pages.egress.com Open in urlscan Pro
104.17.72.206  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://info.egress.com/dc/K6o-Nvw9UekQ3gj5BouJjcVEWbFg3HFAuBVZ5o-VctaifyTPTQh_bPTciRyWOutKm4Q5n4P2y_1P05E72f_iRmE4jTtEhEGa0qfrH7ZBx1cqntEaMaMz6Ms3vZTpPoq4TMOCwKeLCNfTyLxM7ent_U5e71KFILTOWBUDi_Xz7RUJ14aLhrkATeRqZAsOTXqrNc9KB7JAtSYGeFvL4QFNMLOInlru_NDPmA-siCQHXS5xrn0-G2JdLzcHSm4xYqrf-ZT0wnTz5O-d1O9fiLqCRvjhmz20lNi2rlX9S4KyAEE=/MzQ0LVhURC02ODQAAAGBXQ_QmgqIi0fuCPF_7dmT8thvpuX6028ST3r-LKXL98lU1lkYtqT44eSW1TbFoIuQhUtccXo= Page URL
2. https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

• https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.egress.com%26pId%3d%24UID HTTP 302
• https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.egress.com%26pId%3d%24UID HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.egress.com%2526pId%253d%2524UID HTTP 302
• https://attr.ml-api.io/?domain=www.egress.com&pId=4749260730669815822

Request Chain 64

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1288474&time=1639579132309&url=https%3A%2F%2Fpages.egress.com%2FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%3Futm_campaign%3Dq4phishing%26utm_medium%3Demail%26utm_source%3Dmarketo%26utm_term%3D%26utm_content%3DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%2Fbtest HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1288474%26time%3D1639579132309%26url%3Dhttps%253A%252F%252Fpages.egress.com%252FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%253Futm_campaign%253Dq4phishing%2526utm_medium%253Demail%2526utm_source%253Dmarketo%2526utm_term%253D%2526utm_content%253DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%252Fbtest%26liSync%3Dtrue

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	MzQ0LVhURC02ODQAAAGBXQ_QmgqIi0fuCPF_7dmT8thvpuX6028ST3r-LKXL98lU1lkYtqT44eSW1TbFoIuQhUtccXo= Show response info.egress.com/dc/K6o-Nvw9UekQ3gj5BouJjcVEWbFg3HFAuBVZ5o-VctaifyTPTQh_bPTciRyWOutKm4Q5n4P2y_1P05E72f_iRmE4jTtEhEGa0qfrH7ZBx1cqntEaMaMz6Ms3vZTpPoq4TMOCwKeLCNfTyLxM7ent_U5e71KFILTOWBUDi_Xz7RUJ14aLhr...	659 B 1 KB	130ms 70ms	Document text/html	104.17.74.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.egress.com/dc/K6o-Nvw9UekQ3gj5BouJjcVEWbFg3HFAuBVZ5o-VctaifyTPTQh_bPTciRyWOutKm4Q5n4P2y_1P05E72f_iRmE4jTtEhEGa0qfrH7ZBx1cqntEaMaMz6Ms3vZTpPoq4TMOCwKeLCNfTyLxM7ent_U5e71KFILTOWBUDi_Xz7RUJ14aLhrkATeRqZAsOTXqrNc9KB7JAtSYGeFvL4QFNMLOInlru_NDPmA-siCQHXS5xrn0-G2JdLzcHSm4xYqrf-ZT0wnTz5O-d1O9fiLqCRvjhmz20lNi2rlX9S4KyAEE=/MzQ0LVhURC02ODQAAAGBXQ_QmgqIi0fuCPF_7dmT8thvpuX6028ST3r-LKXL98lU1lkYtqT44eSW1TbFoIuQhUtccXo= Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1369d686801f88955b5509660d4a14ef3532da4890d3a73dd57f61c1141759e5 Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Wed, 15 Dec 2021 14:38:50 GMT content-type text/html cache-control private, no-cache, no-store, max-age=0 x-cnection close x-content-type-options nosniff vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6be06afc59d0549f-MAN content-encoding gzip
GET H2	200	Primary Request Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html Show response pages.egress.com/	49 KB 11 KB	528ms 407ms	Document text/html	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Requested by Host: info.egress.com URL: https://info.egress.com/dc/K6o-Nvw9UekQ3gj5BouJjcVEWbFg3HFAuBVZ5o-VctaifyTPTQh_bPTciRyWOutKm4Q5n4P2y_1P05E72f_iRmE4jTtEhEGa0qfrH7ZBx1cqntEaMaMz6Ms3vZTpPoq4TMOCwKeLCNfTyLxM7ent_U5e71KFILTOWBUDi_Xz7RUJ14aLhrkATeRqZAsOTXqrNc9KB7JAtSYGeFvL4QFNMLOInlru_NDPmA-siCQHXS5xrn0-G2JdLzcHSm4xYqrf-ZT0wnTz5O-d1O9fiLqCRvjhmz20lNi2rlX9S4KyAEE=/MzQ0LVhURC02ODQAAAGBXQ_QmgqIi0fuCPF_7dmT8thvpuX6028ST3r-LKXL98lU1lkYtqT44eSW1TbFoIuQhUtccXo= Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d04c6c56bcf2008614222f9c361b44fd1fd7711461b5c43e71c5180ac28e6c85 Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://info.egress.com/ Response headers date Wed, 15 Dec 2021 14:38:50 GMT content-type text/html; charset=utf-8 p3p CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT" x-asset-type LP vary *,Accept-Encoding x-content-type-options nosniff x-cache-status BYPASS x-mkto-nginx-cache false cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6be06afdfb8e3a2f-CDG content-encoding gzip
GET H2	200	css2 fonts.googleapis.com/	5 KB 1 KB	39ms 15ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1940b7ca414417d344c0a3f22e2cb27873b399224c321d4bb3c38862e543a1db Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 15 Dec 2021 13:26:48 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 15 Dec 2021 14:38:51 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 15 Dec 2021 14:38:51 GMT
GET H2	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/	58 KB 11 KB	76ms 33ms	Stylesheet text/css	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1077714 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 10491 timing-allow-origin * last-modified Mon, 05 Oct 2020 17:43:59 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f7b5b5f-e7d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZONd2HKt473KHaUgxkQetmWbeaoesnaxgDPYC%2FglIyGiQ7c4zel2mQGEMxWelLCVX4LeilTs8dmAuge9WgfawPrCczZHm6OTqS5djadhmIOEBsGB%2FwFRU4fJ2gO%2Fys6a424nVU%2BewNlVSXVAxnmDala"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6be06b00fd2383b8-MXP expires Mon, 05 Dec 2022 14:38:51 GMT
GET H2	200	9ebb297e79.js Show response kit.fontawesome.com/	11 KB 4 KB	130ms 76ms	Script text/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/9ebb297e79.js Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc0e4f53a3c4ecde9571c39ab050d234efc7e91b23a59e9332896745a85cb490 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer https://pages.egress.com/ Origin https://pages.egress.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT content-encoding gzip cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=60, public, must-revalidate strict-transport-security max-age=31536000; preload cf-ray 6be06b010dd40f4e-MXP access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id FsD0iGnSCUJswkAH0P6C
GET H2	200	bootstrap-aug2020.css pages.egress.com/rs/344-XTD-684/images/	517 KB 65 KB	505ms 505ms	Stylesheet text/css	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pages.egress.com/rs/344-XTD-684/images/bootstrap-aug2020.css Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 23b70f17de832f7aa9cd8b7311d9f076b61ca179462e76128e321c454aeed688 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 19 Oct 2021 23:39:34 GMT server cloudflare etag "160ac2-814d9-5cebd2c7bb980" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=60 cf-ray 6be06b00b9113a2f-CDG expires Wed, 15 Dec 2021 14:39:51 GMT
GET H2	200	microsoft365.css pages.egress.com/rs/344-XTD-684/images/	14 KB 3 KB	476ms 476ms	Stylesheet text/css	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pages.egress.com/rs/344-XTD-684/images/microsoft365.css Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8374df4c6a25ffa8444d53a49cef3bb578dc0d71179109e9e663f8a7150b3675 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 19 Oct 2021 23:39:34 GMT server cloudflare etag "160ac0-365f-5cebd2c7bb980" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=60 accept-ranges bytes cf-ray 6be06b00b9123a2f-CDG content-length 2571 expires Wed, 15 Dec 2021 14:39:51 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 552 B	40ms 19ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Ubuntu Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 15 Dec 2021 13:17:09 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 15 Dec 2021 14:38:51 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 15 Dec 2021 14:38:51 GMT
GET H2	200	Egress%20Report%20Phishing-as-a-Service_LP_header.jpg pages.egress.com/rs/344-XTD-684/images/	102 KB 103 KB	49ms 47ms	Image image/jpeg	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pages.egress.com/rs/344-XTD-684/images/Egress%20Report%20Phishing-as-a-Service_LP_header.jpg Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21de42ee3b560ad711036b80c1f1daffcb0b490e96294e1233d7b86943d205b6 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT x-content-type-options nosniff cf-cache-status HIT age 41 last-modified Wed, 15 Dec 2021 14:36:31 GMT content-length 104829 cf-bgj h2pri server cloudflare etag "17f2e1-1997d-5d3303b56f9c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=60 accept-ranges bytes cf-ray 6be06b040fec3a2f-CDG expires Wed, 15 Dec 2021 14:39:51 GMT
GET H2	200	Egress_logo_yellow_white_SVG.svg pages.egress.com/rs/344-XTD-684/images/	4 KB 1 KB	69ms 67ms	Image image/svg+xml	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pages.egress.com/rs/344-XTD-684/images/Egress_logo_yellow_white_SVG.svg Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c4a47cb2b514f1dc1143d40584b13851542717fdca520c6424b0cea8b067ca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 19 Oct 2021 23:39:35 GMT server cloudflare etag W/"160ac6-e52-5cebd2c8afbc0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=60 cf-ray 6be06b040fed3a2f-CDG expires Wed, 15 Dec 2021 14:39:51 GMT
GET H2	200	Egress%20Report%20Phishing-as-a-Service_LP_thumb.png pages.egress.com/rs/344-XTD-684/images/	25 KB 25 KB	59ms 57ms	Image image/png	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pages.egress.com/rs/344-XTD-684/images/Egress%20Report%20Phishing-as-a-Service_LP_thumb.png Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e41b68acbe1829d675ef3344496c638e0798c7203d341d587e4236f2ae30c5dc Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 14 Dec 2021 17:03:15 GMT server cloudflare etag "17f7bb-6386-5d31e2a41fac0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control public, max-age=60 accept-ranges bytes cf-ray 6be06b040ffb3a2f-CDG content-length 25478 expires Wed, 15 Dec 2021 14:39:51 GMT
GET H2	200	company_logo.png pages.egress.com/rs/344-XTD-684/images/	22 KB 22 KB	73ms 71ms	Image image/png	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pages.egress.com/rs/344-XTD-684/images/company_logo.png Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63b5b11ad3de498207569e36f3920e8d10c5aa581dbe3134636c863c9799dddc Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 19 Oct 2021 23:39:35 GMT server cloudflare etag "160ac4-585c-5cebd2c8afbc0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control public, max-age=60 accept-ranges bytes cf-ray 6be06b040ffc3a2f-CDG content-length 22620 expires Wed, 15 Dec 2021 14:39:51 GMT
GET H2	200	forms2.min.js Show response pages.egress.com/js/forms2/js/	205 KB 68 KB	54ms 54ms	Script application/x-javascript	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pages.egress.com/js/forms2/js/forms2.min.js Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 12 Oct 2021 18:01:53 GMT server cloudflare etag "d02303-33210-5ce2ba3f1c640" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 cf-ray 6be06b03af383a2f-CDG expires Wed, 15 Dec 2021 18:38:51 GMT
GET H2	200	woman_1.png pages.egress.com/rs/344-XTD-684/images/	290 KB 290 KB	61ms 60ms	Image image/png	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pages.egress.com/rs/344-XTD-684/images/woman_1.png Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7e7569fb0c75920f21860bcb279e0d8f41d752a35b88076cd690909fa20d1d8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 19 Oct 2021 23:39:35 GMT server cloudflare etag "160acb-4872f-5cebd2c8afbc0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control public, max-age=60 accept-ranges bytes cf-ray 6be06b040ffe3a2f-CDG content-length 296751 expires Wed, 15 Dec 2021 14:39:51 GMT
GET H2	200	woman_2.png pages.egress.com/rs/344-XTD-684/images/	259 KB 259 KB	70ms 68ms	Image image/png	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pages.egress.com/rs/344-XTD-684/images/woman_2.png Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 906c351e3adacd30d0da7c42989d59de83174e33a88b944649d0ce81b1ec4217 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 19 Oct 2021 23:39:35 GMT server cloudflare etag "160aca-40b6f-5cebd2c8afbc0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control public, max-age=60 accept-ranges bytes cf-ray 6be06b0408003a2f-CDG content-length 265071 expires Wed, 15 Dec 2021 14:39:51 GMT
