737715efa2ce57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:01:38 GMT
content-encoding: gzip
age: 2299057
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 29 Nov 2021 22:20:12 GMT
server: nginx
etag: W/"2db4f74e4d7ffda350b50dde6a07ed5e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XO6Gj_y9Dw4LqhxSapA287FNAF2AYGBn
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ad45VpKRxryMYmF0AU5PKcj4OYrQKPZBHR36Lomfw96TFF6741VRVQ==

GET
H2 200 13.c2156fc2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 62 KB
20 KB 21ms
10ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.c2156fc2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:21 GMT
content-encoding: gzip
age: 5427954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:58 GMT
server: nginx
etag: W/"b94404e76324bd4454531b2e0a54f7bb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UBqTGR_Kpp2cPp4uQTy5DkPbiTlHyHAU
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: I7sbXGlfsRB2d7lZpKpqjObFb2D55fzt0gBpNStGruzZ7Q6wZZTXcg==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 105 KB
34 KB 22ms
11ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:21 GMT
content-encoding: gzip
age: 5427954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:59 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2QdQNwJ4SDmpUoZVr7HrkjjZUMt.Wzuw
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fj_cn3KA8V0fmtU0SWrUzDjy603ubVrYadF-Q6QhImQ8AsflqB9zUA==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 12 KB
4 KB 22ms
12ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:18:04 GMT
content-encoding: gzip
age: 2859671
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bXdSjY9CDnekLor1Q.RFbiIDqi7ulpJa
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qINBluqTX19xzXYpFunE3S4Bi61rpoWTfnePr_TenobKps4dMjO44w==

GET
H2 200 25.b7a0bf53.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 12 KB
5 KB 18ms
12ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.b7a0bf53.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:18:04 GMT
content-encoding: gzip
age: 2859671
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"808f7c7829001881a39cef6846a36ce0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q2g0zIRf_FIeqHbwx92fc3AdT0lCB1K6
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KXNG1QeFs0C-H-Iy6geNnpFgqFe--0OGGWtTxdvRb-NIlc-SucFvOg==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 17 KB
7 KB 19ms
11ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 16:58:47 GMT
content-encoding: gzip
age: 4538428
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 03 Nov 2021 13:47:23 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wCl6QNbYqV3zaB4E280GBYT.UNDnPeJC
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6DLcXLdcMwrrEWUmgK0K4-M-2QVXtPahbfhfjN_PCi7THsb3Cl2Tng==

GET
H2 200 7.30af169a.chunk.css
js.driftt.com/core/assets/css/ Frame 1269 11 KB
3 KB 18ms
10ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.30af169a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:28:20 GMT
content-encoding: gzip
age: 4792255
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:54 GMT
server: nginx
etag: W/"bd798c00af88b7523deb5a8065993250"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: i5VGTHkGJ3W10pB8.FdBO9KWoGwOWrOx
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HX5gtVoDeOXv1OIaHOtRvwx0wiDrxNl6o4-fmzLBIVF-bWtJWp4wKQ==

GET
H2 200 7.daca2b0a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 69 KB
22 KB 19ms
11ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.daca2b0a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d43cd96fdf45131a049306a14096152378f435af3201abe7cbf484eca91c7b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 20:41:27 GMT
content-encoding: gzip
age: 377868
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 22 Dec 2021 20:15:36 GMT
server: nginx
etag: W/"671b9cfa12078e077a3d922afd9079cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9XD7hbQ9eJSEcIsxG0rM2ek6hvNJ5SGn
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VgIrRKWN6LkBp85U3VpVJQp2ul1K65jk-ODA9E6K2aXjfKPjXP1M_Q==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 1269 24 B
666 B 18ms
11ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
age: 12305217
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Phk2tfVdWAi2_rWmI5H0--PBKEvJVUEA9Cqkr-Po8t1iLHMSkYCTSQ==