GET H2	200	laptop_group.png pages.egress.com/rs/344-XTD-684/images/	41 KB 41 KB	79ms 77ms	Image image/png	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pages.egress.com/rs/344-XTD-684/images/laptop_group.png Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d925957ae08bb42114eba59d0809b88f0f21995643ae83525de91fb479eb94ff Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 19 Oct 2021 23:39:35 GMT server cloudflare etag "160ac9-a234-5cebd2c8afbc0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control public, max-age=60 accept-ranges bytes cf-ray 6be06b04080f3a2f-CDG content-length 41524 expires Wed, 15 Dec 2021 14:39:51 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net//	1 KB 1 KB	58ms 18ms	Script application/x-javascript	104.111.234.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net//munchkin.js Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-234-67.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Wed, 15 Dec 2021 14:38:51 GMT Content-Encoding gzip Last-Modified Fri, 29 Oct 2021 01:24:07 GMT Server AkamaiNetStorage ETag "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 753
GET H2	200	stripmkttok.js Show response pages.egress.com/js/	2 KB 785 B	74ms 72ms	Script application/x-javascript	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pages.egress.com/js/stripmkttok.js Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 12 Oct 2021 18:01:54 GMT server cloudflare etag "80d97-602-5ce2ba4010880" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 accept-ranges bytes cf-ray 6be06b040feb3a2f-CDG content-length 678 expires Wed, 15 Dec 2021 18:38:51 GMT
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	59 KB 13 KB	81ms 43ms	Fetch text/css	2606:4700:3030::6815:5183 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=9ebb297e79 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/9ebb297e79.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT via 1.1 1c61bf6b3f131a78ceaeca55b689501e.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgamKqeiVGbx7V%2Fgv7fKXzSx0uV0nkVJY987bcUFuZkHTqREElGa2dgLaYpmAzll2YVDPfD2wrTDMlz64owGhjmTjtj6xSwDXeY9Io03Rldda%2BeLKCv38s4z%2F6nKfhE%2FAvvkr4s%2BodF2fnk%2BlNLa%2BSgZXA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 x-amz-cf-pop MXP64-C1 cf-ray 6be06b01be543753-MXP access-control-allow-headers fa-kit-token x-amz-cf-id 2UEy2by0_H-aEheDBi6TBEFKtNcjdY6f_HPGVQytWwPPBXvLNoUjtA==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	26 KB 5 KB	80ms 42ms	Fetch text/css	2606:4700:3030::6815:5183 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=9ebb297e79 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/9ebb297e79.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT via 1.1 1c61bf6b3f131a78ceaeca55b689501e.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"76f34b71fc9fb641507ff6a822cc07f5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2B5ybOR81ETc9x3mjILWDEcjXe%2BCWZfBmZQBZA1LdMlNSbbX9YUxhb01fL9K2AjSw3FAKpEfhsvFkTpmlcEbYte2omH1Xv8zk4DaI6ryxX%2FQmxwUxurtL9yIFeuO%2Bx%2B8Z7ZKLj%2BNFZ5TvLdZvdUrTdBXuw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 x-amz-cf-pop MXP64-C1 cf-ray 6be06b01be563753-MXP access-control-allow-headers fa-kit-token x-amz-cf-id qj2crMrx6hpceslqnmMLoxyhVF2Sx-CzOhW7a-c_bev4vvl2J8s9VQ==
GET H2	200	gtm.js Show response www.googletagmanager.com/	314 KB 83 KB	45ms 19ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5Z9HSMP Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eb25eb1c6a526d46a27b8ee6dd8c7180c9907510653f6a68bfb7f78dcacf3858 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 84169 x-xss-protection 0 last-modified Wed, 15 Dec 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 15 Dec 2021 14:38:51 GMT
GET H2	200	4iCs6KVjbNBYlgoKfw72.woff2 fonts.gstatic.com/s/ubuntu/v15/	33 KB 34 KB	31ms 8ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pages.egress.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 11:14:45 GMT x-content-type-options nosniff age 98646 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34260 x-xss-protection 0 last-modified Thu, 10 Sep 2020 17:02:57 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 14 Dec 2022 11:14:45 GMT
GET H2	200	4iCv6KVjbNBYlgoCxCvjsGyN.woff2 fonts.gstatic.com/s/ubuntu/v15/	28 KB 28 KB	39ms 16ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pages.egress.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 17:57:27 GMT x-content-type-options nosniff age 74484 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28968 x-xss-protection 0 last-modified Thu, 10 Sep 2020 17:03:43 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 14 Dec 2022 17:57:27 GMT
GET H2	200	forms2.css pages.egress.com/js/forms2/css/	13 KB 3 KB	56ms 56ms	Stylesheet text/css	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pages.egress.com/js/forms2/css/forms2.css Requested by Host: pages.egress.com URL: https://pages.egress.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 12 Oct 2021 18:01:53 GMT server cloudflare etag "d022fb-3437-5ce2ba3f1c640" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 accept-ranges bytes cf-ray 6be06b0489173a2f-CDG content-length 2623 expires Wed, 15 Dec 2021 18:38:51 GMT
GET H2	200	forms2-theme-inset.css pages.egress.com/js/forms2/css/	3 KB 1 KB	57ms 56ms	Stylesheet text/css	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pages.egress.com/js/forms2/css/forms2-theme-inset.css Requested by Host: pages.egress.com URL: https://pages.egress.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53386b51cdacd99baec553808a51cb6964b2a6e4b9db4c73d977c3d7311c76b6 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 12 Oct 2021 18:01:53 GMT server cloudflare etag "d022fe-d86-5ce2ba3f1c640" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 accept-ranges bytes cf-ray 6be06b0489193a2f-CDG content-length 953 expires Wed, 15 Dec 2021 18:38:51 GMT
GET H2	200	free-fa-brands-400.woff2 ka-f.fontawesome.com/releases/v5.15.4/webfonts/	75 KB 75 KB	26ms 25ms	Font font/woff2	2606:4700:3030::6815:5183 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2 Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813 Request headers Referer https://pages.egress.com/ Origin https://pages.egress.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT via 1.1 c2015c52d38ccde0fdca03737208f711.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 69 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 76736 last-modified Wed, 04 Aug 2021 18:58:24 GMT server cloudflare etag "4f5ec865a8274ab291b6a42b5f70639e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOiXARlG%2FqT9pj5%2BucowNvD4aUHq6Yggrw3r2slnMklEyzgL9u5V1I7bMj40zqx0q7WdfKILvybAgABk3MFNv0KXJheXpZhwWg9LijZlmSFdwwbZ5EMzLaBfmxe%2BA9NaCt1SaSyWcDBJfbdeosG61H6SNQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 x-amz-cf-pop MXP64-C1 accept-ranges bytes cf-ray 6be06b048cdf3753-MXP access-control-allow-headers fa-kit-token x-amz-cf-id vOixvnxr2p1lFJ_WdX3gBz18M2ZF0Kpj4fCAUD6vkAh5afp7r1KUcg==
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/161/	11 KB 5 KB	20ms 19ms	Script application/x-javascript	104.111.234.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/161/munchkin.js Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net//munchkin.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-234-67.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Wed, 15 Dec 2021 14:38:51 GMT Content-Encoding gzip Last-Modified Wed, 08 Sep 2021 00:38:21 GMT Server AkamaiNetStorage ETag "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Cache-Control max-age=8640000 Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 4681 Expires Fri, 25 Mar 2022 14:38:51 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	33ms 7ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z9HSMP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 5865 date Wed, 15 Dec 2021 13:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 15 Dec 2021 15:01:06 GMT
GET H2	200	OtAutoBlock.js Show response cdn-ukwest.onetrust.com/consent/5c6346bd-9eb6-4251-9e2d-9ea581c6c23a/	6 KB 2 KB	82ms 31ms	Script application/x-javascript	2606:4700:10::6814:b944 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/consent/5c6346bd-9eb6-4251-9e2d-9ea581c6c23a/OtAutoBlock.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z9HSMP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea825e8a0f8bdb16ba85e659a152b68b5715bb0444888dc79daa6052837a400c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 15 Dec 2021 14:38:51 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT content-md5 USsqAbHzy6z75ni5hq6qpA== age 7248 content-length 1854 x-ms-lease-status unlocked last-modified Fri, 12 Nov 2021 11:13:55 GMT server cloudflare etag 0x8D9A5CD8401295C expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 4febd156-a01e-0046-19dd-e7fa0d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6be06b055e974315-FRA
GET H2	200	cfbrvkdfziti.js Show response js.driftt.com/include/1639579200000/	218 KB 62 KB	202ms 141ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/include/1639579200000/cfbrvkdfziti.js Requested by Host: info.egress.com URL: https://info.egress.com/dc/K6o-Nvw9UekQ3gj5BouJjcVEWbFg3HFAuBVZ5o-VctaifyTPTQh_bPTciRyWOutKm4Q5n4P2y_1P05E72f_iRmE4jTtEhEGa0qfrH7ZBx1cqntEaMaMz6Ms3vZTpPoq4TMOCwKeLCNfTyLxM7ent_U5e71KFILTOWBUDi_Xz7RUJ14aLhrkATeRqZAsOTXqrNc9KB7JAtSYGeFvL4QFNMLOInlru_NDPmA-siCQHXS5xrn0-G2JdLzcHSm4xYqrf-ZT0wnTz5O-d1O9fiLqCRvjhmz20lNi2rlX9S4KyAEE=/MzQ0LVhURC02ODQAAAGBXQ_QmgqIi0fuCPF_7dmT8thvpuX6028ST3r-LKXL98lU1lkYtqT44eSW1TbFoIuQhUtccXo= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash aa82097c9e8bddaf6321732c1cb749fe50fe87d246d967619fd78e7ffc738466 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-amz-version-id rei7PN32G8Xi.TUkUUNOUz8pBMXFCEj9 content-encoding gzip etag W/"b07c2cc0c072e7303b614224af6d4205" x-amz-cf-pop ZRH50-C1 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Tue, 14 Dec 2021 14:21:34 GMT server nginx date Wed, 15 Dec 2021 14:38:51 GMT vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control no-cache access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id BRQv13JT7KaiMi2kWIaKIhlMMZqcAgNlMfh6j5m77KPZAqdCss9rQQ==
POST H/1.1	200 OK	visitWebPage 344-xtd-684.mktoresp.com/webevents/	2 B 475 B	149ms 70ms	Ping text/plain	134.213.193.62 RACKSPACE-LON
General Check archive.org Show headers Download Go to Full URL https://344-xtd-684.mktoresp.com/webevents/visitWebPage?_mchNc=1639579131695&_mchCn=Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE&_mchId=344-XTD-684&_mchTk=_mch-egress.com-1639579131693-25581&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o&_mchWs=j1RR&_mchHo=pages.egress.com&_mchPo=&_mchRu=%2FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Finfo.egress.com%2F&_mchQp=utm_campaign%3Dq4phishing__-__utm_medium%3Demail__-__utm_source%3Dmarketo__-__utm_term%3D__-__utm_content%3DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%2Fbtest__-__mkt_tok%3DMzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/161/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 134.213.193.62 , United Kingdom, ASN15395 (RACKSPACE-LON, GB), Reverse DNS Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://pages.egress.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Wed, 15 Dec 2021 14:38:51 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/plain; charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive X-Request-Id 2ec50403-aa7d-48f2-a374-bf9778dcd873