GET
H2 200 14.807fe395.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 74 KB
19 KB 17ms
11ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.807fe395.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9672dbb3bf065e2814d3c7aa0e3d2e74536e2a4ce37b062f31487a1c36e688c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:42:23 GMT
content-encoding: gzip
age: 979012
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 15 Dec 2021 21:37:30 GMT
server: nginx
etag: W/"75a43a7bca7194613f807d29ac3d074c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jZ418GrnPZWp.Rmpz87oGj4FWIurEvsW
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Y1l_zOKtgq112xtsIHEZ81U-ghZkkuYqdKAyhnODZ3ZgdtlnDzmByQ==

GET
H2 200 20.12e08c2a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 47 KB
13 KB 17ms
12ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.12e08c2a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

acadd76a335e98061ef67610e2cc701027232396e26b593a2af78a6f027cef75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:42:23 GMT
content-encoding: gzip
age: 979012
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 15 Dec 2021 21:37:31 GMT
server: nginx
etag: W/"61892b29d94d646e4fe4c955206e953e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: YWs4_7Z5RQFczzNCHJBWyq0qUaPuRJnt
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7h7TU0Oat3P9oTvK3zUEN5LGQxRVmkqzJO71FPRuqlZyUofVMoNkdg==

GET
H2 200 12.8b90a5b0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 41 KB
13 KB 18ms
13ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.8b90a5b0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e3b45255d95c0c568dc6e8b9f70e4d2ab7aef959ea5951d45ca6dd3775f43138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 19:07:15 GMT
content-encoding: gzip
age: 297120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"c14d2aa1198b8e446655dd0c65ae67e6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2.jwm_aZ96GvuflRvwK7JK..Qk_sWl8u
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UsEuPi2Fayjf_USyp9ldssqBUK8t8T-Hl_QqH6kVfhvIsdIRu7H1Fg==

GET
H2 200 22.e10510b6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 42 KB
12 KB 9ms
8ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.e10510b6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b0257060098cdc51166f35b62e7dd8f0c5f8d6cfa319901c0c51a629537e02fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 03:00:11 GMT
content-encoding: gzip
age: 1910344
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 02 Dec 2021 19:39:10 GMT
server: nginx
etag: W/"a99459752bee496e4af7c45277fd9c26"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .p1WPnsH8XGSlb.mHBXCMu26rOKTD1WF
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fmA-3BaEHWMXtG8FAqMi0l1xDEmrI0e_Aq83Ln0pwFybXyn2vh-PWw==

GET
H2 200 24.49c6961c.chunk.css
js.driftt.com/core/assets/css/ Frame D299 8 KB
2 KB 10ms
9ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/24.49c6961c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 07:58:46 GMT
content-encoding: gzip
age: 6039629
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 15 Oct 2021 18:19:47 GMT
server: nginx
etag: W/"f80cd64e339375567091159cb077b941"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: t3wd1L70.jr_F45fRiZ9jDIt4M2lflSx
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zOyo6sK4TOAq8h0hQv3KCoGsi-BZOaUvEb7-rybxEFiTS_gq9whsHQ==

GET
H2 200 24.a557fbd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 12 KB
5 KB 10ms
9ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.a557fbd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4d85222516f652c200ef03b89b4b755c6a54210c75ca599fb53e0a05d677e197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:42:23 GMT
content-encoding: gzip
age: 979012
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 15 Dec 2021 21:37:31 GMT
server: nginx
etag: W/"04cf8ee37950ab9133d56182ac42f2d5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zlEPlIdbOgMuBLYRnHr8Y8oFPnOH1I49
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r-4wDtc-JZbQYj2TBeBv3T6fDnyfQgAsuq1DRTRlo9UU5R3Yry7PBg==

GET
H2 200 18.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame D299 365 B
1008 B 10ms
10ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/18.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:58 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
age: 7817597
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Mon, 27 Sep 2021 17:53:27 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2nl84_Ynkb7J4eflOi4MBL9RG1iL8udX
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CSiKln-FOnOSRweJ-ylKj8FmSGzqTnOboku5SAMCzkXoXDZ7Havunw==

GET
H2 200 18.bcdc875a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D299 84 KB
24 KB 10ms
10ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.bcdc875a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d61bed847a1b1ac4dc945aec27f3b7fd7617c63a6397bb5f9442643865a52cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fntxumm4u6tn&region=US&forceShow=false&skipCampaigns=false&sessionId=712104e2-7957-45eb-8a57-7239988651f9&sessionStarted=1640583555.091&campaignRefreshToken=6f27aeb1-8926-4a3b-ab36-d167e4e2b63e&hideController=false&pageLoadStartTime=1640583553269&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:42:23 GMT
content-encoding: gzip
age: 979012
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 15 Dec 2021 21:37:31 GMT
server: nginx
etag: W/"f333661975e2663674d8c3268595010b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WGGQItX.QTqfwGA_o1qW_QMFO22mzJbX
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WzNuRWLahjmnWm3dz3OoBgTpTap4Bd_JteWrR2A3pzn6DX_SbPzzhg==

GET
H2 200 30.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 1269 3 KB
1 KB 8ms
7ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:28:20 GMT
content-encoding: gzip
age: 4792255
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:54 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GBOBYZXPfE_Um1Sf_mqL4fDHmw8hrH5J
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dOPNYgpcRKa6gLvhmjzZ2UO5F7W3_Z9VPtG6H18dAMwFdWocnX8sNw==

GET
H2 200 30.0383f092.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 3 KB
2 KB 8ms
8ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.0383f092.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a5e4d82414a2ca26ea7d94c8586c3c32363073ecb1214c884d302439f420913c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:07:51 GMT
content-encoding: gzip
age: 1776684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 15:09:52 GMT
server: nginx
etag: W/"62187322b72b1fa76d14e19526c132b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: z3aE86SV2XLkllCr6fKLzNFXHsnbcDpg
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sY3D26tRQN1g6UuyXn0fvyKi62hUASdBhaYWrcPOUQBzYzTpKZiNgg==

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 1269 7 KB
2 KB 8ms
7ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:55:04 GMT
content-encoding: gzip
age: 4848251
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:04 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: K9l0WdnhS0.sb1iJQdTJni3xfVGcn633
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PlDGGTjKDct9E9eDRkswWFTyxa6AxJCMvN9O3giGZmS5aJSha51KhQ==

GET
H2 200 1.187c50a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 54 KB
16 KB 8ms
8ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.187c50a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:22 GMT
content-encoding: gzip
age: 5427953
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:57 GMT
server: nginx
etag: W/"eeccccb655ee3b6bcb8b1a9b1da4fd30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: T4NYA9GFrw0AOH7iks5Owut4YT_Q7yUg
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LuPshG-rYB9vPb9rzhhyGSLVAoXpwAdQ7RXU504vx67i38xRZiPKfQ==

GET
H2 200 0.ee2abab8.chunk.css
js.driftt.com/core/assets/css/ Frame 1269 44 KB
7 KB 9ms
8ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.ee2abab8.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbbdc87055e3735446865635b4678301f3e2a1a8796c5c8f9e6708aee679592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 14:21:26 GMT
content-encoding: gzip
age: 1091869
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 13 Dec 2021 22:15:51 GMT
server: nginx
etag: W/"c00b54e499f71a56923e5c2db3c1ebfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 68ABimk3FXgiFdH1qEDL3xdLWSNdRuPT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -29WWGSkpR6hqF9SM6-1orIVMB_4gQb6BrTe5jrjdw_uTPceIaeTgA==

GET
H2 200 0.9bdf0d5a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 70 KB
24 KB 9ms
9ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.9bdf0d5a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7072e71c4451255d76dd060fa22d2372b336662caa03dad732c3e8c495e3722b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:42:23 GMT
content-encoding: gzip
age: 979012
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 15 Dec 2021 21:37:30 GMT
server: nginx
etag: W/"2d1fa187641adb5aa5b2cb4ccf569a19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: uvezfoFNFXg1JFwXTJz2vp2G6IK.FxaR
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: M1RkoDZSxNJkIi4m044F1Xf1nT1Y_HRWoB1UOp2g3RfzjH3ZGp_X2A==