GET H2	200	arrow-down-bk.png pages.egress.com/js/forms2/images/	1 KB 1 KB	52ms 52ms	Image image/png	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pages.egress.com/js/forms2/images/arrow-down-bk.png Requested by Host: pages.egress.com URL: https://pages.egress.com/js/forms2/css/forms2-theme-inset.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56533e637a5c980ba4c1653ed7eea219cdbd2e86f1448c1aa38c538cb1f89285 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/js/forms2/css/forms2-theme-inset.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Tue, 12 Oct 2021 18:01:53 GMT server cloudflare etag "d022be-415-5ce2ba3f1c640" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control public, max-age=60 accept-ranges bytes cf-ray 6be06b054ad33a2f-CDG content-length 1045 expires Wed, 15 Dec 2021 14:39:51 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	30ms 14ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=522559938&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpages.egress.com%2FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%3Futm_campaign%3Dq4phishing%26utm_medium%3Demail%26utm_source%3Dmarketo%26utm_term%3D%26utm_content%3DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%2Fbtest%26mkt_tok%3DMzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o&dr=https%3A%2F%2Finfo.egress.com%2F&ul=en-us&de=UTF-8&dt=Phishing-as-a-service%3A%20How%20cybercrime%20went%20commercial&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Form%20View&ea=UK%20Marketo%20Form%20View&el=https%3A%2F%2Fpages.egress.com%2FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%3Futm_campaign%3Dq4phishing%26utm_medium%3Demail%26utm_source%3Dmarketo%26utm_term%3D%26utm_content%3DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%2Fbtest%26mkt_tok%3DMzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o&_u=YEBAAEABAAAAAC~&jid=64285109&gjid=1072783430&cid=858430635.1639579132&tid=UA-3866904-1&_gid=1290006218.1639579132&_r=1&gtm=2wgc105Z9HSMP&z=242487881 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pages.egress.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 15 Dec 2021 14:38:51 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pages.egress.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	otSDKStub.js Show response cdn-ukwest.onetrust.com/scripttemplates/	19 KB 7 KB	38ms 38ms	Script application/javascript	2606:4700:10::6814:b944 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z9HSMP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 15 Dec 2021 14:38:51 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT content-md5 Lh0CEVPkmGuwf4KyqdKdhw== age 1123944 content-length 6403 x-ms-lease-status unlocked last-modified Tue, 23 Nov 2021 21:06:58 GMT server cloudflare etag 0x8D9AEC52FF35064 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id a8ecd8f4-901e-0028-1988-e75324000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=691200 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6be06b05af474315-FRA expires Thu, 23 Dec 2021 14:38:51 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 442 B	61ms 20ms	XHR text/plain	2a00:1450:400c:c08::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3866904-1&cid=858430635.1639579132&jid=64285109&gjid=1072783430&_gid=1290006218.1639579132&_u=YEBAAEAAAAAAAC~&z=699322923 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://pages.egress.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 15 Dec 2021 14:38:51 GMT content-type text/plain access-control-allow-origin https://pages.egress.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	5c6346bd-9eb6-4251-9e2d-9ea581c6c23a.json Show response cdn-ukwest.onetrust.com/consent/5c6346bd-9eb6-4251-9e2d-9ea581c6c23a/	4 KB 2 KB	75ms 35ms	XHR application/x-javascript	2606:4700:10::6814:b944 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/consent/5c6346bd-9eb6-4251-9e2d-9ea581c6c23a/5c6346bd-9eb6-4251-9e2d-9ea581c6c23a.json Requested by Host: cdn-ukwest.onetrust.com URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9278b5a3b2722973d9861751435ecfa39837165f478dbc3a7a4850e3a7507a9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 15 Dec 2021 14:38:51 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT content-md5 oKe257Vrrpwm9gfKWoGEdg== age 3220 content-length 1441 x-ms-lease-status unlocked last-modified Fri, 12 Nov 2021 11:13:54 GMT server cloudflare etag 0x8D9A5CD83E78908 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 24b9f17b-e01e-0068-3132-f17aca000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6be06b062f523742-MXP
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	56ms 32ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3866904-1&cid=858430635.1639579132&jid=64285109&_u=YEBAAEAAAAAAAC~&z=1129558698 Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Wed, 15 Dec 2021 14:38:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	54ms 29ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3866904-1&cid=858430635.1639579132&jid=64285109&_u=YEBAAEAAAAAAAC~&z=1129558698 Requested by Host: pages.egress.com URL: https://pages.egress.com/Whitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html?utm_campaign=q4phishing&utm_medium=email&utm_source=marketo&utm_term=&utm_content=Whitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a/btest&mkt_tok=MzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Wed, 15 Dec 2021 14:38:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	193 B 238 B	37ms 36ms	Script text/javascript	2606:4700:10::6814:b944 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn-ukwest.onetrust.com URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:51 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6be06b0669734315-FRA
GET H2	200	otBannerSdk.js Show response cdn-ukwest.onetrust.com/scripttemplates/6.26.0/	319 KB 76 KB	46ms 45ms	Script application/javascript	2606:4700:10::6814:b944 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/scripttemplates/6.26.0/otBannerSdk.js Requested by Host: cdn-ukwest.onetrust.com URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 972688e6f6c24d2b23019a796b19f90515ba5f4ff744747c072b79fa44de3432 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 15 Dec 2021 14:38:51 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT content-md5 fFt4+LicLBj64XIOlrs8+w== age 1123942 content-length 77724 x-ms-lease-status unlocked last-modified Tue, 02 Nov 2021 20:13:38 GMT server cloudflare etag 0x8D99E3D41FDB3D0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 92034d16-201e-0013-2c88-e7117a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=691200 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6be06b06aa0e4315-FRA expires Thu, 23 Dec 2021 14:38:51 GMT
GET H2	200	en.json Show response cdn-ukwest.onetrust.com/consent/5c6346bd-9eb6-4251-9e2d-9ea581c6c23a/92ea4352-8491-457a-8445-b9d10bc54238/	56 KB 13 KB	40ms 40ms	Fetch application/x-javascript	2606:4700:10::6814:b944 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/consent/5c6346bd-9eb6-4251-9e2d-9ea581c6c23a/92ea4352-8491-457a-8445-b9d10bc54238/en.json Requested by Host: cdn-ukwest.onetrust.com URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.26.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1590817f2354251d80cbff48c937cdd65c2e69d8603a6295b064497aed35b839 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 15 Dec 2021 14:38:52 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT content-md5 fMU2VaWeZZmukd1J5w7Ekg== age 3221 content-length 13293 x-ms-lease-status unlocked last-modified Fri, 12 Nov 2021 11:13:59 GMT server cloudflare etag 0x8D9A5CD86C14706 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 65cb3a37-901e-0028-0b32-f15324000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6be06b0729a33742-MXP
GET H2	200	core Show response js.driftt.com/ Frame 0B34	2 KB 1 KB	275ms 275ms	Document text/html	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false Requested by Host: js.driftt.com URL: https://js.driftt.com/include/1639579200000/cfbrvkdfziti.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 9866e1a6b0931899aed27def0df2f66496529a063697495c69e91a0b4c604888 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ Response headers content-type text/html; charset=utf-8 server nginx last-modified Tue, 14 Dec 2021 14:21:26 GMT x-amz-server-side-encryption AES256 x-amz-version-id ReCoSeP0ofcesPYN5RalkRrImRRXqHh8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip date Wed, 15 Dec 2021 14:38:52 GMT cache-control no-cache etag W/"1681096b18f37a28fcd4dd03770c3c92" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amz-cf-id ap0OQp9qQpFEQzDlUzlAqg2oOWEBdhEo5kMwAZMvG_EHI_oEyqf79Q==
GET H2	200	chat Show response js.driftt.com/core/ Frame 9B72	2 KB 1 KB	103ms 103ms	Document text/html	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 Requested by Host: js.driftt.com URL: https://js.driftt.com/include/1639579200000/cfbrvkdfziti.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 9866e1a6b0931899aed27def0df2f66496529a063697495c69e91a0b4c604888 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ Response headers content-type text/html; charset=utf-8 server nginx last-modified Tue, 14 Dec 2021 14:21:26 GMT x-amz-server-side-encryption AES256 x-amz-version-id ReCoSeP0ofcesPYN5RalkRrImRRXqHh8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip date Wed, 15 Dec 2021 14:38:52 GMT cache-control no-cache etag W/"1681096b18f37a28fcd4dd03770c3c92" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amz-cf-id nl2e6sUAMiN9dfFMCF-qZmbWPDXfCs3X2tKqJY0qQ0OFyKb6RgMAKA==
GET H2	200	otFlat.json Show response cdn-ukwest.onetrust.com/scripttemplates/6.26.0/assets/	13 KB 3 KB	44ms 44ms	Fetch application/json	2606:4700:10::6814:b944 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/scripttemplates/6.26.0/assets/otFlat.json Requested by Host: cdn-ukwest.onetrust.com URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.26.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 15 Dec 2021 14:38:52 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT content-md5 ASVZLPd+xMM0/jyRSPqPUg== age 61604 content-length 2950 x-ms-lease-status unlocked last-modified Tue, 02 Nov 2021 20:13:24 GMT server cloudflare etag 0x8D99E3D39C0911A expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id a8503bc3-001e-004b-2632-f11501000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=691200 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6be06b077a503742-MXP expires Thu, 23 Dec 2021 14:38:52 GMT
GET H2	200	otPcCenter.json Show response cdn-ukwest.onetrust.com/scripttemplates/6.26.0/assets/v2/	47 KB 11 KB	50ms 50ms	Fetch application/json	2606:4700:10::6814:b944 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/scripttemplates/6.26.0/assets/v2/otPcCenter.json Requested by Host: cdn-ukwest.onetrust.com URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.26.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4f02e9d367192c2c79c674f41b7eae83bcfe93c4e6fcfc5e7d1e34cfa2b7d00 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 15 Dec 2021 14:38:52 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT content-md5 Fgv6iMSEkKBzUyiMHYw6Yg== age 61604 content-length 11581 x-ms-lease-status unlocked last-modified Tue, 02 Nov 2021 20:13:26 GMT server cloudflare etag 0x8D99E3D3ACC4525 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id b9b6b308-401e-0065-4932-f195c6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=691200 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6be06b077a583742-MXP expires Thu, 23 Dec 2021 14:38:52 GMT
GET H2	200	otCommonStyles.css Show response cdn-ukwest.onetrust.com/scripttemplates/6.26.0/assets/	20 KB 4 KB	39ms 39ms	Fetch text/css	2606:4700:10::6814:b944 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ukwest.onetrust.com/scripttemplates/6.26.0/assets/otCommonStyles.css Requested by Host: cdn-ukwest.onetrust.com URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.26.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 15 Dec 2021 14:38:52 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT content-md5 Ye6OeZcNyuFoWog7CYs00A== age 61604 x-ms-lease-status unlocked last-modified Tue, 02 Nov 2021 20:13:51 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css access-control-allow-origin * x-ms-request-id 984bb66e-601e-0014-7632-f1e7ff000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=691200 x-ms-version 2009-09-19 cf-ray 6be06b077a5b3742-MXP expires Thu, 23 Dec 2021 14:38:52 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	163 KB 60 KB	33ms 17ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-NTD9PLSVSF&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z9HSMP Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 095de64ef78f91cc616bf416c46f648df2de105fcabb2059ed857606fe095b7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:52 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61799 x-xss-protection 0 expires Wed, 15 Dec 2021 14:38:52 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	163 KB 60 KB	43ms 28ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-WXGYXDDNRW&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z9HSMP Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4f1f0000089136d9f3d3470fc17ff5d0af11a334034838b9a0fd7ee14979800d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:52 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61803 x-xss-protection 0 expires Wed, 15 Dec 2021 14:38:52 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	163 KB 60 KB	44ms 30ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-J401M4BCZP&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z9HSMP Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 94f11d51f6e0597c2947b40dea503640f45fb2f221320b55f1350101b30b38c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:52 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61807 x-xss-protection 0 expires Wed, 15 Dec 2021 14:38:52 GMT