GET
H2 200 29.a4eacd1c.chunk.css
js.driftt.com/core/assets/css/ Frame 1269 11 KB
2 KB 10ms
9ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.a4eacd1c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e2fc570495ce9f73780336d692d1caf5d299d81a0208243f97dacb7f345cdf15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:12:40 GMT
content-encoding: gzip
age: 3403595
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 19:25:04 GMT
server: nginx
etag: W/"5fcabdf983fd5bbf7cb199063137d146"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: k82F8FaNpkIB_WK109g86MbRHlA8U_6q
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gHG2xHzT3p2CmZI3v0nfTNuoaSFzCZac4iVOxsuHHXDTsKTEjaWMOw==

GET
H2 200 29.53419916.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1269 11 KB
4 KB 10ms
10ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.53419916.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.c9394037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b3e92729562bf7aa805f612b4f909f640cdcfe2ccdc9ee6cf78f710491208e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1640583553269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:42:23 GMT
content-encoding: gzip
age: 979012
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 15 Dec 2021 21:37:31 GMT
server: nginx
etag: W/"72171f9c0b9a4cd90bdf2440c1e572de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: YNPTQIKY2ZyKApUq3KLoPLuIK9xcf5uv
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: t9dnX55g7pR7rgDwWjBdJRSQNx-rDGvwgM5RbJiz0gkNUL-MSVbwLg==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 416ms
93ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 27 Dec 2021 05:39:15 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift93b6f2247f6a1d85c5426c56678
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame D299 25 B
123 B 103ms
103ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Dec 2021 05:39:15 GMT
server: istio-envoy
requestid: 76e13494d4d1930d
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame D299 126 B
223 B 97ms
97ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

9affd78b4d347e1173135495e1adb06e0bb8dea3d38ec0d8b546821b7d6d7cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Dec 2021 05:39:15 GMT
server: istio-envoy
requestid: 59b785f57cf93124
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 126
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 407ms
96ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 27 Dec 2021 05:39:15 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift0578aa54cb591ec35df3fcddf3e
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 72 B
533 B 104ms
103ms Script
text/html 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1927&account_id=894431&title=CVE-2021-44228%20-%20Log4j%202%20Vulnerability%20Analysis%20-%20Randori%20Attack%20Team&url=https%3A%2F%2Fwww.randori.com%2Fblog%2Fcve-2021-44228%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-2-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.randori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 05:39:15 GMT
Content-Encoding: gzip
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Server: PardotServer
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=63072000
Content-Length: 89
Expires: Wed, 27 Dec 2023 05:39:15 GMT

GET
H2 200 fntxumm4u6tn.json Show response
embeds.driftcdn.com/embeds/ Frame D299 14 KB
5 KB 69ms
12ms XHR
application/json 143.204.98.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/fntxumm4u6tn.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-40.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 062d6b7f2e55f5a5aba0d3d95f3aee79b22ec9758b721d0543f4d35a9af4baf3

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 05:39:15 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 22 Dec 2021 20:15:05 GMT
server: AmazonS3
etag: W/"6642b1e452fe11d0e516bf0b7fbb1a5c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: Pk7jc7ABiMhd3O7ftdyiLL1zA8CZ0ggsH7RNZYlepinIViASZksqoA==

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 98ms
97ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.randori.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.randori.com
date: Mon, 27 Dec 2021 05:39:15 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame D299 25 B
88 B 103ms
103ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Dec 2021 05:39:17 GMT
server: istio-envoy
requestid: 9b3158004388ba6d
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 92ms
92ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 27 Dec 2021 05:39:17 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftfe0296544c1a19d3e7279b097d0
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.randori.com/	1970-01-20 01:52:39	Name: _gcl_au Value: 1.1.522441130.1640583554
.randori.com/	1970-01-20 17:14:15	Name: _lfa Value: LF1.1.7315e97a5521acbb.1640583553958
.bing.com/	1970-01-20 09:04:39	Name: MUID Value: 12CB341674DB689308C2250C75096900
.randori.com/	1970-01-20 17:14:15	Name: _ga Value: GA1.2.1028108851.1640583554
.randori.com/	1970-01-19 23:44:29	Name: _gid Value: GA1.2.1145194829.1640583554
.randori.com/	1970-01-19 23:43:03	Name: _gat_gtag_UA_127979282_1 Value: 1
.ws.zoominfo.com/	1970-01-20 08:28:39	Name: visitorId Value: 24de46b897cd96dac4205df384a66b3fdf9488d77dc7d82ec6a6a676902bfa80
.randori.com/	1970-01-19 23:44:29	Name: _uetsid Value: 532f726066d711ec9b6fcb5be5189800
.randori.com/	1970-01-20 09:04:39	Name: _uetvid Value: 532faf7066d711eca3ee99068fd5c5f4
.doubleclick.net/	1970-01-19 23:43:04	Name: test_cookie Value: CheckForPermission
.randori.com/	1970-01-19 23:43:03	Name: _gat_UA-127979282-1 Value: 1
.randori.com/	1970-01-20 01:52:39	Name: _fbp Value: fb.1.1640583554206.1101215832
.randori.com/	1970-01-20 08:28:39	Name: _hjSessionUser_2723916 Value: eyJpZCI6IjFjZjcyMGMxLWY0MGYtNTVhNS1hYzJiLWJiZTRiODEzMWRjNSIsImNyZWF0ZWQiOjE2NDA1ODM1NTQyMjAsImV4aXN0aW5nIjpmYWxzZX0=
.randori.com/	1970-01-19 23:43:05	Name: _hjFirstSeen Value: 1
.randori.com/	1970-01-19 23:43:05	Name: _hjSession_2723916 Value: eyJpZCI6IjMwYzgxOTkzLWMwMjAtNDExOS1iMzZiLTU4YzEzNjFhMzk1NCIsImNyZWF0ZWQiOjE2NDA1ODM1NTQyNDB9
www.randori.com/	1970-01-19 23:43:03	Name: _hjIncludedInPageviewSample Value: 1
.randori.com/	1970-01-19 23:43:05	Name: _hjAbsoluteSessionInProgress Value: 0
www.randori.com/	1970-01-19 23:43:03	Name: _hjIncludedInSessionSample Value: 0
.linkedin.com/	1970-01-20 00:26:15	Name: UserMatchHistory Value: AQKhML4Lp-45tQAAAX36ZmS1pVZIWmQ9t1TRA04TPEg1BWOSvFXAVF_O37GSrp2wWl5rzR67jg3s4w
.linkedin.com/	1970-01-20 00:26:15	Name: AnalyticsSyncHistory Value: AQKfie1mNhUZXQAAAX36ZmS1i4mfquBMvrpjMWBm_DsFNKXZlM7pHqAtod55bkt3NwL7ZQoxCu_VMkuQefooPg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:14:57	Name: bcookie Value: "v=2&69026481-e2d4-4350-8e2a-4f295de822fa"
.linkedin.com/	1970-01-19 23:44:29	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2482:u=1:x=1:i=1640583554:t=1640669954:v=2:sig=AQFJCzdlSopxju1zCYO2x_PL3Ov-RxGf"
www.clarity.ms/	1970-01-20 08:28:39	Name: CLID Value: aba1fbd3e8ab4addbc782467da29f535.20211227.20221227
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:14:57	Name: bscookie Value: "v=1&2021122705391451697012-fe97-4000-8659-aa917c9aa7adAQFcOHJc6G76z_yZnT59LTZOxJq1cKIs"
.linkedin.com/	1970-01-20 17:01:21	Name: li_gc Value: MTswOzE2NDA1ODM1NTQ7MjswMjHEITocxbuE7ODfL3tvqOqq/hBsgtziGOE/cId+7d3uZw==
.c.bing.com/	1970-01-20 09:04:39	Name: SRM_B Value: 12CB341674DB689308C2250C75096900
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:04:39	Name: MUID Value: 12CB341674DB689308C2250C75096900