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	5 KB 2 KB	96ms 47ms	Script application/x-javascript	2a02:26f0:6c00::210:ba11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z9HSMP Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Wed, 15 Dec 2021 14:38:52 GMT Content-Encoding gzip Last-Modified Wed, 29 Sep 2021 19:17:49 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=57820 Connection keep-alive Accept-Ranges bytes Content-Length 2036
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	37 KB 14 KB	60ms 20ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z9HSMP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:52 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14328 x-xss-protection 0 server cafe etag 12503521247758841375 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Wed, 15 Dec 2021 14:38:52 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/	1 KB 1 KB	18ms 18ms	Script application/x-javascript	104.111.234.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/munchkin.js Requested by Host: info.egress.com URL: https://info.egress.com/dc/K6o-Nvw9UekQ3gj5BouJjcVEWbFg3HFAuBVZ5o-VctaifyTPTQh_bPTciRyWOutKm4Q5n4P2y_1P05E72f_iRmE4jTtEhEGa0qfrH7ZBx1cqntEaMaMz6Ms3vZTpPoq4TMOCwKeLCNfTyLxM7ent_U5e71KFILTOWBUDi_Xz7RUJ14aLhrkATeRqZAsOTXqrNc9KB7JAtSYGeFvL4QFNMLOInlru_NDPmA-siCQHXS5xrn0-G2JdLzcHSm4xYqrf-ZT0wnTz5O-d1O9fiLqCRvjhmz20lNi2rlX9S4KyAEE=/MzQ0LVhURC02ODQAAAGBXQ_QmgqIi0fuCPF_7dmT8thvpuX6028ST3r-LKXL98lU1lkYtqT44eSW1TbFoIuQhUtccXo= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-234-67.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Wed, 15 Dec 2021 14:38:52 GMT Content-Encoding gzip Last-Modified Fri, 29 Oct 2021 01:24:07 GMT Server AkamaiNetStorage ETag "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 753
GET H2	200	fs.js Show response edge.fullstory.com/s/	216 KB 65 KB	32ms 9ms	Script application/javascript	35.201.112.186 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://edge.fullstory.com/s/fs.js Requested by Host: info.egress.com URL: https://info.egress.com/dc/K6o-Nvw9UekQ3gj5BouJjcVEWbFg3HFAuBVZ5o-VctaifyTPTQh_bPTciRyWOutKm4Q5n4P2y_1P05E72f_iRmE4jTtEhEGa0qfrH7ZBx1cqntEaMaMz6Ms3vZTpPoq4TMOCwKeLCNfTyLxM7ent_U5e71KFILTOWBUDi_Xz7RUJ14aLhrkATeRqZAsOTXqrNc9KB7JAtSYGeFvL4QFNMLOInlru_NDPmA-siCQHXS5xrn0-G2JdLzcHSm4xYqrf-ZT0wnTz5O-d1O9fiLqCRvjhmz20lNi2rlX9S4KyAEE=/MzQ0LVhURC02ODQAAAGBXQ_QmgqIi0fuCPF_7dmT8thvpuX6028ST3r-LKXL98lU1lkYtqT44eSW1TbFoIuQhUtccXo= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 186.112.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 74a5ee337ab321551566c09fcce4f854783da8848c3d1b6ff23ef0a0dd3702c6 Request headers Referer https://pages.egress.com/ Origin https://pages.egress.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 13:48:19 GMT content-encoding gzip age 3033 x-guploader-uploadid ADPycdtp4ZA4yFB3wWlTTHjwLofGVgbHktoen9Qze2Xb80Y6bB6yymg5T-TDmvszDJyH9nvt0oHdRxqregy4gbKsHoefKVbz-Q x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc clear content-length 66379 last-modified Thu, 11 Nov 2021 16:56:30 GMT server UploadServer etag "8044aa08a536a27b1716656fdb423e9f" x-goog-hash crc32c=okCYgQ==, md5=gESqCKU2onsXFmVv20I+nw== x-goog-generation 1636649790328030 access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600,no-transform x-goog-stored-content-length 66379 accept-ranges bytes content-type application/javascript expires Wed, 15 Dec 2021 14:48:19 GMT
GET H2	200	130621014.js Show response extend.vimeocdn.com/ga/	17 KB 6 KB	32ms 7ms	Script text/javascript	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://extend.vimeocdn.com/ga/130621014.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z9HSMP Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Apache / Resource Hash 71160cdda04762147f200673de4fdd9e120fdb69b2d4fe06bce3cea06f042bce Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:52 GMT content-encoding gzip age 2387280 x-cache HIT x-cache-hits 288483 content-length 5692 x-served-by cache-hhn4074-HHN x-vimeo-dc ge last-modified Wed, 17 Nov 2021 22:56:52 GMT server Apache x-timer S1639579132.117893,VS0,VE0 etag "43e3-5d103f52c9500-gzip" vary Accept-Encoding content-type text/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=86400 x-bapp-server assets-v5293-wvfnr accept-ranges bytes timing-allow-origin * expires Sat, 15 Nov 2031 23:30:52 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 6ms	Image image/gif	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=522559938&t=pageview&_s=1&dl=https%3A%2F%2Fpages.egress.com%2FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%3Futm_campaign%3Dq4phishing%26utm_medium%3Demail%26utm_source%3Dmarketo%26utm_term%3D%26utm_content%3DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%2Fbtest&dr=https%3A%2F%2Finfo.egress.com%2F&ul=en-us&de=UTF-8&dt=Phishing-as-a-service%3A%20How%20cybercrime%20went%20commercial&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=858430635.1639579132&tid=UA-3866904-1&_gid=1290006218.1639579132&gtm=2wgc105Z9HSMP&z=1104293937 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Wed, 15 Dec 2021 10:59:56 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 13136 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ attr.ml-api.io/ Redirect Chain https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.egress.com%26pId%3d%24UID https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.egress.com%26pId%3d%24UID https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.egress.com%2526pId%253d%2524UID https://attr.ml-api.io/?domain=www.egress.com&pId=4749260730669815822	0 244 B	398ms 346ms	Image application/json	2600:9000:2190:8600:12:3734:2a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://attr.ml-api.io/?domain=www.egress.com&pId=4749260730669815822 Protocol H2 Server 2600:9000:2190:8600:12:3734:2a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:52 GMT via 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront) apigw-requestid KZSfigWMIAMEVuQ= x-amz-cf-pop ZRH50-C1 x-cache Miss from cloudfront content-type application/json content-length 0 x-amz-cf-id qpDztYAHZczqFQmHnKfjFOpFvXoeDy59KCx1nTAB51kADDyxh3_o6Q== Redirect headers Pragma no-cache Date Wed, 15 Dec 2021 14:38:52 GMT X-Proxy-Origin 185.232.23.182; 185.232.23.182; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid ee4ff046-1fca-45b8-811f-25131f260316 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://attr.ml-api.io/?domain=www.egress.com&pId=4749260730669815822 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	14ms 13ms	Ping text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-NTD9PLSVSF&gtm=2oec10&_p=522559938&sr=1600x1200&ul=en-us&cid=858430635.1639579132&_s=1&dl=https%3A%2F%2Fpages.egress.com%2FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%3Futm_campaign%3Dq4phishing%26utm_medium%3Demail%26utm_source%3Dmarketo%26utm_term%3D%26utm_content%3DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%2Fbtest&dr=https%3A%2F%2Finfo.egress.com%2F&dt=Phishing-as-a-service%3A%20How%20cybercrime%20went%20commercial&sid=1639579132&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NTD9PLSVSF&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pages.egress.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 15 Dec 2021 14:38:52 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pages.egress.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	817 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
POST H3	204	collect www.google-analytics.com/g/	0 17 B	16ms 16ms	Ping text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-WXGYXDDNRW&gtm=2oec10&_p=522559938&sr=1600x1200&ul=en-us&cid=858430635.1639579132&_s=1&dl=https%3A%2F%2Fpages.egress.com%2FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%3Futm_campaign%3Dq4phishing%26utm_medium%3Demail%26utm_source%3Dmarketo%26utm_term%3D%26utm_content%3DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%2Fbtest&dr=https%3A%2F%2Finfo.egress.com%2F&dt=Phishing-as-a-service%3A%20How%20cybercrime%20went%20commercial&sid=1639579132&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-WXGYXDDNRW&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pages.egress.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 15 Dec 2021 14:38:52 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pages.egress.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	runtime~main.b5231fdb.js Show response js.driftt.com/core/assets/js/ Frame 9B72	6 KB 3 KB	12ms 12ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 4497e8022e1a35c31ceb2f26213d77fef26de39398dfca2d5f6fda971149b1ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 Origin https://js.driftt.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:21:25 GMT content-encoding gzip age 87447 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 13 Dec 2021 22:15:55 GMT server nginx etag W/"014bd97619cc8582278700d0a77d6d98" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id GeeuvCj73tfrNARWJpRIp1y79WlKyrds via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id SEHkRr40w_YnSx0ZI0ZylZk2aVTnuzsNUi3uDUjMczm8aRJ1O2DH_A==
GET H2	200	4.a93e53d9.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	58 KB 20 KB	14ms 13ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 Origin https://js.driftt.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 06 Aug 2021 19:32:17 GMT content-encoding gzip age 11300795 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 06 Aug 2021 18:47:25 GMT server nginx etag W/"fce0b3daf28dfa888be2818f43b06ef0" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id KYlRwhH3vlwWp5djdEe-2XSZQVKWg02YoT9kjjo_YPNIRpo3d4XcOg==
GET H2	200	main~493df0b3.580db5ef.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	6 KB 3 KB	14ms 14ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/main~493df0b3.580db5ef.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 Origin https://js.driftt.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 25 Oct 2021 06:03:57 GMT content-encoding gzip age 4437295 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 22 Oct 2021 17:07:00 GMT server nginx etag W/"9b4aab2d855603fa59a09f8160eb7cb4" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id SHbjo2Z875cq.BpS9ven0n3hNF1FVxPh via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 9apZfe7Ms_gleZO4ZxBCJjMo5YBk8cw8WUfCsJQuaqgSSJJqPUOteQ==
POST H2	200	page Show response rs.fullstory.com/rec/	3 KB 1 KB	519ms 496ms	XHR application/json	35.186.194.58 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rs.fullstory.com/rec/page Requested by Host: edge.fullstory.com URL: https://edge.fullstory.com/s/fs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 58.194.186.35.bc.googleusercontent.com Software / Resource Hash 437537fd3eefc5a10bac9cac6107e172f71916ba4a7a28216fb9329684c2fa59 Request headers Referer https://pages.egress.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers date Wed, 15 Dec 2021 14:38:52 GMT content-encoding gzip content-type application/json; charset=utf-8 access-control-allow-origin https://pages.egress.com access-control-allow-credentials true alt-svc clear content-length 1277 via 1.1 google
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/347166611/	3 KB 2 KB	43ms 19ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/347166611/?random=1639579132261&cv=9&fst=1639579132261&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fpages.egress.com%2FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%3Futm_campaign%3Dq4phishing%26utm_medium%3Demail%26utm_source%3Dmarketo%26utm_term%3D%26utm_content%3DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%2Fbtest&ref=https%3A%2F%2Finfo.egress.com%2F&tiba=Phishing-as-a-service%3A%20How%20cybercrime%20went%20commercial&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9f9e29a0cc0433ffb9db8f5e028e242d679c886394686dd8ac6894000eb08570 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Wed, 15 Dec 2021 14:38:52 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1149 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	14ms 14ms	Ping text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-J401M4BCZP&gtm=2oec10&_p=522559938&sr=1600x1200&ul=en-us&cid=858430635.1639579132&_s=1&dl=https%3A%2F%2Fpages.egress.com%2FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%3Futm_campaign%3Dq4phishing%26utm_medium%3Demail%26utm_source%3Dmarketo%26utm_term%3D%26utm_content%3DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%2Fbtest&dr=https%3A%2F%2Finfo.egress.com%2F&dt=Phishing-as-a-service%3A%20How%20cybercrime%20went%20commercial&sid=1639579132&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-J401M4BCZP&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pages.egress.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 15 Dec 2021 14:38:52 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pages.egress.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	429	li_sync www.linkedin.com/px/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1288474&time=1639579132309&url=https%3A%2F%2Fpages.egress.com%2FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%3Futm_campaign%3Dq4phishi... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1288474%26time%3D1639579132309%26url%3Dhttps%253A%252F%252Fpages.egress.com%252FW...	0 173 B	103ms 102ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1288474%26time%3D1639579132309%26url%3Dhttps%253A%252F%252Fpages.egress.com%252FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%253Futm_campaign%253Dq4phishing%2526utm_medium%253Demail%2526utm_source%253Dmarketo%2526utm_term%253D%2526utm_content%253DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%252Fbtest%26liSync%3Dtrue Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Wed, 15 Dec 2021 14:38:51 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 51A2593260B04E4299EA1D12E13B785F Ref B: FRAEDGE0707 Ref C: 2021-12-15T14:38:52Z x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 cache-control no-cache, no-store x-li-proto http/2 content-length 0 x-li-uuid AAXTMEPGjFjHnLikzGKphA== expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers date Wed, 15 Dec 2021 14:38:51 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 80D817FA18AB4E1CB20A1F683B0DEDA7 Ref B: FRAEDGE0707 Ref C: 2021-12-15T14:38:52Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1288474%26time%3D1639579132309%26url%3Dhttps%253A%252F%252Fpages.egress.com%252FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%253Futm_campaign%253Dq4phishing%2526utm_medium%253Demail%2526utm_source%253Dmarketo%2526utm_term%253D%2526utm_content%253DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%252Fbtest%26liSync%3Dtrue x-li-proto http/2 content-length 0 x-li-uuid AAXTMEPEX2t0KcKN4dZnYg==
GET H2	200	runtime~main.b5231fdb.js Show response js.driftt.com/core/assets/js/ Frame 0B34	6 KB 3 KB	14ms 13ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 4497e8022e1a35c31ceb2f26213d77fef26de39398dfca2d5f6fda971149b1ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false Origin https://js.driftt.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:21:25 GMT content-encoding gzip age 87447 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 13 Dec 2021 22:15:55 GMT server nginx etag W/"014bd97619cc8582278700d0a77d6d98" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id GeeuvCj73tfrNARWJpRIp1y79WlKyrds via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 005sRyu0QFbfDSOdd17S4zSj8hETgk6qcojVAcRbM3f3GZUHXPQpTQ==
GET H2	200	4.a93e53d9.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	58 KB 20 KB	16ms 15ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false Origin https://js.driftt.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 06 Aug 2021 19:32:17 GMT content-encoding gzip age 11300795 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 06 Aug 2021 18:47:25 GMT server nginx etag W/"fce0b3daf28dfa888be2818f43b06ef0" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 1IM805pHH3AIyXKQ0H_MsPrI7ZAKwkhZvPHZ5X0eTOpbMUmQvcp42A==
GET H2	200	main~493df0b3.580db5ef.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	6 KB 3 KB	16ms 16ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/main~493df0b3.580db5ef.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false Origin https://js.driftt.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 25 Oct 2021 06:03:57 GMT content-encoding gzip age 4437295 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 22 Oct 2021 17:07:00 GMT server nginx etag W/"9b4aab2d855603fa59a09f8160eb7cb4" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id SHbjo2Z875cq.BpS9ven0n3hNF1FVxPh via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Pqvfgt4_IOeha8rxiC2cJXTIFYzMAhJkvxQPzHC734QIQ0APTzCUNQ==
GET H3	200	/ www.google.com/pagead/1p-user-list/347166611/	42 B 64 B	42ms 23ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/347166611/?random=1639579132261&cv=9&fst=1639576800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fpages.egress.com%2FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%3Futm_campaign%3Dq4phishing%26utm_medium%3Demail%26utm_source%3Dmarketo%26utm_term%3D%26utm_content%3DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%2Fbtest&ref=https%3A%2F%2Finfo.egress.com%2F&tiba=Phishing-as-a-service%3A%20How%20cybercrime%20went%20commercial&async=1&fmt=3&is_vtc=1&random=1611462043&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Wed, 15 Dec 2021 14:38:52 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/347166611/	42 B 64 B	40ms 22ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/347166611/?random=1639579132261&cv=9&fst=1639576800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fpages.egress.com%2FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%3Futm_campaign%3Dq4phishing%26utm_medium%3Demail%26utm_source%3Dmarketo%26utm_term%3D%26utm_content%3DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%2Fbtest&ref=https%3A%2F%2Finfo.egress.com%2F&tiba=Phishing-as-a-service%3A%20How%20cybercrime%20went%20commercial&async=1&fmt=3&is_vtc=1&random=1611462043&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Wed, 15 Dec 2021 14:38:52 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	42.3b1c2441.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	47 KB 14 KB	13ms 12ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 01 Nov 2021 02:54:58 GMT content-encoding gzip age 3843834 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 29 Oct 2021 20:21:08 GMT server nginx etag W/"62fe06940598a98760a9eae46800ff59" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id ZvrGZ__CENehO4yWRJghqJAjDXfkpDfG via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id -pRPqvZe8NGKQXyaOlzidgW02JpMaUOCm78VlYUQ6pD77OjLoFox6A==
GET H2	200	17.cce21c2a.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	44 KB 13 KB	14ms 14ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/17.cce21c2a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 01 Nov 2021 02:54:58 GMT content-encoding gzip age 3843834 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 29 Oct 2021 20:21:07 GMT server nginx etag W/"565bf690dc82ce7e1f45c9647d892490" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id V1tQBeNhHuSP3Kq4PFVzDyqDvIlj_GeG via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id WQGs2u4OuxBwloSQaQqiTmjW7TXRecEI0wX08t3RERuyky7Yyt5b7w==
GET H2	200	35.3e4eba7e.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	25 KB 8 KB	15ms 14ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 06 Nov 2021 02:57:28 GMT content-encoding gzip age 3411684 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 05 Nov 2021 15:09:54 GMT server nginx etag W/"b1a0f364c9ad5137b5ab8e5237a825b8" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id rVOZxkkH0Vnn22xeEPRRFzkcE.ar0yRa via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id ki6npe1-X7JfT3OZnWiM0VFzSdhdQ1xwpZb9nPEr6jxX4SAhGhNH7w==
GET H2	200	15.8065fdbf.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	16 KB 5 KB	15ms 14ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 06 Sep 2021 06:18:05 GMT content-encoding gzip age 8670047 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 03 Sep 2021 14:38:32 GMT server nginx etag W/"db60664de2c8d54d23e359c94e68f6ce" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id vLMtFICr__AmVbpyC1134yZVvjJr6q0Q via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id DPPNGdFef7-hgczPSyXkzOJ2thqZb9VrTlFPdTO7uIZI-7aUvYEptg==
GET H2	200	19.5937a5b2.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	72 KB 22 KB	16ms 15ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/19.5937a5b2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 01 Nov 2021 02:55:04 GMT content-encoding gzip age 3843828 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 29 Oct 2021 20:21:07 GMT server nginx etag W/"08aceb94bd26b0e431ca437d628e3c13" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id a9V2sG0hWPWT.cLrpxmLmJQEJHJ3pTch via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Ywf6xBooubwpH10nYa0t8RP2U3H6xt7-4Hj8CRAC-Gs_vc3Kry-pLA==
GET H2	200	32.04864e7d.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	16 KB 6 KB	17ms 16ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 25 Oct 2021 09:53:21 GMT content-encoding gzip age 4423531 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 22 Oct 2021 17:06:58 GMT server nginx etag W/"3b6707d602c1f7d03c4c8b0bdecb8e4e" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id juigjv2.842khaDjrzqiMoucoadLCjYk via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id kgPVcTmQo8AwdIY2QySVoh0zP-kXIL9k8jcqL2Vp7lYOmfXMI5AePg==
GET H2	200	23.a53d721f.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	59 KB 19 KB	17ms 16ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 30 Nov 2021 01:41:23 GMT content-encoding gzip age 1342648 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 29 Nov 2021 22:20:10 GMT server nginx etag W/"fe96cb8c4c390342c29d3c8cb0a4ca14" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id Bes4ojoExyGtogevsaG2vPPgIGz3MINt via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id AxwwOhBWIv4qhIOPo6FxYtqvjszS__vsAinTdHf8kACuxAng3JSWjA==
GET H2	200	10.704ab67c.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	91 KB 28 KB	19ms 18ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 01 Oct 2021 20:47:44 GMT content-encoding gzip age 6457867 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 01 Oct 2021 18:06:47 GMT server nginx etag W/"50dcb170ca1ae1f4a09fe8f23065f2a8" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 8SLWCghXfnMEQiqJuVzEB4mWFfFgTeMA via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id gxCUKK_HPWXsWqAF7SpJywAMmyC-vN-rd1IQQDgtABOt7NFcJunJDw==
GET H2	200	9.cea5327f.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	24 KB 7 KB	20ms 19ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/9.cea5327f.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash fb372bf086a350fc14b803de31af04857aaf0b0e18bf7de76737715efa2ce57f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 30 Nov 2021 15:01:38 GMT content-encoding gzip age 1294634 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 29 Nov 2021 22:20:12 GMT server nginx etag W/"2db4f74e4d7ffda350b50dde6a07ed5e" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id XO6Gj_y9Dw4LqhxSapA287FNAF2AYGBn via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 1V3j8nh380P6_CMBf5NoPVg7agh5sAYnDi8AmSmxiKpWTPBxL4lahA==
GET H2	200	13.c2156fc2.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	62 KB 20 KB	23ms 22ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/13.c2156fc2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 25 Oct 2021 09:53:21 GMT content-encoding gzip age 4423531 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 22 Oct 2021 17:06:58 GMT server nginx etag W/"b94404e76324bd4454531b2e0a54f7bb" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id UBqTGR_Kpp2cPp4uQTy5DkPbiTlHyHAU via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 62VfOjDQ9xS7culIy6Wlx4e3MFTdKStkqcqK54MQFQ0CX76rfEdB8g==
GET H2	200	40.01f4f7b3.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	105 KB 34 KB	23ms 23ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 25 Oct 2021 09:53:21 GMT content-encoding gzip age 4423531 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 22 Oct 2021 17:06:59 GMT server nginx etag W/"7dd9b27f83583b6d43567ed4b21eff8c" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 2QdQNwJ4SDmpUoZVr7HrkjjZUMt.Wzuw via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id rkWQhsBaQc_E3LT706blATWyArMq7ri3_ublyHpwXpBQkh5rkYXZTw==