.c.clarity.ms/	1970-01-19 23:43:04	Name: ANONCHK Value: 0
.randori.com/	1970-01-20 08:28:39	Name: _clck Value: bgps82\|1\|exm\|0
.randori.com/	1970-01-19 23:44:29	Name: _clsk Value: egb454\|1640583555088\|1\|1\|f.clarity.ms/collect
www.randori.com/	1970-01-19 23:43:05	Name: drift_campaign_refresh Value: 6f27aeb1-8926-4a3b-ab36-d167e4e2b63e
.hubspot.com/	1970-01-19 23:43:05	Name: __cf_bm Value: 427mnb25Dm4Kx4mCYiWtr0S2NSPu0vIOVTdT5c9F7U8-1640583555-0-AdsEm55HpXphkYpevRUDQg1iFZK4AvP+xW9t9Q695GBpv3MD6+kfeFRcGDAH0fRxDAFTq0nFOZY/x1kxiF1TViU=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lltrck.com/scripts/lt-v3.js?llid=31583 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
bootstrap.api.drift.com
c.bing.com
c.clarity.ms
connect.facebook.net
embeds.driftcdn.com
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
in.hotjar.com
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
lltrck.com
metrics.api.drift.com
p.typekit.net
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
sc.lfeeder.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
tr.lfeeder.com
track.hubspot.com
use.typekit.net
vars.hotjar.com
ws.zoominfo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.randori.com
108.174.10.14
142.250.186.66
143.204.98.102
143.204.98.39
143.204.98.40
143.204.98.44
143.204.98.49
143.204.98.82
20.84.22.197
2600:9000:2156:e800:1f:f723:6fc0:93a1
2606:4700::6810:5805
2606:4700::6810:650c
2606:4700::6811:44b0
2606:4700::6811:71b0
2606:4700::6811:7fab
2606:4700::6811:b649
2606:4700::6811:e9cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:27::cafe:2193
2620:1ec:c11::200
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:400c:c08::9b
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:ba20
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.94.218.138
35.225.197.149
52.142.114.2
52.20.96.200
52.21.178.134
54.147.21.139
99.81.27.250
027092a96653b7043305080fa03cbcfff120c251c5b000eedf111168d3fd98bf
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
030d94c74321336c40a500780541b4794f72fa35a49b27a2431a368808b7c4d0
043a858820cb8895354fb0bd32c1f913a920129d59f677a504bef7266a8a2404
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
062d6b7f2e55f5a5aba0d3d95f3aee79b22ec9758b721d0543f4d35a9af4baf3
07e751db5a9be85544376d383bc9a6a25f64f218b1fab3ed9c1c18f23ad7bbd8
0818d35d97d1805482bc46e0fe516fa20e712d65689fa674d04f7d4d0b5975a5
0a1af4d6495079c1a02bbd0f55a3d04fcf7835f66495f4ff7824531e1e715ad4
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10096a7f5e8d62cd352a60e60c0294442b153fc5b7b07ac3c1000413045f7e52
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127242a462485b0bf9a3aa71583528b7cee97983e774d0658181a90d5b120309
12a4a108b5eb7dc9cb81ebb1c1b6d63c19a37b8f14ff3093751cffe3c8561afe
1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2
1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de
1832be3d22aba7c0ec091ca85046e064b5389154e2ea01c7516d93843af09399
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1de48ca333e7ed7ea263055100dad7bb8ced7fe44d59831ccd49fe8b7155d0b6
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
23d1cb06ace0ff3e399d3c53bb02c3a8c386cd97dc01081b376c34785c92e4f3
25aa8b7a8f677db78ee9a176baea49fea46544171871657c8107c8cff7b0a87e
287723a71ae6a8ba98d21628a5e95f59961ff9eb2a4052fd453e8451dfe9e524
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2a34dac5fa380ef562478cff7f003120397f0737f264f6869c61297eda8a5229
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