GET H2	200	33.c1910d43.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	12 KB 4 KB	25ms 25ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 06 Sep 2021 07:05:25 GMT content-encoding gzip age 8667207 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 03 Sep 2021 14:38:33 GMT server nginx etag W/"0e451f1cf9656229ccd33dfa3ad0638d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id x9xPxe0FOgEjzVEWwoqmEw_u_0f8UbkY via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id GEBwVp_aPvg6tUmyO2_a9ix83y6K0YnqpjpI0rlSoTs0Y9kjd0G00A==
GET H2	200	25.b7a0bf53.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	12 KB 5 KB	25ms 20ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/25.b7a0bf53.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 24 Nov 2021 03:18:04 GMT content-encoding gzip age 1855248 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 22 Nov 2021 19:33:19 GMT server nginx etag W/"808f7c7829001881a39cef6846a36ce0" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id Q2g0zIRf_FIeqHbwx92fc3AdT0lCB1K6 via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id G0D63BUZH8Sp9J24TacpAi2m5KZDotNPTGqgAmGrZoDdSY6yTII-IQ==
GET H2	200	16.fab21cf4.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	17 KB 7 KB	26ms 20ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 04 Nov 2021 16:58:47 GMT content-encoding gzip age 3534005 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Wed, 03 Nov 2021 13:47:23 GMT server nginx etag W/"b451093ecfaa012f364641010ed13346" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id wCl6QNbYqV3zaB4E280GBYT.UNDnPeJC via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id QlDw96TAWYz95dXyedjSBP7LAzQSm9nPlleFScIdQ8j6VJ8P96n6EA==
GET H2	200	7.30af169a.chunk.css js.driftt.com/core/assets/css/ Frame 9B72	11 KB 3 KB	25ms 19ms	Stylesheet text/css	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/7.30af169a.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 01 Nov 2021 18:28:20 GMT content-encoding gzip age 3787832 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 01 Nov 2021 17:24:54 GMT server nginx etag W/"bd798c00af88b7523deb5a8065993250" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id i5VGTHkGJ3W10pB8.FdBO9KWoGwOWrOx via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id ZiGkcXGFgvhB-1LYqGnr35z3RDzrVMWN6JaNMC73xybFmKdjCI6jzA==
GET H2	200	7.892db701.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	69 KB 22 KB	25ms 20ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/7.892db701.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash a85e6cc00b6521151a066190dfa2f0983135171fbc1845b0acfe09fddb245a68 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 06 Dec 2021 16:07:51 GMT content-encoding gzip age 772261 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 06 Dec 2021 15:09:53 GMT server nginx etag W/"59ff575cde5cbc57af07ef742efe8a77" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 6L5P_vHWmZADGUWpRUkNwqrHbIkXu6n5 via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 51Fd5Qg0Hjdr04nPUTkr7o90xDwEemrm-WPzTZ3pQzM2eSndt0_tsg==
GET H2	200	14.22abfce0.chunk.css js.driftt.com/core/assets/css/ Frame 9B72	24 B 665 B	26ms 21ms	Stylesheet text/css	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 06 Aug 2021 19:32:17 GMT via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) age 11300794 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 24 last-modified Fri, 06 Aug 2021 18:47:22 GMT server nginx etag "0c5dad92482d9a7c7c253510f5082465" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, OPTIONS x-amz-version-id TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id OA9Nk0oA8bbS6OSWi3JpzsoCVc13Xw_r-j3L6lkNudleaFaDLaIIiA==
GET H2	200	14.c25177a9.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	74 KB 19 KB	26ms 21ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/14.c25177a9.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash d3cf67b9a5c82810aad30bbe1e7213ebf0e45879501938a34acbd5a1b39b3773 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 09 Dec 2021 14:50:48 GMT content-encoding gzip age 517684 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Thu, 09 Dec 2021 14:08:21 GMT server nginx etag W/"18403c312bd271177d0f9589bf9f8e63" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id lOPAv9SDW_4LP.6rK6h_XISnbYxX1zW_ via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id fqMGpugFws88Bi7XH8LO-dFsZt-I_jCMWWsX4JUgh2hHac47S-zhvg==
GET H2	200	20.ead2182b.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	47 KB 13 KB	27ms 21ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/20.ead2182b.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash acadd76a335e98061ef67610e2cc701027232396e26b593a2af78a6f027cef75 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 06 Dec 2021 16:07:51 GMT content-encoding gzip age 772261 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 06 Dec 2021 15:09:51 GMT server nginx etag W/"61892b29d94d646e4fe4c955206e953e" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id R.TDOsQ8XUx2f30jYVAP1aJfV9HUfplp via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id VDw59V1-wuxN82LgGCIclyMKg2Mt-8byDs-T_3MBDIgH4TVcPVWI1A==
GET H2	200	12.5fc8721e.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	41 KB 13 KB	29ms 23ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/12.5fc8721e.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash d38c2d64e57da1a0cb467ef0cd7d85d2e841799ab839a579231300101ffa3840 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:21:25 GMT content-encoding gzip age 87447 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 13 Dec 2021 22:15:52 GMT server nginx etag W/"77b6063aad824ddaa4af9a2de2afca3d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id YYKVfxhFGccZ5ywGIrKDAtKa86md0_CT via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 0orCMZYVwGoQiU1792gu3j5rpeIlCCFmunXT6CMl7foPVtA56mf-7Q==
GET H2	200	42.3b1c2441.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	47 KB 14 KB	22ms 10ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 01 Nov 2021 02:54:58 GMT content-encoding gzip age 3843834 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 29 Oct 2021 20:21:08 GMT server nginx etag W/"62fe06940598a98760a9eae46800ff59" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id ZvrGZ__CENehO4yWRJghqJAjDXfkpDfG via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id GGyTPGBM1ynWV6rUGRItCgxJB9sKcdDelc-9Q4NT8GjUSCyvUGfn5A==
GET H2	200	17.cce21c2a.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	44 KB 13 KB	22ms 11ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/17.cce21c2a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 01 Nov 2021 02:54:58 GMT content-encoding gzip age 3843834 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 29 Oct 2021 20:21:07 GMT server nginx etag W/"565bf690dc82ce7e1f45c9647d892490" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id V1tQBeNhHuSP3Kq4PFVzDyqDvIlj_GeG via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 76mJVR2mJYjty-6yAmXTbQLau2qLhtxTdgpjg6n6gxoMRifdwt0wVg==
GET H2	200	35.3e4eba7e.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	25 KB 8 KB	23ms 11ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 06 Nov 2021 02:57:28 GMT content-encoding gzip age 3411684 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 05 Nov 2021 15:09:54 GMT server nginx etag W/"b1a0f364c9ad5137b5ab8e5237a825b8" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id rVOZxkkH0Vnn22xeEPRRFzkcE.ar0yRa via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id _sXarsEitCIjY5KtnT5fBoa6PmUHbjY74ckhu3BWHfrLSz05jkHyDQ==
GET H2	200	15.8065fdbf.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	16 KB 5 KB	23ms 12ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 06 Sep 2021 06:18:05 GMT content-encoding gzip age 8670047 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 03 Sep 2021 14:38:32 GMT server nginx etag W/"db60664de2c8d54d23e359c94e68f6ce" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id vLMtFICr__AmVbpyC1134yZVvjJr6q0Q via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id IpR-QVdDkPeLTdsLwuEUqmHHcisXCMIqAXQ1WN3GnSsJgXYPgUIqag==
GET H2	200	19.5937a5b2.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	72 KB 22 KB	24ms 13ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/19.5937a5b2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 01 Nov 2021 02:55:04 GMT content-encoding gzip age 3843828 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 29 Oct 2021 20:21:07 GMT server nginx etag W/"08aceb94bd26b0e431ca437d628e3c13" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id a9V2sG0hWPWT.cLrpxmLmJQEJHJ3pTch via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id rUCquhoFUGBxKcy9yRwbxOPkZ-DUDoggdMK4QM41sZic_5EboXsGTg==
GET H2	200	32.04864e7d.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	16 KB 6 KB	25ms 14ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 25 Oct 2021 09:53:21 GMT content-encoding gzip age 4423531 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 22 Oct 2021 17:06:58 GMT server nginx etag W/"3b6707d602c1f7d03c4c8b0bdecb8e4e" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id juigjv2.842khaDjrzqiMoucoadLCjYk via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id fe6-Pac-s5nYLh2ZZHdvXseJ6Cim1Xl-5qHZbgoWD2BGXQBWRSnUEg==
GET H2	200	23.a53d721f.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	59 KB 19 KB	25ms 14ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 30 Nov 2021 01:41:23 GMT content-encoding gzip age 1342648 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 29 Nov 2021 22:20:10 GMT server nginx etag W/"fe96cb8c4c390342c29d3c8cb0a4ca14" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id Bes4ojoExyGtogevsaG2vPPgIGz3MINt via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id k-ct7-WYEX-RX0aTXS0s4A6sIKy7dMshI-VYU-UrvXPhf-Yr_Z_j9A==
GET H2	200	10.704ab67c.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	91 KB 28 KB	26ms 15ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 01 Oct 2021 20:47:44 GMT content-encoding gzip age 6457867 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 01 Oct 2021 18:06:47 GMT server nginx etag W/"50dcb170ca1ae1f4a09fe8f23065f2a8" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 8SLWCghXfnMEQiqJuVzEB4mWFfFgTeMA via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id bYxBnu4YEGpJG3phiA-9YEwTwmHvf6CFPmUy7nNd8o1CQM0GPEWzYg==
GET H2	200	9.cea5327f.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	24 KB 7 KB	27ms 16ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/9.cea5327f.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash fb372bf086a350fc14b803de31af04857aaf0b0e18bf7de76737715efa2ce57f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 30 Nov 2021 15:01:38 GMT content-encoding gzip age 1294634 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 29 Nov 2021 22:20:12 GMT server nginx etag W/"2db4f74e4d7ffda350b50dde6a07ed5e" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id XO6Gj_y9Dw4LqhxSapA287FNAF2AYGBn via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 2iUeVZkneeShwqBCF3hXoVHYdbsc_CRN78Rr1wryY_VLrKQ8tPdjsQ==
GET H2	200	13.c2156fc2.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	62 KB 20 KB	27ms 16ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/13.c2156fc2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 25 Oct 2021 09:53:21 GMT content-encoding gzip age 4423531 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 22 Oct 2021 17:06:58 GMT server nginx etag W/"b94404e76324bd4454531b2e0a54f7bb" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id UBqTGR_Kpp2cPp4uQTy5DkPbiTlHyHAU via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id YBQOXHFAvLltIrpOs8SfUCNos0es9W01eLK-ZlXQyYIpA4L-avcWRw==
GET H2	200	40.01f4f7b3.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	105 KB 34 KB	28ms 17ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 25 Oct 2021 09:53:21 GMT content-encoding gzip age 4423531 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 22 Oct 2021 17:06:59 GMT server nginx etag W/"7dd9b27f83583b6d43567ed4b21eff8c" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 2QdQNwJ4SDmpUoZVr7HrkjjZUMt.Wzuw via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id ZkrYF9GnyzX26Kxed4qtZna2hTd6kl0xmlI9YmQK7GrbyQv2A9-MeQ==
GET H2	200	33.c1910d43.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	12 KB 4 KB	28ms 18ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 06 Sep 2021 07:05:25 GMT content-encoding gzip age 8667207 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 03 Sep 2021 14:38:33 GMT server nginx etag W/"0e451f1cf9656229ccd33dfa3ad0638d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id x9xPxe0FOgEjzVEWwoqmEw_u_0f8UbkY via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id qM9SYf2rtBBp3JqyfkTZsRVyAVkkrRYfhDmke_fri7hEfixDCVf20g==
GET H2	200	25.b7a0bf53.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	12 KB 5 KB	29ms 18ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/25.b7a0bf53.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 24 Nov 2021 03:18:04 GMT content-encoding gzip age 1855248 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 22 Nov 2021 19:33:19 GMT server nginx etag W/"808f7c7829001881a39cef6846a36ce0" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id Q2g0zIRf_FIeqHbwx92fc3AdT0lCB1K6 via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id ermhkhzF_BTl86UjAfFLI9NyHJc_uw048awcf_793a_EncZ_nxJnpg==
GET H2	200	16.fab21cf4.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	17 KB 7 KB	29ms 19ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 04 Nov 2021 16:58:47 GMT content-encoding gzip age 3534005 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Wed, 03 Nov 2021 13:47:23 GMT server nginx etag W/"b451093ecfaa012f364641010ed13346" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id wCl6QNbYqV3zaB4E280GBYT.UNDnPeJC via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 6vXhlGQOnzbS1G7dKX73QAZ9P9MnLqQkXCGE1uXmohAHcSAmxo9gYA==
GET H2	200	7.30af169a.chunk.css js.driftt.com/core/assets/css/ Frame 0B34	11 KB 3 KB	20ms 10ms	Stylesheet text/css	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/7.30af169a.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 01 Nov 2021 18:28:20 GMT content-encoding gzip age 3787832 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 01 Nov 2021 17:24:54 GMT server nginx etag W/"bd798c00af88b7523deb5a8065993250" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id i5VGTHkGJ3W10pB8.FdBO9KWoGwOWrOx via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id F1byBtTMRmTD42SLJfN_K2ev2lkzLZDPah2f95DMDnU6hojLHLdYoQ==
GET H2	200	7.892db701.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	69 KB 22 KB	29ms 19ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/7.892db701.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash a85e6cc00b6521151a066190dfa2f0983135171fbc1845b0acfe09fddb245a68 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 06 Dec 2021 16:07:51 GMT content-encoding gzip age 772261 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 06 Dec 2021 15:09:53 GMT server nginx etag W/"59ff575cde5cbc57af07ef742efe8a77" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 6L5P_vHWmZADGUWpRUkNwqrHbIkXu6n5 via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id XsdK9r7f4__u1ItMnGSVknCIWWqaT_8FfH2sDG-IaujpOXU6vBb6Lw==
GET H2	200	14.22abfce0.chunk.css js.driftt.com/core/assets/css/ Frame 0B34	24 B 667 B	28ms 20ms	Stylesheet text/css	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 06 Aug 2021 19:32:17 GMT via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) age 11300794 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 24 last-modified Fri, 06 Aug 2021 18:47:22 GMT server nginx etag "0c5dad92482d9a7c7c253510f5082465" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, OPTIONS x-amz-version-id TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id o0OqSIl3DCIQG9FYvYLvsJW15-b1jjkDbHPPySQe5bpcCj7CqEA9Iw==
GET H2	200	14.c25177a9.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	74 KB 19 KB	28ms 20ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/14.c25177a9.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash d3cf67b9a5c82810aad30bbe1e7213ebf0e45879501938a34acbd5a1b39b3773 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 09 Dec 2021 14:50:48 GMT content-encoding gzip age 517684 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Thu, 09 Dec 2021 14:08:21 GMT server nginx etag W/"18403c312bd271177d0f9589bf9f8e63" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id lOPAv9SDW_4LP.6rK6h_XISnbYxX1zW_ via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 0BiTwXVBtMfa0k48N9qBMKVdha70dcFyJZbmhHIGMIOTuxN17Txlmg==
GET H2	200	20.ead2182b.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	47 KB 13 KB	30ms 22ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/20.ead2182b.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash acadd76a335e98061ef67610e2cc701027232396e26b593a2af78a6f027cef75 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 06 Dec 2021 16:07:51 GMT content-encoding gzip age 772261 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 06 Dec 2021 15:09:51 GMT server nginx etag W/"61892b29d94d646e4fe4c955206e953e" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id R.TDOsQ8XUx2f30jYVAP1aJfV9HUfplp via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id XMroNiyGpG2zc9V8EZOwwTCgCDHsINdTPQK_XP5RxLrYeMVFEFVbww==
GET H2	200	12.5fc8721e.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	41 KB 13 KB	32ms 24ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/12.5fc8721e.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash d38c2d64e57da1a0cb467ef0cd7d85d2e841799ab839a579231300101ffa3840 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:21:25 GMT content-encoding gzip age 87447 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 13 Dec 2021 22:15:52 GMT server nginx etag W/"77b6063aad824ddaa4af9a2de2afca3d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id YYKVfxhFGccZ5ywGIrKDAtKa86md0_CT via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id NIGTgMg9VS80OChoRwvEUNT5LhT6xCZZ7Ru15fuVtnQ4m4XRGok6mQ==
GET H2	200	30.11d2b6a7.chunk.css js.driftt.com/core/assets/css/ Frame 9B72	3 KB 1 KB	13ms 12ms	Stylesheet text/css	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/30.11d2b6a7.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 01 Nov 2021 18:28:20 GMT content-encoding gzip age 3787832 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 01 Nov 2021 17:24:54 GMT server nginx etag W/"87532c4db85f1429fa6d759bc3332f36" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id GBOBYZXPfE_Um1Sf_mqL4fDHmw8hrH5J via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Vod224C_XWTlW9MiujO4f2c_cfGxpeE4XNwLB96qU3UC4InWKoFfWA==
GET H2	200	30.0383f092.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	3 KB 2 KB	13ms 13ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/30.0383f092.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash a5e4d82414a2ca26ea7d94c8586c3c32363073ecb1214c884d302439f420913c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 06 Dec 2021 16:07:51 GMT content-encoding gzip age 772261 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 06 Dec 2021 15:09:52 GMT server nginx etag W/"62187322b72b1fa76d14e19526c132b8" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id z3aE86SV2XLkllCr6fKLzNFXHsnbcDpg via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id TgWgaGTq34Ek-uqNHxkPRN_vk063gQtrFXnK6IEk9K-aHi__mXqwfA==
GET H2	200	22.e10510b6.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	42 KB 12 KB	13ms 12ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/22.e10510b6.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash b0257060098cdc51166f35b62e7dd8f0c5f8d6cfa319901c0c51a629537e02fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 05 Dec 2021 03:00:11 GMT content-encoding gzip age 905921 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Thu, 02 Dec 2021 19:39:10 GMT server nginx etag W/"a99459752bee496e4af7c45277fd9c26" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id .p1WPnsH8XGSlb.mHBXCMu26rOKTD1WF via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id nSdaQjHIvbkncI0E3-9Gwgdr1H31JLm2p4hk9hd9jYgOYnQUII6LuA==
GET H2	200	24.49c6961c.chunk.css js.driftt.com/core/assets/css/ Frame 0B34	8 KB 2 KB	13ms 13ms	Stylesheet text/css	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/24.49c6961c.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 18 Oct 2021 07:58:46 GMT content-encoding gzip age 5035206 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 15 Oct 2021 18:19:47 GMT server nginx etag W/"f80cd64e339375567091159cb077b941" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id t3wd1L70.jr_F45fRiZ9jDIt4M2lflSx via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 9c99wZcpjMyfEjZ7xQQuxkzDodwG7Kk0voDMPwqtjRmUXQdGhrqnqQ==
GET H2	200	24.abe2922c.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	12 KB 5 KB	14ms 13ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/24.abe2922c.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 4d85222516f652c200ef03b89b4b755c6a54210c75ca599fb53e0a05d677e197 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 06 Dec 2021 16:07:51 GMT content-encoding gzip age 772261 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 06 Dec 2021 15:09:52 GMT server nginx etag W/"04cf8ee37950ab9133d56182ac42f2d5" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id AKRAE85zxgA0Hp9dPNB1SHfTVkCdBA_K via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id WIB8JjiQdG99M7YUdQc-VYVra9fATK5pnScUV_bygs-YEvDeeclfSQ==
GET H2	200	18.c695453b.chunk.css js.driftt.com/core/assets/css/ Frame 0B34	365 B 1007 B	14ms 14ms	Stylesheet text/css	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/18.c695453b.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Sep 2021 18:05:58 GMT via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) age 6813174 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 365 last-modified Mon, 27 Sep 2021 17:53:27 GMT server nginx etag "06b2963b029c0824382815165bfea73e" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 2nl84_Ynkb7J4eflOi4MBL9RG1iL8udX access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id puBYK4MWroUa0MHDkLqqpsGVGhjAITPH2x0zrPTvFXfu8GAD33w2dg==
GET H2	200	18.d26db4f6.chunk.js Show response js.driftt.com/core/assets/js/ Frame 0B34	84 KB 24 KB	15ms 15ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/18.d26db4f6.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 9d7afdf8d1c1a87187c0ac284ec079f86acdbc289484bc8d4066dd4035b51d8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core?embedId=cfbrvkdfziti&region=US&forceShow=false&skipCampaigns=false&sessionId=0228b1c7-a756-4970-bf2f-92f6c7809f09&sessionStarted=1639579132.014&campaignRefreshToken=242bfadf-736f-45e9-853f-48810df5bb6a&hideController=false&pageLoadStartTime=1639579130958&mode=CHAT&driftEnableLog=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 06 Dec 2021 16:07:51 GMT content-encoding gzip age 772261 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 06 Dec 2021 15:09:51 GMT server nginx etag W/"676cfbeadf3745138265730781f5f098" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id QXlXpncoHQvFxp5turnNkFrpF0Tp7Na2 via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id iovfKFDZywTIYK3JaWR8wPIJz7TemvznaYFUo4rf75hBmSY-GTiQTA==
GET H2	200	1.07aa08a5.chunk.css js.driftt.com/core/assets/css/ Frame 9B72	7 KB 2 KB	12ms 12ms	Stylesheet text/css	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 01 Nov 2021 02:55:04 GMT content-encoding gzip age 3843828 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 29 Oct 2021 20:21:04 GMT server nginx etag W/"189aeffd571884559dababa22c66d75a" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id K9l0WdnhS0.sb1iJQdTJni3xfVGcn633 via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id _z7QatG1nM9tl_Ax3k35ef60XYnpN2Kx3mjiQVWnkuI_Z0KzNwedWQ==
GET H2	200	1.187c50a5.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	54 KB 16 KB	13ms 13ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/1.187c50a5.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 25 Oct 2021 09:53:22 GMT content-encoding gzip age 4423530 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 22 Oct 2021 17:06:57 GMT server nginx etag W/"eeccccb655ee3b6bcb8b1a9b1da4fd30" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id T4NYA9GFrw0AOH7iks5Owut4YT_Q7yUg via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id jNVnKkdzvyvl1XrSXd2DzkuywLQRivTIPRX5C9srzIY53icImjGSCg==