2a955cf83ce3ba3f0e9792da77a8f277e22a27e0fe08e725667fde9bcbb67b23
2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5
2bce7624951170bc10fd7e836524146bc81ff6f38b5b1f4ada2a796e0260e0e6
2e5edc581d309e1718e2873e89534dc097ea776326ebfe65771992771f197d62
2f50ea45c31048bfa709bb3f8c1a26ad9807a27a555d1c6a1dc0f6dcf6ecf95a
30f745fcebeb5d47190a104511f9e237e676d53686fe446ccc0e0785fe493c50
312bbadd076992630c6568f11a3e59d3b581af3edecad9d7b4941037729d87d4
3368bde807b9dc25e071e9d50a7f698b8788e5b12b7a967dd1efcffb8cc957ab
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
4994fa5a6f7a8ccc75752d9f1318e97f1772182a2e4f6413ea886e19732a0187
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9
4d85222516f652c200ef03b89b4b755c6a54210c75ca599fb53e0a05d677e197
4f1a9e86d211c3111f86f465818624637c5a8b20e91e1253f78a1008b04f14c9
4fcf094b0ad604a7dc51305bbf6ecf3cd22c2729678adb8007395c998ea9abd5
52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
55e25143fa48eadea7e9fcaa1ba851cb123e0ef9e9813f799dbb40146b18fc0c
56565a28e58e16709ed6520d2f0a5c279e1c166ae34f1455eee3d9e6e4a394f9
578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93
58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056
5a577c50d0df50fe59ddd83881dd07180455bd97a482e49888714ba934a7f9c6
5d0668a2dbbb1b4951308ea413e7b0a32534bc304e25825103c769a38d6edb6b
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5dbbdc87055e3735446865635b4678301f3e2a1a8796c5c8f9e6708aee679592
6010538edf50f69ce25cbb46b5de7eba0475a8f05d1f005b0605bb5a94bf8e67
6303e6dda00ec77ec95f475bf248f9c30ba3dad07d31c48acb4949559dd8b2c6
636450e920df1c9efefebe0bd648a4054369ebda02d5a50f144312cba0365af4
6922c32e535ca0cfb108fe03596171eb470ee6bb8d85231e7fb278f0d7d670e7
69ddbbb1de9c425c5f594dffcc57bcd00b6aabeb75a3818541733d0a02568ee0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
7072e71c4451255d76dd060fa22d2372b336662caa03dad732c3e8c495e3722b
71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7
7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b
79ee1fa2648251a48cd93f1dace4a327e11fbe894e32ce31de0af090ae67d8cc
7d82943182c314151f0f2e040bf043142f31a27db30a73ea7202957ae3899082
7e53d6bb1d640561e7a15b9890c11a74b6b0f7d34c3dbfa9f387a41596cf5058
841fc1036a5008683c91f622f2bcf0f9e6a7d2d875fa156fa4a3ac108098c091
878d18e42f32616213a7a0774afdbc087b839e44600089d1d41287d2a3b99fd4
90425d65d9b6c5ca78081440ab9b6f59d531a63267d4fa549a963cbfe2123a9e
92569e9beeb76f8ae2ea2560193ef621f55007020ef7a1a8a32a41c65164409b
9672dbb3bf065e2814d3c7aa0e3d2e74536e2a4ce37b062f31487a1c36e688c3
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
97da3e6cde87d694b1fb2dd73fd9ea0652c444ea644b3170d832a5ae5e47fee8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9affd78b4d347e1173135495e1adb06e0bb8dea3d38ec0d8b546821b7d6d7cae
9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9
9ee09652280b56db59db015c319a6a6b80e1e161a8a0b703207e1a59b4c4e3a8
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
a5e4d82414a2ca26ea7d94c8586c3c32363073ecb1214c884d302439f420913c
acadd76a335e98061ef67610e2cc701027232396e26b593a2af78a6f027cef75
af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754
b0257060098cdc51166f35b62e7dd8f0c5f8d6cfa319901c0c51a629537e02fd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b3e92729562bf7aa805f612b4f909f640cdcfe2ccdc9ee6cf78f710491208e78
b7ac5a7ce95803cf0a5969e7ebc9aed6ff01aea22e5e12e1c50660fff0c0d1b8
b8449a28a151415d580be1dfd69056906199f1dd6ceb2c1b5edf61950ada9d13
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