GET H2	200	0.ee2abab8.chunk.css js.driftt.com/core/assets/css/ Frame 9B72	44 KB 7 KB	14ms 13ms	Stylesheet text/css	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/0.ee2abab8.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 5dbbdc87055e3735446865635b4678301f3e2a1a8796c5c8f9e6708aee679592 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:21:26 GMT content-encoding gzip age 87446 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 13 Dec 2021 22:15:51 GMT server nginx etag W/"c00b54e499f71a56923e5c2db3c1ebfc" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id 68ABimk3FXgiFdH1qEDL3xdLWSNdRuPT via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 1SRX8iLAH_02sZrqxhZ1haj6Xd5djgSUSyZagrxQdWc1JH6oSeqang==
GET H2	200	0.0d5304f8.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	70 KB 24 KB	14ms 14ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/0.0d5304f8.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash 7072e71c4451255d76dd060fa22d2372b336662caa03dad732c3e8c495e3722b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:21:26 GMT content-encoding gzip age 87446 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 13 Dec 2021 22:15:52 GMT server nginx etag W/"2d1fa187641adb5aa5b2cb4ccf569a19" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id gDqGMN2zeYnveagEipdU6C7OXCRNYw0e via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 90hNI6Hhgb-lKN_9IgJkJ-J6cmAsPjpkrqajd6VrHWx_y3GV078RyQ==
GET H2	200	29.a4eacd1c.chunk.css js.driftt.com/core/assets/css/ Frame 9B72	11 KB 2 KB	15ms 15ms	Stylesheet text/css	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/29.a4eacd1c.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash e2fc570495ce9f73780336d692d1caf5d299d81a0208243f97dacb7f345cdf15 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 17 Nov 2021 20:12:40 GMT content-encoding gzip age 2399172 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Wed, 17 Nov 2021 19:25:04 GMT server nginx etag W/"5fcabdf983fd5bbf7cb199063137d146" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id k82F8FaNpkIB_WK109g86MbRHlA8U_6q via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type text/css access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id oEL1yOCbm5mPZfE3WZyrW4xgoKDw3xGIUTePsV-A5sXS5JrhWeMsNQ==
GET H2	200	29.dc469063.chunk.js Show response js.driftt.com/core/assets/js/ Frame 9B72	11 KB 5 KB	16ms 16ms	Script application/javascript	13.224.96.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/29.dc469063.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-71.zrh50.r.cloudfront.net Software nginx / Resource Hash b3e92729562bf7aa805f612b4f909f640cdcfe2ccdc9ee6cf78f710491208e78 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639579130958 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 06 Dec 2021 16:07:51 GMT content-encoding gzip age 772261 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 06 Dec 2021 15:09:52 GMT server nginx etag W/"72171f9c0b9a4cd90bdf2440c1e572de" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id tOIlB4_T5WHhtdhh95vBpNvdrmWg4TVO via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront) cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop ZRH50-C1 content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id QIpoMMdgZl-nkTRAA7KS2HKkHUN7SgVclCmUzolViQVxOPijkwV14w==
POST H2	200	v2 Show response metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0B34	25 B 123 B	117ms 116ms	XHR application/json	34.193.113.164 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/widget/init/v2 Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-113-164.compute-1.amazonaws.com Software istio-envoy / Resource Hash f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ Authorization Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type application/json Response headers date Wed, 15 Dec 2021 14:38:52 GMT server istio-envoy requestid b3f0745fdfe1959a vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-max-age 1209600 access-control-allow-credentials true x-envoy-upstream-service-time 17 strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 25 access-control-expose-headers X-Results-Total-Count,X-Page-Info
OPTIONS H2	200	v2 metrics.api.drift.com/monitoring/metrics/widget/init/ Frame	0 0	322ms 103ms	Preflight text/plain	34.193.113.164 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/widget/init/v2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-113-164.compute-1.amazonaws.com Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers authorization,content-type Origin https://js.driftt.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 15 Dec 2021 14:38:52 GMT access-control-allow-origin * access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version access-control-allow-credentials true access-control-expose-headers X-Results-Total-Count,X-Page-Info access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH access-control-max-age 1209600 strict-transport-security max-age=31536000; includeSubDomains content-type text/plain allow POST,OPTIONS requestid drift0a9a0444c7a92fb2f7e5abad4d7 content-length 13 x-envoy-upstream-service-time 0 server istio-envoy
POST H2	200	ping Show response bootstrap.api.drift.com/widget_bootstrap/ Frame 0B34	126 B 222 B	106ms 106ms	XHR application/json	54.147.21.139 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bootstrap.api.drift.com/widget_bootstrap/ping Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-147-21-139.compute-1.amazonaws.com Software istio-envoy / Resource Hash b181b2225437cf745993521bc0c07a0b2f964d12562955980e32e5a3d5737dfa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type application/json Response headers date Wed, 15 Dec 2021 14:38:52 GMT server istio-envoy requestid cc90f5c94cb33ca0 vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-max-age 1209600 access-control-allow-credentials true x-envoy-upstream-service-time 3 strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 126 access-control-expose-headers X-Results-Total-Count,X-Page-Info
OPTIONS H2	200	ping bootstrap.api.drift.com/widget_bootstrap/ Frame	0 0	318ms 105ms	Preflight text/plain	54.147.21.139 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bootstrap.api.drift.com/widget_bootstrap/ping Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-147-21-139.compute-1.amazonaws.com Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://js.driftt.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 15 Dec 2021 14:38:52 GMT access-control-allow-origin * access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version access-control-allow-credentials true access-control-expose-headers X-Results-Total-Count,X-Page-Info access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH access-control-max-age 1209600 strict-transport-security max-age=31536000; includeSubDomains content-type text/plain allow POST,OPTIONS requestid driftd5a95c04c54a74b5ed891c0a838 content-length 13 x-envoy-upstream-service-time 1 server istio-envoy
GET H2	200	integrations Show response rs.fullstory.com/rec/	2 KB 2 KB	125ms 125ms	Script text/javascript	35.186.194.58 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rs.fullstory.com/rec/integrations?OrgId=W535D Requested by Host: edge.fullstory.com URL: https://edge.fullstory.com/s/fs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 58.194.186.35.bc.googleusercontent.com Software / Resource Hash bee22a7422bef01aa903a12e4ab1a1ff046eb71538ca29206627ddef51fee536 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:52 GMT via 1.1 google alt-svc clear content-type text/javascript; charset=utf-8
POST H2	200	bundle Show response rs.fullstory.com/rec/	29 B 91 B	299ms 280ms	XHR application/json	35.186.194.58 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rs.fullstory.com/rec/bundle?OrgId=W535D&UserId=6328944863895552&SessionId=6532498832646144&PageId=5789861439758336&Seq=1&PageStart=1639579132347&PrevBundleTime=0&LastActivity=554&IsNewSession=true Requested by Host: edge.fullstory.com URL: https://edge.fullstory.com/s/fs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 58.194.186.35.bc.googleusercontent.com Software / Resource Hash 3c6388178a8a417acdb0a0fb7c805212abb42a7839e294de5d2e8b253048dae0 Request headers Referer https://pages.egress.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://pages.egress.com date Wed, 15 Dec 2021 14:38:53 GMT via 1.1 google access-control-allow-credentials true alt-svc clear content-length 29 content-type application/json; charset=utf-8
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 7ms	Image image/gif	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=522559938&t=event&ni=1&_s=2&dl=https%3A%2F%2Fpages.egress.com%2FWhitepaper-Phishing-As-A-Service-12-21_Landing-PAGE.html%3Futm_campaign%3Dq4phishing%26utm_medium%3Demail%26utm_source%3Dmarketo%26utm_term%3D%26utm_content%3DWhitepaper-Phishing-As-A-Service-12-21.Phaas-WP-a%2Fbtest%26mkt_tok%3DMzQ0LVhURC02ODQAAAGBXQ_QmrGnCTHKQAcgRhe4aPl6WvfWJy3x-77wKdGUfeEATgggaWaCsthEU_3ZqOYUBSiTl8tAwyToy9rBYR6wTgsxL7mkphladJWhJevWe1o&dr=https%3A%2F%2Finfo.egress.com%2F&ul=en-us&de=UTF-8&dt=Phishing-as-a-service%3A%20How%20cybercrime%20went%20commercial&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=FullStory&_u=aHDAAEABAAAAAC~&jid=&gjid=&cid=858430635.1639579132&tid=UA-3866904-1&_gid=1290006218.1639579132&gtm=2wgc105Z9HSMP&cd15=https%3A%2F%2Fapp.fullstory.com%2Fui%2FW535D%2Fsession%2F6328944863895552%253A6532498832646144&z=1762256248 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pages.egress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Wed, 15 Dec 2021 10:59:56 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 13136 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	cfbrvkdfziti.json Show response embeds.driftcdn.com/embeds/ Frame 0B34	23 KB 7 KB	72ms 29ms	XHR application/json	13.224.96.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://embeds.driftcdn.com/embeds/cfbrvkdfziti.json Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-46.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 8f5c099535eba6b1ef1d622c9165f42a856195e5348c1925dda017100b7a8823 Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 14:38:53 GMT content-encoding gzip x-amz-cf-pop ZRH50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-origin * last-modified Wed, 15 Dec 2021 14:22:44 GMT server AmazonS3 etag W/"66b2e69a6b60287ec160df59ef5ef160" vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/json; charset=UTF-8 via 1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront) cache-control public, max-age=30 x-amz-cf-id 8nC9OcObEVHQXKIiZZu7l5H01jKZcIr52pm8c7bX9SmrSzgI3ZshTw==
POST H2	200	bulk Show response metrics.api.drift.com/monitoring/metrics/event2/ Frame 0B34	25 B 89 B	112ms 112ms	XHR application/json	34.193.113.164 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/event2/bulk Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-113-164.compute-1.amazonaws.com Software istio-envoy / Resource Hash f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ Authorization Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type application/json Response headers date Wed, 15 Dec 2021 14:38:54 GMT server istio-envoy requestid 6ae1f1f4dc84ebd7 vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-max-age 1209600 access-control-allow-credentials true x-envoy-upstream-service-time 13 strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 25 access-control-expose-headers X-Results-Total-Count,X-Page-Info
OPTIONS H2	200	bulk metrics.api.drift.com/monitoring/metrics/event2/ Frame	0 0	100ms 99ms	Preflight text/plain	34.193.113.164 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/event2/bulk Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-113-164.compute-1.amazonaws.com Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers authorization,content-type Origin https://js.driftt.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 15 Dec 2021 14:38:54 GMT access-control-allow-origin * access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version access-control-allow-credentials true access-control-expose-headers X-Results-Total-Count,X-Page-Info access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH access-control-max-age 1209600 strict-transport-security max-age=31536000; includeSubDomains content-type text/plain allow POST,OPTIONS requestid drift4d533484178a37e728efe112f07 content-length 13 x-envoy-upstream-service-time 1 server istio-envoy