bad19f2de7b59cf07ee9901facf805839f8d8b580c77b3b9c8df0213547d7fd4
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea
bd29338c097619843470ad38187d0c1754d939b12fa755f4c11f9e53fd46b09f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bda898dee9f63756e407d54b197e77a9f8349efd46f89df9f65ea20c05c21aab
c26dc06f4cdebfdfa37b15f2200c169f1c10c95a1b9e9ebd7615ed35be6b489c
c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47
c3e989e077a9bb7d6e1e47ba39d6b0907265a877799c11323a453413b45d7b29
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd525b67ed285b5a7786e2f7d5e9656e169ee16bbc0e6fb2286bb48a317bb361
cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0486fdb1b2151c14a59eab883d753076861139950f056474c93813a2e7129de
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d1462ee824fc3172a7c7fb70f6f2276fa6be8bcffaa9eea71ef529c94eb56124
d2504486b6ae8fb646819cdb9ce390599fb04a4511b06d72e39648a09beecff1
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d38e62f3e50f31b512f58dcd817cc1f1bac4b95e09f734bc1d79fd1861831694
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d43cd96fdf45131a049306a14096152378f435af3201abe7cbf484eca91c7b18
d4fc7cd2b72db91acccb00c112a4dfeaceb212f18e98419229fa986796a78ebc
d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1
d61bed847a1b1ac4dc945aec27f3b7fd7617c63a6397bb5f9442643865a52cfb
d81271b90b34b3b762ffa785ef0a67806bca99d0a0bdfe1216db37eeea003164
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc7e118b7e07217031d017282955569cb66891f527050135caadb2dd5779824f
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfc96491eb0a7ed5772bce6032418fe16ee5bb57963a7a2d1613f70f5ca14fa2
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e2031387eb4b7fe61f62ffb4f93742ca3f1bf72eba8a7a2e69b2aaf2efc16b1f
e274da4a9242623dfb51c1e42989ab516b43cb39e182f96b1247dd2b4739d86d
e2fc570495ce9f73780336d692d1caf5d299d81a0208243f97dacb7f345cdf15
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b45255d95c0c568dc6e8b9f70e4d2ab7aef959ea5951d45ca6dd3775f43138
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e93b1d85e9777eceb62ec06d7dacd23d475c09199b61a5fb61f10a19255ca0b8
e9b50157ca5c78e431af98d7b1fa7fbd4d384fe4f44955c5c54a15cbc8e59509
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ed753db8384dcf49657dda258479eb1456cef4f7cf3e8a8020ac95ea99fa6e6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8353a3f4850cd090ea1419a65a9be88ac47bd699fdc81586c6f099493759a0
f0dc507465585302696105abc026d61e240b1f6e5c5a7410514ccd68675c8624
f22b3dd13e81113afb3a94bc053b7f41363692316d7d61515b8a8055aba28a7c
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f
f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d
fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95
fa8048af6850d862b9cf8da838ca5f6c352e072fb5a7b365fa875390ea3067f3
fb372bf086a350fc14b803de31af04857aaf0b0e18bf7de76737715efa2ce57f
fd8496b904ded0ea8472d611839277a6a8091398ededfd2aa6b57f2eba97a3df
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.randori.com Open in urlscan Pro 35.225.197.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

192 Requests

99 %HTTPS

63 %IPv6

32 Domains

45 Subdomains

43 IPs

4 Countries

2601 kBTransfer

7601 kBSize

35 Cookies

14 Outgoing links

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.randori.com Open in urlscan Pro
35.225.197.149 Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

99 %
HTTPS

63 %
IPv6

32
Domains

45
Subdomains

43
IPs

4
Countries

2601 kB
Transfer

7601 kB
Size

35
Cookies

192 HTTP transactions
4 data transactions